SCADAfence Blog

Navigating the Changing Landscape of OT Security in the New Year

Written by Elad Ben-Meir | Jan 10, 2023 1:16:05 PM

It’s become somewhat of a ritual at the beginning of every year, (almost) every company comes up with a review of the past year, and an attempt to forecast what the next 12 months will bring. This year is more challenging than ever. Not only are geopolitical tensions and conflicts at an all-time high but there’s a lot of uncertainty due to the bear markets and the almost inevitable recession that is lurking.

2022 was a year of incredible growth and evolution for OT cyber security. If there is one word that sums up the past year in my mind, it is “change.” As we emerged from the grips of pandemic and tried to return to a life that felt a little more familiar, we found ourselves confronting a world that wasn’t quite as we’d left it. In some ways, it feels like the world is undergoing a major glitch and we are now in reset mode.

In the midst of this turbulence, SCADAfence has proven that it has a fundamental role in securing OT/ICS networks and we have delivered a mature, sophisticated line of products to the marketplace that has been received with an abundance of accolades from our customers, industry analysts and investors.

A Landmark Year for OT Cyber Security

Several key events and trends of the past year raised international awareness of the need for OT cyber security protections. At the same time, we saw an increase in innovation and initiatives to address that need.

The Russian invasion of Ukraine, and Hacktivists in Iran put OT cyber attacks squarely at the center of international politics and showed that threat actors are willing to use attacks as acts of military aggression and protest. CISA added 558 CVEs to its official list of exploited vulnerabilities. Researchers identified many new malware strains developed specifically for nation-state attacks on high value OT targets, including new strains of Triton and LockBit

Consulting company McKinsey, released a survey in October of this year which found in part that nearly 40% of observed malware had never been previously identified. The same survey revealed that there is only a 5% market penetration of OT cyber security solutions. Meanwhile, the expected cost of cyber attacks is expected to reach 10.5 trillion by 2025. This is an almost unimaginably large gap between the demonstrated need for security and actually deployed solutions.

On the other hand, we see reassuring signs that governments of many countries are taking threats against their critical infrastructure seriously. Many raised standards and issued guidelines for increasing OT/ICS protection.

SCADAfence’s own research shows that there is a lack of well-trained OT security staff that adds to many organizations' vulnerabilities.

Clearly, there is much work to be done, both in securing the world’s critical infrastructure and in continuing to raise awareness of the need to fight back against cyber threats.

SCADAfence - Meeting the Growing Need

In order to be a CEO of a rapidly growing company, you have to be optimistic by definition, and this comes into play when I think about the future that I envision for the organization that I am privileged to lead.

In 2022, SCADAfence managed to sustain our rate of growth and increase customer satisfaction and perceived value. We more than doubled the number of our customers in 2022, and onboarded our first Fortune 10 customer.

I’m also very proud to say that with our head of HR, Tamar Rozen, spearheading our recruiting methods, we were able to reach a more diverse pool of candidates. With those efforts we saw a double digit increase in the percentage of female team members, including in senior management roles. Notably, we added Michal Lewinsohn as VP of Product.  We took time to speak to our team about their experiences working for SCADAfence and we’ve posted some of these interviews online for you to see as well.  The team took some much needed time off during the summer for a company trip to the south of Israel for team bonding activities, ATV riding, singing and swimming.

Our research team has also been constantly producing impressive results, including contributing new modules to the  Metasploit framework, discovering the first ever CVEs for Allerton PLCs, and winning the Hack The Port competition sponsored by the U.S. Cyber Command and the NSA.

While I could easily fill the rest of this column with praise for individual team members who have gone the extra mile to contribute to our success, I am especially proud of SCADAfence’s customer success team. They have really clicked as a group that is fully bonded to its mission. From onboarding new customers, to customer support, to our growing Managed Services group, I firmly believe our customer service sets us apart from the rest of our competitors and in cyber security as a whole.

In 2022, SCADAfence continued to build and strengthen our partnerships with some of the cyber security industry’s most important companies. We are now partnered with Secureworks to expand its Taegis platform into the OT/ICS space. We’ve also developed an integration in partnership with Keysight of their Threat Simulator BAS solution. Additionally, we’ve continued to work with our partners Rapid7 and Fujitsu to improve visibility across OT/ICS networks.  These partnerships allow us to provide individual solutions for complex use cases and we have more planned for the coming year.

Preparing for an Unpredictable 2023

Amidst all this sincere optimism, I need to take a moment to be realistic as well.

Analysts, partners, customers and the public markets are all indicating rocky roads ahead. The pendulum is swinging back the other way, and the world economy is slowing. As a result, we are seeing some shrinking budgets impacting our customers. While we continue to advise that a recession is actually the time to increase OT security budgets, we know that for many CISOs it will be a tougher sell in the days ahead.

My belief is that at SCADAfence we will be able to sustain or even accelerate our rate of growth in the coming year, as we continue to innovate and develop the industry’s most comprehensive and effective OT security product.

As always, I want to express deepest appreciation to our customers, investors, and supporters. We truly appreciate your trust in us and look forward to working with you to build a more secure future.

Wishing you all a safe and successful 2023.