The Large Industrial World

There is very large critical infrastructure that is controlled by Industrial control systems (ICS) and this world has never been more vulnerable to attack.  The security solutions that can solve these massive issues are being developed by small startup companies such as Bear,  Yet the owners of this infrastructure, for very good reasons, will only work with reliable, well-established vendors.

This disconnect between solutions and vendors is probably the largest security vulnerability in our nation.

More importantly for these large vendors, this chasm represents a massive lost business opportunity.

Security as a Service

While it might sound easy enough for a large vendor to either snap up a shiny new security startup or starting utilizing a new security option, the reality is far different.  First, every startup will somehow claim that their solution is the best thing since sliced bread and there are a LOT of us out there.  Before a vendor can even consider using any new solution, that solution has to be thoroughly vetted and that takes time and money.  Vendors cannot simply test every possible vendor to see if they are going to work – there needs to be a better way.

One thing that can help is to determine what is most important.  For an ICS vendor, they ideally want security that does not impact their current functionality – the more transparent, the better.  Even more advantageous would be a solution wherein the vendor’s personnel can run the SaaS with nominal training.  This latter capability enables a provider to more fully enjoy the increased revenues from a proactive security service rather than taking some smaller passthrough.

In talking with different providers, it is surprising how little they value incoming certifications.  The reality is that combining any ICS with new security will force a new certification effort so having a cert ahead of time does little.  Instead, providers appear more interested in decreasing the integration times, low ramp-up periods and the ability to actively manage security with no unwanted impact on their ICS functions.

This new class of transparent, adaptable, proactive security services is exactly what is required to close this massive vulnerability and finally enable the major ICS vendors to solve these huge critical infrastructure issues.  Security is finally where it needs to be – now we simply need to connect the dots.