Articles about Industrial Cyber Security

Articles about Webinar

 

July 22, 2021

CHOOSING THE RIGHT FIRM TO PROTECT YOUR BUSINESS: THE 3 FUNDAMENTALS OF CYBER SECURITY TODAY

In our previous articles, here and here, we outlined the dangers modern industry is facing when it comes to cybercrime. With malware and ransomware attacks endangering entire critical infrastructures, resulting in exponential financial and production losses, there is an unprecedented need to direct your attention to digital protective plans – and fast. 

Today we’ll talk about what are the necessary steps to take in protecting your company, and what criteria to apply when selecting a cyber security partner firm for your business.

COMMON CYBER SECURITY CHALLENGES

Digital transformation, a central trend of Industry 4.0, has been on the slower side for most critical infrastructure sites, due to their size and complexity of operations the transition requires. This has made these organizations particularly vulnerable to cyber attacks in recent years.

There are several fundamental cyber security challenges currently occurring in this field:

  1. Most of these sites possess control systems built before the digital transformation trend;
  2. Even when cybersecurity became a talking point within the industry, most opted for measures that have since become obsolete;
  3. Malware is becoming more advanced and sophisticated with every day, making the attacks harder to predict and prevent.

For anyone looking to develop or update their cyber security strategy in these conditions, it is recommended to choose a company that offers a “bottoms up” approach.

 

THE “BOTTOMS UP” APPROACH

Traditional implementation of security measures for critical infrastructure typically takes a top-down approach, but in recent years a bottom-up strategy has been more and more the way to go. This paradigm shift in protection approaches establishes cyber protection on a more granular level and focuses the attention onto critical points of impact – the operational technology infrastructure.

There is one defining quality to this process – merging your IT with your OT, ie. putting cyber protections on physical equipment. Involving IT teams with your OT team also offers the possibility of a much higher level of monitoring and protection, thanks to integration of control systems. 

You should look into companies that offer a defense-in-depth solution plan such as this, which is, due to its comprehensiveness, the most sensible approach to cyber security today. These defense plans should be based on three elementary and equally important steps of new security protocol implementation: identification of potential security gaps, multi-faceted protection strategy, and continued operation and maintenance.

 

1. IDENTIFY THE THREAT

Depending on whether you are building your security system from the ground up, or want to tighten your security protocols, the approach to implementation or development of protection strategy remains the same.

If you are just looking into developing your security fundamentals, then you would do well to consider cyber security firms that have a team of software developers on retainer. With preliminary consultations about your overall business flow and strategy, ICS security experts should be able to design and configure your entire internal network and control system, in order to maximize their performance, reliability and security.

For companies that want changes being made to their existing protection plan, the chosen cyber security partner should always begin with an in-depth inventory of current infrastructure. This allows the team to identify and document all your ICS assets. Some companies develop ICS asset inventory through physical assessment and passive network discovery. Along with this option, ATS offers another solution that leverages data flow diagrams and ICS vulnerability assessment in order to create a more complete picture of your advantages and possible vulnerabilities. These diagrams represent an accurate map of all the internal networks of your infrastructure, the flow of data, and all devices connected to the network – making it easy to spot irregularities or transgressions within the system.

However complex ICS asset inventory may be, it still represents just the first step of a layered, extensive process needed to cover all of your cyber security fundamentals. 

The next step would be hardening of monitoring and control you have over your infrastructure – a procedure that comes in many forms.

Preliminary inquiry

2. MULTI-FACETED PROTECTION PLAN

When consulting with potential partners, it is important to note how many diverse options for protection they offer. If the cyber security firm in question specializes in just one narrow strategy within the field, chances are large portions of your system will remain inadequately or unsuitably protected. For optimal results, it is recommended to partner with a service that can strategize, develop and deploy multiple security techniques at a time. Here’s some of them.

 

FIREWALLS

In looking into basic starter protection packages, most companies opt for a simple firewall solution, as they are considered to be very reliable tools.

When choosing firewalls as your protection of choice, what’s most important is finding the software that would best complement your system and operational plan.

Selecting a ready-made solution often leads to a longer implementation and adjustment time, with the risk of unforeseeable complications and possible room for error along the way. 

A better choice are firewall programs custom designed for your business, such as ATS offers.

Firewall

ICS SECURITY HARDENING

Hardening an ICS is an especially diverse protection plan that can involve establishing security perimeters, decoupling ICS and business systems, logging user activities, removing unnecessary functions, and protecting exposed interfaces. 

As part of ICS Cybersecurity Vulnerability Assessment, ATS deploys many of these techniques, for both new systems and existing ones – in order to close all security gaps discovered.

SEGMENTATION

As the threat of malware grows for the critical infrastructure industries across the world, causing unprecedented production losses and upsets in ICSs, the number one defense strategy against viruses has been universally agreed to be network segmentation.

Network partitioning, segmentation or zoning is one of the final break points before hostile take-over of your system could be completed. Often it is exactly this last line of defense that buys you time to locate and isolate the intrusion. Therefore, it is of crucial importance to partner up with a firm that understands the advantage of asset zoning, and has the means to carry this process out with foresight and control.

Developing an access control plan for your OT and IT based on business criteria you deliver means restricting access according to multiple factors. Those can be assorted by individual user or group, then according to different protocols, networks, devices, or even time of day. With proper segmentation enforcement, any potential damage is quickly localized and managed internally without even the possibility of the attackers infiltrating the network further.

ATS has experience with implementation of access control strategies from the simplest to the most complex proportions: from developing individual solutions for specific control systems, then distributing zoning codes on the level of an entire plant, finally, even managing the network segmentation of entire corporations. 

When deployed together in an efficient and measured way, all of the strategies mentioned make for an impenetrable system.

 

3. OPERATION AND MAINTENANCE

Finally, the last important service your company of choice should offer you is forward-thinking – that is to say, a sustainable solution and a steady support system. While the implementation of all the previously mentioned security measures represents an impressive and complex process in its own right, what’s most important is for these measures to be applied evenly, to be regularly checked and for minor faults to be quickly sanitized. 

One of the possible problems that can occur, for example, after the implementation of your new security protocol, is the need for patch management, or loss of critical data on one of the ICS servers, which requires implementing automated backup and restore systems.

If a company offers a one-time solution, that doesn’t cover for future maintenance and upkeep, and does not possess a client satisfaction team that would be there to provide answers to any possible future questions, you should look into other options.

ATS has been in the ICT field for 18 years and our expertise includes System Integration, Maintenance, and Support, along with Advisory and Consultancy. For more information about the advanced cyber security services we offer click the image below.

Related Posts