As information technology (IT) and operational technology (OT) converge for energy and utilities organizations, threat actors are exploiting the new connections formed by internet-facing industrial control (ICS) and supervisory control and data acquisition (SCADA) systems that often lack robust security controls.
On today’s SecurityIntelligence podcast, host Lauren Jensen, worldwide industry marketing lead at IBM Security, sits down with Kate Scarcella, executive security architect at IBM, to discuss emerging trends and critical next steps to defend energy environments.
Top Three Security Trends in the Energy Sector
Scarcella has spent two decades with IBM handling concerns related to energy and utilities. In the podcast, she identifies three major security trends affecting the industry:
- Single-pane-of-glass security solutions: Reduced complexity and enhanced usability are critical for improved security.
- Stopping advanced persistent threats (APTs): Scarcella points to solutions like IBM QRadar Advisor. In its first energy and utilities application, the tool not only found existing Stuxnet malware but did so in minutes instead of hours.
- Handling insider threats: Organizations must effectively manage privilege escalation to handle emerging insider threats.
Reduce Complexity in the SOC
According to Scarcella, the consolidation of IT and OT is driving a similar consolidation of security operations centers (SOCs). Instead of having two, three or more SOCs, companies are looking for ways to change their approach to reduce total complexity. With 75 to 85 percent of OT environments based on Windows, Scarcella recommends avoiding extra tools and agents. Endpoint security solutions can help gather critical data and improve protection with out-of-the-box integration.
Security Doesn’t Have to Be Complicated
Cybersecurity is often positioned as scary and complicated. If energy and utilities agencies don’t constantly add new tools and defensive layers, they put themselves at risk.
But Scarcella argues for a different vision: Instead of staying in defensive mode, organizations should simplify security management, consolidate their SOCs and leverage advanced threat-hunting tools to go on the offensive — and get ahead of the bad guys.
If you enjoyed listening, please consider rating the podcast or leaving your feedback on iTunes or wherever you listen.