Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) joined on Monday the Forum of Incident Response and Security Teams (FIRST) that aims to bring together incident response and security teams from government, commercial and educational organizations.
FIRST aims at rapid reaction in incident prevention and promotion of information sharing among members and the community in general. The technical group is made up of 540 government and private accredited CERTs (Computer Security Incident Response Teams), spread around the world.
As a non-commercial project, ICS CERT shares information and expertise to its members free of charge.
Apart from the trust network that FIRST creates within the incident response community, it also gives access to up-to-date best practice documents, technical colloquia for security experts, hands-on classes, annual incident response conference, publications and web services, and special interest groups.
“With the potential for incident consequences amplified because of the pandemic, it is even more important for the cybersecurity community to stick together and join forces against cybercrime,” said Evgeny Goncharov, head of Kaspersky ICS CERT.
This Kaspersky project offers information services, covering intelligence on the latest threats and security incidents with mitigation strategies, and incident response and investigation consultancy. In addition to new intelligence about threats and vulnerabilities, Kaspersky’s Industrial CERT provides expertise in compliance.
Malicious attacks on industrial systems, including industrial control systems (ICS) and supervisory control and data acquisition systems (SCADA), have been on the rise with the trend toward digital transformation in recent years. Traditional security mechanisms fail to protect industrial environments from cyberthreats.
Cyberattacks such as ransomware that lead to downtime or shutdowns lead to fallouts throughout the infrastructure of a manufacturing or oil and gas company for months subsequently. With an increase in the threats to critical infrastructure, choosing the right advisor and technology partner to secure industrial systems is critical, Kaspersky said.
Kaspersky recognizes the borderless nature of cybercrime and shares its expertise, knowledge and technical findings with the security community on a regular basis. It integrates with IT and OT vendors, international organizations including Interpol and Europol, national and regional regulators and law enforcement agencies, besides other cybersecurity research teams and individual experts in the fight against cybercriminals.
In September, Kaspersky released a report that detailed the state of industrial cybersecurity, apart from prevailing priorities and challenges facing industrial organizations. The report identifies red tape as the main barrier to cybersecurity initiatives in the industrial sector, besides long approval times and having too many bureaucratic steps.