ICS Protection from Cyberthreats: What Will It Take?

Industrial Control Systems (ICSs) continue to evolve and embrace IT capabilities into physical systems, leading to expanding vectors of cyberattack. This in turn will contribute to a growing market for ICS cybersecurity solutions.

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Research Highlight.

Market Overview

  • Industrial Control Systems (ICSs) are the basis of critical industries, but many were not designed for an increasingly connected industrial environment and usually lack rudimentary security features.
  • Prominent industrial hacktivist groups, such as GhostSec, have recently revealed the relative ease of infiltrating ICSs. While such hacktivist groups do not demand a ransom, they can pave the way for other malicious actors to exploit ICSs. Therefore, devising a holistic ICS cyber strategy is essential to guarantee the protection of operations in an increasingly risky environment.
  • Recent industrial cyberattacks indicate that malicious actors will prioritize attacking easy targets, meaning that organizations with weaker protections will incur increasing costs. To offset such costs, industrial organizations need to accept the idea of working alongside experienced and able cybersecurity vendors.
  • Growing at a Compound Annual Growth Rate (CAGR) of 33.5%, global shipments of Trusted Platform Modules (TPMs) in the utilities and Industrial Internet of Things (IIoT) segment will increase from 17.9 million in 2023 to 56.8 million in 2026.
  • Worldwide digital factory security services revenue will grow at a CAGR of 20.6% from 2020 to 2030, reaching US$9.5 billion by 2030.
  • When broken down by connectivity type, a fixed line is the predominant technology, accounting for 70% of all digital factory security revenue.
  • 5G is by far the fastest-growing security connectivity technology for industrial cybersecurity, with a 119.7% CAGR. By the end of the forecast window, more than US$2 billion in industrial cybersecurity revenue will stem from 5G connections.

“Even when security features are designed for an ICS, they are typically “bolt-on” security measures. This leaves the ICS vulnerable to single-frame attacks like those targeting Secure Authentication version 5 (SAv5) for Distributed Network Protocol 3 (DNP3) and other insecure protocols.” – Michael M. Amiri, Senior Analyst at ABI Research


Get More Data 

Key Decision Items

The following sections provide several strategic recommendations for ICS security stakeholders.

View Legacy ICSs as a Big Market Opportunity

Legacy ICSs are essential to industrial companies as many of them expect their system to last 20+ years. This provides market opportunities for ICS ecosystem players. While Original Equipment Manufacturers (OEMs) embed security into new ICS equipment, legacy systems do not enjoy the same protections. This means software developers, hardware developers, cybersecurity providers, and system integrators should see the threat protection of legacy ICSs as a critical market opportunity.

Find Partnerships That Create a Holistic Cybersecurity Offering

The different layers of a successful cybersecurity strategy do not mean that industrial organizations will seek multiple vendors to meet their cybersecurity demands. On the contrary, an increasingly complex industrial cybersecurity environment and the rise in sophisticated attacks will result in a market where an increasing number of organizations will seek a one-stop solution for their cybersecurity needs.

On the other hand, given the complexity of a holistic cybersecurity approach toward modern Industrial Internet of Things (IIoT) fnd ICSs, no individual vendor can provide adequate protection at the software, hardware, end-device, and network level. This means partnerships between OEMs, cybersecurity providers, network providers, and integrators are increasing and will be the future model of ICS security.

Integrate the Cloud into the ICS Security Solution

Cloud-based ICSs will provide new opportunities for market growth. While traditional on-premises ICSs are still the norm in most industries, with the rise of cloud computing and the Internet of Things (IoT), ICS functions are increasingly moving to the cloud. This provides new markets for cybersecurity service providers.

For example, Rapid7’s Security Information and Event Management (SIEM) platform can provide cloud-based solutions for detecting threats across Information Technology (IT) and Operational Technology (OT) environments. The Rapid7 Metasploit penetration testing tool can simulate attacks against ICSs and endpoints, including those that use Modbus and other OT protocols to test their resilience against various types of attacks.

Educate Clients on Why Firewalls and Unidirectional Gateways Are Better for Legacy ICSs

Firewalls are effective tools to segment vulnerable ICSs, especially older legacy systems. This is a mature area of network protection, and many companies provide industrial firewalls. Legacy systems are hard to upgrade or implement patches. Instead, security vendors talking to ABI Research usually recommend erecting firewalls or deploying unidirectional gateways. The latter is substantially more expensive, though it will provide better security.

Assess the Need for New ICS Security Options

ICS cybersecurity vendors should provide new options for industrial clients, such as Multi-Factor Authentication (MFA) or biometric technologies. These newer authentication methods are more dependable than passwords, yet they need special hardware and software to implement them. Vendors must explain to industrial organizations the benefits of these newer systems for maintaining endpoint security.

Implementing access control, strong passwords, and even MFA can be used for questionable, unverified, or untrusted devices and platforms. Cybersecurity planners and organizations considering MFA need to consider their security priorities and balance them against their need for efficiency. MFA might decrease personnel’s speed to access and manage devices or services.

Maintain an Organic Relationship with Academia

ICS security research in academia is a mature area of research with promising outcomes. ABI Research monitors industrial research in academic settings and has found a vast body of impressive research. ICS OEMs, security vendors, and even software developers can benefit from this body of research, while driving down Research and Development (R&D) spending.

Key Market Players to Watch

Dig Deeper for the Full Picture

For a closer look at the various security technology needs for protecting OT/ICSs, download ABI Research’s Industrial Control Systems (ICS) Security: Securing Networks and Endpoints research report.

Not ready for the report yet? Check out our following Research Highlights:

This content is part of the company’s IoT Cybersecurity Research Service.