Experts

  • Position : Senior product marketing manager at the Department of critical infrastructure protection
  • Affiliation : Kaspersky Lab
complete list

Related articles

In this issue of Russia Confidential, we continue our review of highlights of the 4th Moscow Conference on International Security attended by leading security experts, military specialists, and decision-makers from 86 countries.
The focus of this issue is on information security - which was for the f...

Operators of critical infrastructure (CI) all over the world are facing increasing cyber risks. The danger is coming not from accidental software and hardware failures or human factor as it used to be. The threat focus is shifting towards purposeful cyber-attacks on CI, conducted by skillful actors ...

The Security Index Journal: Matvey Voytov on cybersecurity of critical infrastructure

22.07.2016

MOSCOW, JULY 22, 2016. PIR PRESS — "An important feature of ensuring industrial cybersecurity is that every such project is unique — just like every type of industrial infrastructure, which means one cannot simply install certain standardized product in order to protect it", — Matvey Voytov, Senior product marketing manager at the Department of critical infrastructure protection of the Kaspersky Lab.

Incorporating ICT into everyday life of states and societies is significantly benefiting them by improving productivity and contributing to economic growth in general. However, the diversity of possible actions in cyberspace combined with its high accessibility creates lots of opportunities for people whose intentions are not good at all.

Critical infrastructure protection experts note that there has been a sharp rise of a number of cyberattacks on industrial enterprises and other critical infrastructures, as well as of their complexity. A success of such an attack, depending on the goals of the perpetrators can inflict considerable material harm on the state or even result in negative consequences for the population and the environment.

Attackers can intervene into a process control system, even if a critical infrastructure is not connected to the Internet. Such illegal actions can be a part of a full-scale cyberwar, in which both state and non-state actors can be engaged.

Senior product marketing manager at the Department of critical infrastructure protection of the Kaspersky Lab Matvey Voytov comments on what infrastructure facilities are usually referred to as critical and who decides on which ones should be considered as such, what principles process control in critical infrastructures is based on, what kinds of vulnerabilities they face, and why the development and installation of industrial-grade protection systems is so challenging to cybersecurity professionals. The expert notes that "optimal security configurations and toolkits are identified after a full complex of diagnostics of the facility’s current security system and the selected measures are implemented only during the designated process window, in order not to affect the coherence of the system’s operation process".

According to the author, "An important feature of ensuring industrial cybersecurity is that every such project is unique — just like every type of industrial infrastructure, which means one cannot simply install certain standardized product in order to protect it". The article notes that most frequently attacked facilities are those of the fuel and energy industry.

The article is published in the latest issue of the Security Index Journal №1 (116) 2016. The full text in Russian is available at the website of the PIR Center.

For all questions related to the “Security Index” journal, Editor-in-Chief Olga Mostinskaya is available at +7 (495) 987 19 15 or via email at mostinskaya at pircenter.org.

Comments

 
 
loading