Cybersecurity is a growing international concern. Global insurance market Lloyd’s of London’s Risk Index 2013 rated cybersecurity the number three top threat to the global economy in 2013, up from number 12 the previous year. With the rise of cybercrime, it is important for companies and organizations to understand their unique vulnerabilities to this type of crime. Many government-focused attacks originate from entities in developing countries interested in growing their critical infrastructure (such as for power, chemical, water, oil and gas), and who are looking at successful companies and entities to understand how they design and operate their systems. These industries, along with their corresponding industrial and manufacturing production facilities, have unique vulnerabilities to cyberattacks.
Safeguarding infrastructure-critical industries
A change in the industrial landscape and increased vulnerabilities are prompting industrial facility managers and operators to implement security practices tailored to safeguard their network infrastructures.
It is important for a facility manager to understand the unique characteristics of his or her industrial environment and where cybersecurity actions should be applied. Below are six key steps for operating facilities according to the highest possible security standards.
- Security plan: Have a plan that includes critical asset identification, policies, and procedures to cover risk assessment, risk mitigation, and methods to recover from disaster.
- Network separation: Separate the industrial automation and control system from other networks by creating “demilitarized zones” to protect the industrial system from enterprise network requests and messages.
- Perimeter protection: Use firewalls, authentication, authorizations, virtual private networks (IPsec), and anti-malware software to prevent unauthorized access.
- Network segmentation: Contain a potential security breach to only the affected segment by using firewalls and virtual local area networks to divide the network into subnetworks and by restricting traffic between segments. This helps contain the malware impact to one network segment, thus limiting damage to the entire network
- Device hardening: Manage passwords, define user profiles, and deactivate unused services to strengthen security on devices.
- Monitor and update: Do surveillance of operator activity and network communications. Regularly update software and firmware.
The increasingly open and collaborative nature of industrial operations introduces higher risk in these environments. In the past, industrial networks were primarily isolated systems, running proprietary control protocols, using specialized hardware and software. These days, systems are networked on IP-based, wireless, and mobile systems that are more open to attack. What’s more, legacy control systems were not designed to contend with current threat levels.