According to the Finnish Security and Intelligence Service (SUPO) and the Finnish Transport and Communications Agency (Traficom), Russia has been increasingly targeting Finland with cyber-attacks. Organizations like Wärtsilä, Uponor and the Finnish News Agency (STT) have reported that cyber-attacks have been occurring almost on a daily basis. Another significant issue is that Russia has progressively shifted its intelligence operations to cyber domain.
As a spokesperson of cyber security, I have addressed customers’ decision makers multiple times, on the need to invest in security, emphasizing that security is an essential part of quality. I have changed my take on this: Security is not so much a part of the quality of the product, but rather a part of the product itself.
As the war in Ukraine has shown, protecting critical infrastructure is a key factor for societies’ survival in a state of emergency. The emergence of new industrial security threats poses a significant risk to the safety and productivity of businesses in all industries. In recent years, there has been an increase in attacks on industrial control systems (ICS) and operational technology (OT) networks. The attacks have raised concerns about the security of critical infrastructure, such as power grids, water treatment plants, and transportation systems. We have seen how all these things have been tried to be influenced in Ukraine.
So, what are the most significant emerging threats to industrial systems? Here are some major ones:
Overall, the war in Ukraine has shown that we need more robust security measures and a proactive approach to cyber security. Similarly, as organizations require finance and HR functions in their operation, the security function in the organization needs to meet that same level of importance rather than just being a “cute part” of the product quality or the IT support.
Tarmo Kellomäki, Director, Digital Security & Functional Safety at Huld Oy
The writer has a distinguished career as a builder of a successful cyber security domain business. He has a wide-ranging expertise in creating and developing mission-critical software and systems, cyber security as well as leading SME teams. His expertise has accumulated from working over 15 years in various positions in the Finnish Defense Forces and in the security consultancy business. He’s an active speaker on international security and technology events. He’s also a member of industrial cyber security standardization bodies and a board member of the Finnish Society of Automation’s Security & Safety section (ASAF).