Kaspersky Report: Over half of ICS incidents caused by employee errors
卡巴斯基報(bào)告：半數(shù)以上的工控系統(tǒng)事故由員工失誤造成

August 22, 2019 – According to a new report from Kaspersky, 52% of incidents affecting operational technology and industrial control system (OT/ICS) networks last year were caused by employee errors or unintentional actions. The report, “State of Industrial Cybersecurity 2019,”found this issue to be the result of the growing complexity of industrial infrastructures and a shortage of professionals who understand how to detect new threats as well as low awareness among existing employees.

2019年8月22日——根據(jù)卡巴斯基的一份新報(bào)告，去年影響運(yùn)營(yíng)技術(shù)和工控系統(tǒng)（OT/ICS）網(wǎng)絡(luò)的事件中有52%是由員工錯(cuò)誤或無意行為造成的。這份《2019年工業(yè)網(wǎng)絡(luò)安全狀況》的報(bào)告認(rèn)為，這一問題是工業(yè)基礎(chǔ)設(shè)施日益復(fù)雜、缺乏了解如何檢測(cè)新威脅的專業(yè)人員以及現(xiàn)有員工認(rèn)識(shí)不足的結(jié)果。

According to the survey, digitalization of industrial networks and adoption of Industry 4.0 standards are a priority for many industrial companies. Four out of five organizations (81%) consider operational network digitalization to be an important or very important task for this year.

根據(jù)調(diào)查，工業(yè)網(wǎng)絡(luò)數(shù)字化和采用工業(yè)4.0標(biāo)準(zhǔn)是許多工業(yè)公司的優(yōu)先事項(xiàng)。五分之四的組織（81%）認(rèn)為運(yùn)營(yíng)網(wǎng)絡(luò)數(shù)字化是今年的一項(xiàng)重要或非常重要的任務(wù)。

A majority (87%) of respondents confirmed that OT/ICS cybersecurity is becoming a top priority for industrial companies. However, to achieve the necessary level of protection, they need to invest in dedicated measures and have highly qualified professionals to make them work effectively. Despite stating it as a priority, only just over half of companies (57%) have allocated budget for industrial cybersecurity.

大多數(shù)（87%）受訪者明確表示，運(yùn)營(yíng)技術(shù)/工控系統(tǒng)網(wǎng)絡(luò)安全正成為工業(yè)企業(yè)的重中之重。
但是，為了達(dá)到必要的保護(hù)水平，他們需要投入專門的措施，并擁有高素質(zhì)的專業(yè)人員，以使他們有效地工作。盡管將其作為優(yōu)先事項(xiàng)，但只有略多于一半的公司（57%）為工業(yè)網(wǎng)絡(luò)安全分配了預(yù)算。

In addition to budget constraints, there is also a question over skilled staff. Organizations are not only experiencing a lack of cybersecurity experts with the right skills to manage protection for industrial networks, but also are worried that their OT/ICS network operators are not fully aware of the behavior that can cause cybersecurity breaches. These challenges make up the top two major concerns relating to cybersecurity management and directly correlates as to why employee errors cause half of all ICS incidents such as malware infections and more serious targeted attacks.

除了預(yù)算限制，還有一個(gè)關(guān)于技術(shù)人員的問題。企業(yè)不僅缺乏具備管理工業(yè)網(wǎng)絡(luò)保護(hù)的正確技能的網(wǎng)絡(luò)安全專家，還擔(dān)心他們的運(yùn)營(yíng)技術(shù)/工控系統(tǒng)網(wǎng)絡(luò)運(yùn)營(yíng)商沒有充分意識(shí)到可能導(dǎo)致網(wǎng)絡(luò)安全漏洞的行為。這些挑戰(zhàn)構(gòu)成了與網(wǎng)絡(luò)安全管理相關(guān)的兩大主要問題，并直接關(guān)系到為什么員工錯(cuò)誤會(huì)導(dǎo)致一半的工控系統(tǒng)事故，比如惡意軟件感染以及更嚴(yán)重的目標(biāo)攻擊。

In almost half of the companies (45%) surveyed, the employees responsible for IT infrastructure security also oversee the security of OT/ ICS networks. Although operational and corporate networks are becoming increasingly connected, OT and ICS specialists can often have different approaches (37%) and goals (18%) when it comes to cybersecurity.

在接受調(diào)查的近一半公司（45%）中，負(fù)責(zé)信息技術(shù)基礎(chǔ)設(shè)施安全的員工也負(fù)責(zé)監(jiān)督運(yùn)營(yíng)技術(shù)/工控系統(tǒng)網(wǎng)絡(luò)的安全。盡管運(yùn)營(yíng)和企業(yè)網(wǎng)絡(luò)越來越緊密地聯(lián)系在一起，但在網(wǎng)絡(luò)安全方面，運(yùn)營(yíng)技術(shù)和工控系統(tǒng)專家通常會(huì)有不同的方法（37%）和目標(biāo)（18%）。

In addition to a technical and awareness boost for industrial cybersecurity, organizations must consider specific protection for Industrial IoT which can become highly connected externally. Almost half of companies (41%) are ready to connect their OT/ICS network to the cloud using preventive maintenance or digital twins.

除了提高工業(yè)網(wǎng)絡(luò)安全的技術(shù)和意識(shí)，這些公司還必須考慮對(duì)工業(yè)物聯(lián)網(wǎng)的特殊保護(hù)，因?yàn)楣I(yè)物聯(lián)網(wǎng)可以與外部高度連接。幾乎一半的公司（41%）準(zhǔn)備使用預(yù)防性維護(hù)或數(shù)字孿生將其運(yùn)營(yíng)技術(shù)/工控系統(tǒng)網(wǎng)絡(luò)連接到云。

“As this ARC Advisory Group survey conducted on behalf of Kaspersky reflects, the growing interconnection between IIoT edge devices and cloud services continues to stand as a security challenge,” said Dr. Jesus Molina, chair, IIC Security Working Group and director of business development, Waterfall Security Solutions. “It was a major driver for the creation of the IIC Industrial Internet of Things Security Framework as well as the subsequent best practices documents and recent IoT Security Maturity Model.”

工業(yè)互聯(lián)網(wǎng)聯(lián)盟（IIC）安全工作組主席、Waterfall安全解決方案業(yè)務(wù)發(fā)展總監(jiān)Jesus Molina博士表示：“正如ARC咨詢公司代表卡巴斯基進(jìn)行的調(diào)查所反映的那樣，工業(yè)物聯(lián)網(wǎng)邊緣設(shè)備和云服務(wù)之間日益增長(zhǎng)的互連仍然是一大安全挑戰(zhàn)。它是創(chuàng)建IIC工業(yè)物聯(lián)網(wǎng)安全框架，以及隨后的最佳實(shí)踐文檔和最近的物聯(lián)網(wǎng)安全成熟度模型的最主要推動(dòng)力。”