7 September 2023 Line

One major change will come from closing the current knowledge gap

Roni Gavrilov is a Security Researcher at OTORIO, and he will also be a speaker at the Industrial Security Conference 13-15 November. At the conference he will talk about practical recommendations for enhancing security in regard to defending from wireless IIoT Attacks. In total, the recommendations can help organizations better protect their industrial networks and ensure the safety, reliability, and continuity of their processes.

Before the conference you can read an interview with Roni here.

What is your background? And how do you work with industrial security on a daily basis?

I started my career as an electronics engineer, but not long afterwards, I found myself drawn to the world of cybersecurity. I spent several years working as an Offensive Security Researcher, mainly focused on IT environments.

Two years ago, I transitioned into the field of industrial cybersecurity through my work at OTORIO. My daily tasks involve conducting security research in the scope of industrial environments and technologies. This includes identifying new security risks and designing innovative solutions and features to be integrated into our products, all with the goal of enhancing the security of OT and cyber-physical environments.

As we often encounter interesting findings in our research that we believe should be accessible to the wider industrial and cybersecurity community, we actively participate in and present it in industry events such as Black Hat, S4x, SANS, and the upcoming ISC-CPH. We also share our insights through our blog and provide open-source tools for the benefit of the community.

What do you see as the biggest opportunities and challenges in connection with cyber- and industrial security?

Industrial security holds numerous opportunities. Specifically, it enables a safer implementation of Industry 4.0 advancements such as the Industrial Internet of Things (IIoT). This paves the way for better operational efficiency and reducing operational costs. However, with the rise of all this connected technology, the complexity and sophistication of cyber threats are also increasing, which pose a risk of massive disruption. Industrial systems are targeted by a variety of threats including nation-state actors, organized crime groups, and hacktivists, requiring a constant evolution of defense strategies.

Another key challenge is the reliance of many industrial systems on legacy technologies. These were not created with modern security considerations in mind, and the options for updates are often limited. As such, minimizing risk without causing operational disruptions becomes a major hurdle in the landscape of industrial security.

When looking forward to just 5-10 years, what do you think will be different within security?

Looking ahead to the next 5-10 years in security, I expect quite a few shifts. One major change will come from the closing of the current knowledge gap. Up until now, industrial networks have been somewhat protected by a barrier of specialized knowledge. However, as AI technologies and open-source or commercial attacking tools become more advanced, they’ll make it easier for non-nation-state attackers to automate complex tasks, analyze information and carry out OT-oriented attacks.

In addition, with the increase in remote connectivity solutions like remote access and industrial IoT with cloud management capabilities, they are likely to be targeted by attackers as entry points. This will force these solutions to evolve and improve their security measures.

The OT defenders will adapt their strategies by shifting from an “event-focused” to a “risk-focused” approach with a comprehensive understanding of their environment, enabling more effective action items and simplified monitoring. Thereby reducing potential risk to their processes.

What are your own expectations for the conference? And which keynotes are you looking forward to hearing?

As a speaker, my main goal is that attendees will engage with the information shared and leverage the new knowledge and tools in securing their industrial networks. I am also excited for the networking opportunities to connect with industry experts and hear their insights. Among the various keynotes, a couple of standout sessions I’m eager to attend are “Fences don’t stop radio waves: analyzing & breaking TETRA for OT” and “Cybersecurity in the electrical power and energy system”.

What will your keynote be about, and which learnings are you hoping the participants take with them?

In my keynote I’ll be addressing the security challenges within the wireless Industrial IoT ( IIoT) landscape. With the advancement of Industry 4.0, the use of wireless IIoT solutions, like industrial cellular gateways and access points, has increased immensely. While these devices have many benefits, they open a whole new attack surface to be aware of.

I plan to discuss how these changes can make industrial environments vulnerable to external threats and what organizations can do for their protection. I’ll share some of our latest research findings and provide recommendations for enhancing the security and creating a secure setup for wireless IIoT. My goal is for attendees to leave with a clear understanding of the potential threats and how to mitigate them.

Do you want to hear more from Roni on industrial security?

Join the Industrial Security Conference 13-15 November today and learn more about the wireless Industrial IoT ( IIoT) landscape and how to protect it from Roni. Read more about the conference and secure your delegate pass here.