RSA Conference in Review – “Securing What Matters”
Coming off of San Francisco’s RSA Conference, the best way to describe the event is “sensory overload.” An estimated 45,000 technology and cybersecurity professionals descended upon Moscone Center – but the crowds overflowed into local bars, restaurants and hotels across South Market, Mission District, Nob Hill and the Financial District. From IT giants to start-ups, it was an event to see and be seen.
Under the theme “Securing What Matters,” nothing is more important than protecting our critical infrastructure. While there was heavy emphasis on the IT space, there was definitely a subtle tone of “how do I protect my OT space?” RSA is taking initial steps to address the Industrial Control System space, including its ICS Village, but it’s not quite there yet. Solutions presented throughout the exhibit halls focused on IT technology, often were single-use products that do not address the complexity of the challenge and did not necessarily give the necessary insights to take action against cyber threats.
More needs to be done in the ICS space. More can be done in the ICS space. More will be done in the ICS space.
2018 is a defining year for industrial security, given the number and potency of attacks targeting the industrial environment, the increased awareness and worry on how to secure this highly complex environment and the lack of understanding and direction on how to get started. RSA is headed in the right direction, and I expect to so see more and more CISOs from the industrial space participating in RSA in the future.
Optimism across the conference was evident. Collectively, we can win the cyberwar, but this will take a partnership approach including private companies, government, academic and research communities. Siemens has taken a first step in addressing this with our Charter of Trust global cybersecurity initiative. We’re also partnering with industry leaders, including the “rock star” of RSA, Tenable, Inc., to develop best in breed technologies into a single solution set that can be delivered as a service, built for purpose for OT. At the core of this is monitoring to give customers true visibility and deep context – at all layers of tech stack, from field to the control room to the enterprise network.
The OT space is uniquely different from IT. A turbine or the behavior of a grid can serve as an indicator of compromise. This is what happened in the Ukraine, when an operator did not know he was experiencing a cyberattack. The end result was the loss of electricity of hundreds of homes for two weeks during the dead of winter. Visibility is critical when it comes to industrial environments – understanding what assets you have, how vulnerable they are, what’s anomalous about them, what importance they play in the production process and how to proportionally respond to threats.
Cybersecurity is not a single moment in time, and as we now prep for RSA 2019, I hope we can take to heart the message of the conference and come together to continue building an innovation engine to address the growing and increasingly sophisticated industrial cyber risk.
This article was written by Leo Simonovich. He is responsible for setting the strategic direction for Siemens’ industrial cyber security business worldwide. He identifies emerging market trends, works with customers and Siemens businesses to provide best-in-class cyber offers, and contributes to the company’s thought leadership on the topic.