Many pundits believe that even though industrial control systems have been running critical infrastructure and manufacturing since the 1950s, only in the last few years have they undergone a “coming of age” when it comes to security. This is primarily due to a confluence of events that have propelled OT threats to the C-Suite risk agenda. Namely, the adoption of IIoT, the convergence of IT and OT environments, and the increased targeting of these mission critical systems by rogue parties that are both known and unknown entities. What used to be isolated, air gapped “set and forget” OT networks have become ground zero for potentially debilitating cyber attacks.
It is not all doom and gloom, however. Progressive industrial organizations are well down the path of ensuring the full visibility, security and control of their environments. If fact, many organizations that must meet a minimum-security compliance level such as NERC, NIST and NIS have gone way beyond these basic directives. The markets have reacted quickly to this new threat vector and attack surface. And while OT environments are certainly not 100% secure, we are moving in the right direction.
As 2018 winds down, the obvious question is what can we expect next year? Based on our daily interactions with professionals working to secure their industrial control systems, we have pulled together the following predictions about the 2019 Industrial Security landscape.