OREANDA-NEWS. Kaspersky Lab and the International Society of Automation (ISA) have announced the launch of a joint education initiative aimed at raising the awareness of cyberthreats to industrial automation equipment operators. As part of the initiative, the Kaspersky Industrial Protection Simulation will be included in select ISA training programs.

The importance of cybersecurity for critical infrastructure cannot be underestimated in today’s highly automated world. Incidents such as the spread of the BlackEnergy2 malware in complex environments (in particular, governed by SCADA software) happen regularly. In addition, the vulnerability and scale of consequences associated with a cyberattack against an automated production line is vividly demonstrated by a recent malware incident that led to physical damage to a steel furnace in Europe.

According to statistics from Kaspersky Security Network, by the end of 2014 there were about 13,000[1] monthly incidents when malicious code attempted to infect computers running automatic process control systems supplied by Siemens, Rockwell, Wonderware, General Electric, Emerson and other companies.

By joining their efforts, Kaspersky Lab and ISA expect to promote the development of mixed sets of knowledge – in both the domains of information security and engineering, and among owners and operators of critical infrastructure facilities.

“The training developed by Kaspersky Lab sets the audience in a unique atmosphere which enables the delivery of hands-on experience of securing critical infrastructure facilities against cyberattacks taking into account all the subtle nuances. Furthermore, it is equally well-customized to satisfy the needs of IT specialists, as well as engineers and top managers, who oftentimes do not see the necessity to take special measures on securing the production which has already been certified to the fullest possible extent.  We look forward to the real-world experience and value this hands-on simulation will add to our future training offerings,” said Dalton Wilson, Director – ISA Education & Certification.

The simulation is a turn-based strategy game in which the participants are put in charge of a virtual critical infrastructure facility and asked to ensure that it operates without disruption. The ultimate goal of the exercise is to ensure the sustained and profitable operation of the facility under the increasing pressure of cyberattacks. The simulation uses real-world examples and shows that without a unified view on cybersecurity by IT and engineering specialists such facility’s resilience is far from optimal.

“The owners of critical infrastructure are practical people that are not used to taking things for granted. This is why we developed ‘Kaspersky Industrial Protection Simulation.’ Through it, we vividly demonstrate how ensuring the cybersecurity of a technological process is important not only for the peace of mind for IT security staff, but also for the financial stability of the entire company. ISA’s value in the field of automation is difficult to overestimate. This organization influences millions of engineers across the globe both in the field of standards and in possessing the knowledge and skills in all aspects of automation, including cybersecurity. For this reason, we are especially happy to have ISA as our partner,” said Vyacheslav Borilin, business development manager at Kaspersky Lab.

Kaspersky Industrial Protection Simulation will be a hands-on component of the educational process for trainees attending ISA training courses, such as TS12[2] and TS20[3].