How organizations can effectively grow in cybersecurity for the critical infrastructure space

Businesses today are increasingly interconnected, spanning all industries. This has led to a growing wave of cyberattacks, which are becoming very common. Interestingly, critical infrastructure (CI) industries such as power, oil and gas, dams, mass transit, and water utilities have become prime targets. With the complexity of today’s geopolitics, major incidents such as the Stuxnet virus, the Colonial Pipeline hack, and malware attacks on Kyiv’s power grid occur with alarming regularity. As evident from these incidents, the intent is more than just a monetary payment, it is to cause major service disruptions to the targeted entities.

In the early 2010s, IBM Security Services recognized the urgent need for a comprehensive portfolio of offerings in a company dedicated to operational technology (OT) cybersecurity. The impetus came from a growing number of cybersecurity-related inquiries from their customers in the CI space. Incidents of cyberattacks in legacy operational technology (OT) infrastructure and new Internet of Things (IoT) devices were steadily increasing.

“We had a strong business in the global cybersecurity consultancy space. However, OT cybersecurity was a whole new frontier. There was very little domain expertise to tap into, a shortage of highly skilled professionals, and few safeguards. that we could use immediately.” says Krishna Chaitanya Tata, Senior OT Security Architect at IBM, who was intimately involved in building this venture. Another major challenge was that OT networks are made up of legacy equipment that is not well suited for hardening security. The IoT was very new and security professionals were only beginning to understand its intricacies.

Krishna Chaitanya Tata

The IBM team responsible for setting up this activity understands that the portfolio of offers will help reduce interruptions of critical services for ordinary citizens, such as water and electricity. Thus, the portfolio needed to be watertight with clearly defined offerings and tailored to the specific industry of the clients. Data security concerns, for example in the electricity industry, are different from those in the oil and gas industry

A large part of the initial ramp-up therefore involved establishing a comprehensive portfolio of service offerings, mapped to the suite of security products from IBM and its partners. Market research, very nascent at the time for OT security, was also favored to strengthen the business case. Reports from independent analysts have been evaluated to obtain important metrics such as the compound annual growth rate (CAGR) of the market. Key materials such as architectural plans and implementation best practices were created. Additionally, partnerships with various niche vendors in the OT security market have been established.

Less than a year after the germination of the business idea, the IBM OT security practice has been formalized with a defined portfolio of offerings around data security, network security, intrusion detection, network segmentation, etc., all specific to OT networks.

Over the past five years, the OT security business has become the most profitable business within the enterprise security services business unit. The portfolio has grown significantly over the years, as has the team of highly experienced OT security professionals.

With all that has been achieved, IBM believes the OT and IoT security space is just beginning to grow. “Cyberattacks on critical infrastructure industries are constantly evolving. Attacks are becoming increasingly sophisticated. IoT devices and cloud services are proliferating rapidly. We have to keep pushing our limits and keep innovating our solutions,” says Krishna. When it comes to protecting critical infrastructure, as the saying goes, there can never really be any downtime.