Want to know more about cybersecurity in trying times? Read more from our blogs.
Cybersecurity incidents continue to demonstrate how vulnerabilities in the IT or OT environment, or in the connections between them, can be exploited with serious impact to manufacturing. An attack in one area of your organisation can be pivoted to compromise the other part as well – like a swiftly moving fire.
The 2019 SANS OT/ICS Survey reveals the top three threat categories concerning businesses:
- Devices and “things” (that cannot protect themselves) added to the network
- Internal threats (accidental)
- External threats (supply chain or partnership)
Why Industrial Companies are a Target
Industrial companies are often plagued by legacy unpatched infrastructure and a lack of skilled resources to manage cyber risk properly. Attackers know these environments have many vulnerabilities and they know an attack can mean major consequences for the infected.
The next question is, why are companies struggling to address this?
Most industrial automation environments are poorly inventoried. If you do not know what is connected in the environment, you cannot secure it. IT and OT teams MUST start work together to close those gaps with industry experts.
Does your organisation have competing security priorities between teams, gaps in security strategies or undefined roles in security? Are your employees working remotely because of COVID-19, increasing risks to your infrastructure from unknown devices and insecure connections?
If It’s Connected, It Needs to be Protected
Building security protections into your entire manufacturing ecosystem should be a priority, from individual components to the entire footprint of your plant, including connections to your own corporate enterprise, supply chain and third parties.
The challenge is, to many people, security is like buying an insurance policy. You hope something bad won’t happen, but you’re buying the policy to help you recover if something does. But how do you insure yourself for reputational loss as a company due to a ransom attack?
Just like insurance, you’re asking for money to prevent something from happening. And that’s why it can be a tough sell. Security doesn’t manufacture anything. Security doesn’t make you faster or more efficient.
A Priority for Digital Transformation
Cybersecurity is critical to digital transformation. So, when leveraging your digital opportunities, in parallel you need to manage related digital risks over all elements during the lifecycle.
The goal is a seamless digital data floor – from everything that happens before a product is even made, all the way back to R&D, to the actual manufacturing and delivery and operation of the product in the field. The entire supply chain.
Identify Your Gaps
Digitalisation requires integrated data flow and the ability to identify gaps – and how those gaps and silos create the opportunity for cybersecurity threats to emerge. Mistakes here are expensive. To avoid them requires an investment in people, machinery, knowledge and training.
- People, by investing in specialists, as well as improving awareness to create a mindset change among all employees – cybersecurity is the responsibility of every single person.
- Machinery, thorough strategies for network structures, remote access policies and asset lifecycle management, to name just a few.
- Knowledge, as in understanding risks, vulnerabilities threats and adversaries, and the picture of how and what kind of attacks are performed.
- Training, such as cyber-incident simulations that offer a perfect playground to exercise the above topics in an adrenalin-laden scenario.
Comprehensive Approach
A fully connected enterprise requires a comprehensive approach to industrial security.
This approach includes policies and procedures that address people, processes and technology-related risks. A complex, interconnected system has its challenges. It is critical to understand the potential risks and start building an adaptive cyber strategy into your industrial automation control systems.
Industrial assets require a defence-in-depth security approach that addresses both internal and external security threats. A defence-in-depth security architecture is based on the idea that any one point of protection may be defeated. This approach uses physical, electronic, and procedural layers of defence, and applies the appropriate controls that address different types of risks.
Published June 8, 2020
Recommended For You