Securing your industrial control system
May 15, 2018 - Every year the cybersecurity experts at Cisco release the Cisco Annual Cybersecurity Report, an industry tome that discusses security trends and emerging threats. In the 2018 report, the role of the Internet of Things (IoT) and its effect on cybersecurity was analyzed, particularly as it pertained to operational technology and networks.
The report surveyed security professionals within the manufacturing industry to determine how prevalent attacks on operational technology (OT) equipment and networks have become. The results proved what many have already warned manufacturers about: The attacks are coming and you need to be prepared.
Here is a snapshot of the report findings:
• Thirty-one per cent of security professionals said their organizations have already experienced cyber-attacks on OT infrastructure.
• Thirty-eight per cent said they expect attacks to extend from IT to OT in the next year.
• Sixty-nine per cent of organizations surveyed believe OT is a viable attack vector in 2018.
So how can the nearly 70 per cent of manufacturers protect their OT infrastructure from the WannaCrys and Nyetyas of the future? The good news is some are already investing in improvements to their cybersecurity architecture. Industrial zone cybersecurity strategies and industrial firewalls to protect the overall network were in use by 50 per cent or more of respondents. It’s a great start, but more can be done. Specifically, more can be done to secure the industrial control systems (ICS) that operate within the OT network.
How can you secure your ICS?
Cybersecurity requires several layers of defence to protect equipment from the various vulnerabilities that hackers can exploit. Think of it as a soccer team. It’s not enough to have a keeper — you need defenders and midfielders to contain attacking players. In this analogy, your keeper is an industrial firewall and your fielders are ICS solutions.
To secure your ICS, ask prospective vendors the following questions to determine whether they can implement a successful security solution.
• How do you detect and protect against an ICS security threat?
Monitoring, defending and remediating against risks and threats throughout your network prevents downtime and loss of control, even against physical anomalies, such as squirrels, jellyfish or birds.
• How do you participate in ICS standards creation, research and industry training?
Adhering to ICS standards with up-to- date products, policies and procedures ensures you won’t implement an inefficient security solution that doesn’t drive compliance.
• How do you secure each boundary level of an ICS network?
Applying a strategy to secure every level of your ICS network prevents disjointed solutions and insufficient levels of security.
• How are your industrial hardware manufacturers supported?
Employing compatible, supportable and flexible hardware from a vendor with design and support expertise is vital to avoid unnecessary network traffic and implementation issues from a poorly designed system.
• How does your security help drive broader business outcomes?
Maintaining the same standards of availability while securing your ICS is critical to achieve the increased connectivity required for an IoT network and drive the digital transformation of your architecture.
• How does your solution integrate with other IT and OT products and services you offer? Integrating IT and OT security products and services decreases the likelihood of introducing vulnerabilities and gaps into your system.
• What types of visibility does your solution offer into an ICS?
Gaining full visibility into every zone and segment of your ICS enables you to defend against risks and threats that go undetected through different layers.
• Can you describe the full range of security provided by your solutions at the IT and operations interconnect?
Establishing network requirements and management processes through IT and OT convergence preserves the existing availability standards and improves your security.
• What authentication and authorization protocols do you implement for network access?
Utilizing a comprehensive set of authorization policies and protocols lowers your risk by keeping out unknown or unwanted entities without impacting operations.
• How do you know that your security solution will successfully integrate with my network architecture?
Implementing a solution that integrates seamlessly with your existing systems helps you avoid introducing unknowns and unintended consequences, or creating new vulnerabilities.
When looking to secure and maintain your ICS, remember that every vendor has strengths and weaknesses. The answers to the above questions will help you identify potential weaknesses and make an informed decision around the services and features required to secure your ICS.
This column was originally published in the May 2018 issue of Manufacturing AUTOMATION.