Kaspersky Launches Industrial Control Systems CERT
Kaspersky Lab has launched a new global computer emergency response team (CERT) focusing on industrial control systems (ICS).
Through the Kaspersky Lab ICS-CERT, the security firm wants to share its knowledge and experience in securing industrial systems and coordinate the exchange of information between stakeholders.
Officially launched last month, the new initiative aims to provide information on the latest threats, vulnerabilities, security incidents, mitigation strategies, incident response, compliance and investigations. Since it’s a non-commercial project, the Kaspersky Lab ICS-CERT will offer information and services free of charge.
Kaspersky has invited ICS product vendors, government agencies, critical infrastructure operators, and other types of entities to join its initiative.
The services offered by the company through its ICS-CERT can help organizations determine if they are compliant with state and industry regulations, learn about vulnerabilities in the software and hardware components they use, conduct a general assessment of their ICS network, perform penetration testing, and analyze malicious files and artifacts collected following an attack.
The Kaspersky Lab ICS-CERT website also shares vendor advisories, media coverage focusing on ICS-related incidents, and information on how and where the latest ICS attacks took place.
“Today’s approach to cybersecurity highlights the importance of accumulating intelligence on the latest threats, in order to develop protection technologies. This is especially true for industrial infrastructure, which has specific threats, highly customized hardware and software, and strict requirements for reliability,” said Andrey Doukhvalov, head of future technologies and chief security architect at Kaspersky.
“As a security vendor, we have years of experience analyzing threats and helping industrial operators with threat prevention and detection, incident response, staff training, and the prediction of future attack vectors. We are confident that sharing intelligence, or, in a broader way, exchanging knowledge between vendors and operators, is an important step towards more secure critical infrastructure,” Doukhvalov added. “By establishing ICS-CERT we are expanding the availability of the industry’s expertise in a way that no other private security vendor has done before.”