Posted by Sue Barnes on Saturday, February 6, 2021 Under: Factory Security
Manufacturers who are better at connecting factory systems with enterprise networks undoubtedly create a more agile, efficient, flexible and profitable business, as exemplified in a recent case study we had with Daimler Truck North America. The problem is that more connections also open the door to new security risks. Further, previous generations of industrial control systems were not conceived with security or IP connectivity in mind. The net effect is that vulnerabilities can really start to proliferate when you integrate more enterprise IT with industrial assets and technologies. At the same time, malicious hackers are getting more sophisticated.
Industrial Automation and Control Systems (IACS) have a history of utilizing proprietary hardware and protocols that are hard to integrate with network security. They may be segregated from industrial IP networks, but they’re still at risk because they’re often set up as simple, open-network machine islands, with limited or no security. Why build islands of automation that create islands of untapped information—constraining business agility, efficiency and growth potential—if you’re not really even establishing sound systemic security?
The stakes are high for manufacturers. According to a recent Cisco Connected Factory white paper, if cybersecurity concerns delay digital implementation, it could take up to five years to realize value and catch your competitors. And our recent Cisco 2016 Annual Security Report purports that the industrial sector has some of the LEAST mature security practices and policies and LOWEST quality security infrastructure. All of this means security presents an opportunity to sustainably differentiate your business.
As they say, the best offense (i.e., growth) is a great defense (i.e. security). And while seven is considered a lucky number in many cultures, luck is NOT a security strategy.
Create, Educate, and Enforce security policies.
Many plants don’t even have the most basic security policies written down. Start by drafting and implementing a set of written security policies and procedures for your plant that will, for example, outline who should be able to access what assets, define acceptable asset use, and define reporting mechanisms for events. Your written policies should also contain an incident response plan including any procedures to restore critical production systems after a security event.
Lock down your factory with defense-in-depth security.
The more connections you have in your manufacturing environment, the more chances for a breach. No single technology, product, or methodology can fully secure your network. Protecting critical manufacturing assets requires a holistic approach that uses multiple layers of defense—physical, procedural, and digital (network, device, application)— to address different types of threats. A basic mapping exercise will help you get started, providing an inventory of all the devices and software on your network.
In : Factory Security
Tags: factory security manchester