The convergence between IT and OT, together with high regulatory requirements and the increase in cyberattacks, defines the new reality for industrial infrastructure operators. According to Kaspersky ICS CERT, in the second half of 2024, malware was blocked on 23.5% of ICS computers, underscoring the need for robust cybersecurity strategies.

To address this demand, Kaspersky has adapted its solutions to protect industrial companies, with “Kaspersky Industrial CyberSecurity” (KICS). The solution improves its Managed Detection and Response (MDR) service for Industrial Control Systems (ICS).

Kaspersky Industrial CyberSecurity for industrial companies

The KICS platform, designed to protect OT equipment and networks and critical infrastructures of industrial companies, has received several significant improvements:

  1. Configuration and change management– KICS enables inspection of security configurations and monitoring of changes on Windows and Linux hosts, network devices, and PLCs. This is achieved through agent-based or agentless polling, collecting configurations manually or on a scheduled basis. The accumulated configuration file is always available for review and can be used to monitor changes and analyze discrepancies.
  2. New asset types– KICS for Networking now supports adding new types of assets, such as installed software, patches, local users, and discovered executables. When KICS for Nodes is installed on a host, it automatically transmits this information to KICS for Networks with regular updates. This allows for automatic change management and alerts when deviations are detected, simplifying the incident investigation process.

Kaspersky presents improved solutions to protect industrial companies

  1. Scheduled Active Polling– KICS provides a topology map that displays real-time information about asset connections and manages changes in the security status of devices without agents installed. Active probe tasks now support scheduling to automate the creation of this map and keep connection data, asset attributes, and security configurations up to date. Each scheduled run is complemented by a detailed report that includes query results and any identified issues.
  2. Detection of anomalies in digital substations– KICS for Networks now supports importing SCD (Substation Configuration Description) files to analyze configurations, extract asset attributes, and review IEC 61850 settings. It also provides reporting of errors and identified misconfigurations. By monitoring substation networks based on reference configurations, it allows the detection of unauthorized connections, anomalous activity and failures or errors in IEC 61850 communications, indicating equipment malfunction or incorrect configurations.
  3. SD-WAN Sensor: The updated version of KICS provides a new architecture for geographically distributed infrastructures, supporting up to 100 monitoring points on a single KICS networking node. When KICS for Networking sensors cannot be placed at remote sites due to equipment size or connectivity limitations, traffic from these sites can be transferred directly to a KICS for Networking node located in a central office. SD-WAN technologies offer unlimited options for establishing new software-defined wide area networks between enterprise branches, allowing copies of industrial traffic to be sent from the originating switch to the monitoring node.
  4. Updated portable scanner: The KICS portable scanner expands host inspection capabilities with new scanning technologies, such as host inventory, vulnerability scans, security configuration compliance and inspection, and traffic capture. These functions can also be configured for a classic antivirus scan at the USB drive writing stage. The portable scanner now also supports anti-malware scanning on hosts running Windows 2000 SP4
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.