Key Takeaways from the ICS Cybersecurity Conference: The Collaborative Nature of ICS Cybersecurity

The annual SecurityWeek Industrial Control Systems (ICS) Cybersecurity Conference is the leading international ICS/Operational Technology (OT) cybersecurity meeting, hosting multiple software and hardware security vendors and system integrators. The conference includes two editions, with the flagship U.S. event in October and a Singapore conference every year in April.

ABI Research attended this year’s conference and had the opportunity to sit down and speak with major OT cybersecurity vendors. Major ICS cybersecurity leaders and innovators attended the event, including organizations and sponsors such as Palo Alto Networks, OTORIO, PacketViper, Fortinet, Radiflow, Tenable, Verve, Nozomi Networks, Cisco, TXOne Networks, Siemens, Orange, Kudelski Security, Owl Cyber Defense, and many other OT/ICS-focused security providers.

In addition to vendor booths that displayed the latest technologies in the field, including firewalls and security systems, the conference delivered a rich list of speakers, workshops, presentations, and networking opportunities. The 3-day conference also offered an optional fourth day of training prior to the main event, featuring sessions that included the “Applied ICS Security Lab” and a “ICS/OT Cybersecurity Incident Preparedness & Response Workshop.”

Palo Alto Network’s OT Security Simulation Booth

This year’s conference witnessed the presence of various vendors and experts across sectors, including pentesters from the defense sector that provided their hands-on experience via presentation sessions. Other industrial organizations presented real-world OT strategies for securing exploitation vectors. Other topics covered the business case for OT cybersecurity and how to demonstrate that measurable improvements in an organization’s OT security posture benefits the organization.

IT/OT convergence was still a prominent subject, yet not about its necessity, but detailing the best strategies for the convergence. Additionally, the conference sessions examined a range of topics, including insider threats to ICS, Zero Trust for connected devices, securing industrial wireless infrastructure, Software Bills of Materials (SBOMs) and ICS devices, and security-focused discussions based on specific industrial sectors such as oil & gas and manufacturing.

Palo Alto’s security OT simulation booth, TXOne, Cisco, and Fortinet’s rugged industrial firewalls, and many more technology innovations were on display at the conference. This provided a rare chance for participants to see and talk about OT/ICS technologies with vendors and see how they work upfront. Industrial firewalls, gateways, and one-way diodes were a prominent feature of vendor booths, pointing to market demand among industrial clients for such technologies.

Software providers were also prominent at the event, and companies such as OTORIO displayed their solutions, especially consolidated network visibility strategies aimed at identifying the most critical vulnerabilities in the OT. System integrators and industrial operators such as Orange and Siemens were also present at the conference showcasing their solutions.

Siemens Showcases Its Industrial Cybersecurity Technology

In addition to industrial organizations, the presence of former defense sector employees was prominent, aligning with ABI Research’s data that the defense sector is a major driver of OT cybersecurity spending. This year’s (Fiscal Year (FY) 2023) U.S. spending included approximately US$10.9 billion of budget authority for civil­ian cybersecurity-related activities, and US$11.2 billion for the Department of Defense (DoD).

A prominent feature of the conference was that the presenters came from an assortment of backgrounds, including IT, OT, business, and corporate management. Like their diverse backgrounds, presenters addressed assorted issues related to ICS cybersecurity, including new cyberthreats in the OT environment, IT attack vectors in the OT, remote access management security, protection for Supervisory Control and Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLCs), and other field control system devices. Whether discussing threats or the business proposition of OT cybersecurity, a common approach among most attendees and presenters was that they drew their conversations from their own real-world experiences as OT/ICS stakeholders. 

Owl Cyber Defense Makes Sure OT Data Flows Are Secure

A recurrent theme heard from many key stakeholders and cybersecurity vendors was that no single entity can comprehensively cover the entire ICS cybersecurity landscape on its own. The claim aligns with ABI Research’s understanding that the cybersecurity landscape consists of a multitude of interrelated, but highly specialized domains, such as access control, monitoring, threat detection and mitigation, firewall management, application and end-point security, disaster recovery, and software and hardware development.

It was evident at the conference that the few companies that had attempted to become a one-stop shop for OT/ICS cybersecurity solutions were widely known by attendees, due to their inability to achieve that goal. In the face of industrial cybersecurity’s multifaceted challenges, collaborations between vendors and stakeholders will remain strong in the near to mid-term. Also, acquisitions of newer companies by larger vendors will remain a salient trend. A case in point is Palo Alto’s hefty US$625 million purchase of 2021-founded Israel-based Talon Cyber Security. Also, this week, Palo Alto purchased another startup, Dig Security, for US$315 million, indicating that acquisitions are a strong trend in the business and a better strategy than trying to build a service or product from scratch in-house.

Building on the collaborative nature of ICS cybersecurity, the conference was an excellent opportunity for IT/OT security professionals, stakeholders, and analysts to share insights with colleagues and learn more about industrial and critical infrastructure cybersecurity and the vendors that are offering them. Industrial cybersecurity vendors also get a glimpse of their competitors and how they interact and market their solutions and products. New entrants to the ICS/OT cybersecurity market get a great opportunity to showcase their technologies and solutions. Those interested can access hands-on workshops and gain fresh insights on the latest offerings and solutions from leading providers.