More and more connected cyberattacks are exposed to which industrial security services choose to protect the OT (Operational Technology) infrastructure. Industry 4.0 is closely linked to the connection of systems, which allows greater efficiency in the production sector on a global level, thanks to the analysis of the enormous amount of data obtained from the connected machines and centralized control of the plants. In a context where the need to connect to the web is increasing, the risk of being the subject of a cyberattack rises dramatically.
The OT infrastructure is increasingly exposed to the potential threats of the World Wide Web precisely because it has gone from a condition of complete isolation to one of connection to complex network infrastructures. The data networks of industrial plants historically developed on a single layer without any segmentation or control of any corporate body that regulated them.
Industrial Safety: Choosing A Reliable And Experienced Partner Makes The Difference
Cybersecurity, a phenomenon common to many Italian production plants, is a rather critical state of the art. Alarmism aside, often, the management of the safety of the OT environment is entrusted to an IT department that applies unsuitable rules for industrial control systems, for example, by installing perimeter protections but neglecting to segment the plant network, typically flat, that is, not organized by layers.
The criticalities are quite evident because in the case of malware conveyed using a pen drive, for example, inserted recklessly by an operator or maintenance technician. This inconsistent configuration of the protection measures is due to a lack of experience in the field of industrial automation; for example, a firewall configured with active protection from OT to IT but not vice versa, if not considering the possibility that an attack could be launched on IT to paralyze production; it is no coincidence that the victims of the phenomenon of spear phishing, typically, do not work in the factory but in the Office environment.
Securing industrial control systems in an OT environment requires the use of specific methodologies that differ from those used to defend an IT environment; this is because the needs of the two ecosystems are pretty distinct: in the OT environment, the main objective is to safeguard the continuity of production (availability) taking into account the peculiarities of the environment itself such as, for example, the obsolescence of some systems; on the contrary, in the IT environment the primary purpose is to ensure the confidentiality of information.
Companies must therefore be able to take advantage of industrial security services specifically designed for the world of automation and use the best consultant to offer specific cybersecurity solutions for the OT environment. As we have seen before, in the digitization process of a company, protecting the efficiency and availability of production assets is essential but not always easy. Using a reliable and experienced partner along the entire digital transformation journey becomes crucial.
Security: From The Assessment Phases To Optimization, For A Secure System
Assess Security
First, a transparent and thorough assessment of the corporate security level is essential. Siemens examines companies’ industrial control systems that request them for specific vulnerabilities and considers the degree of exposure to possible risks according to an approach based on risk assessment. Examines the company systems in search of particular vulnerabilities and degree of exposure to potential risks: it carries out an inventory of the devices in the field and detects the current network topology, carries out a Security Assessment according to the reference standard IEC 62443, identifies the vulnerabilities (Vulnerability Assessment using Ethical Hacking and Penetration Test), and defines the most effective rules and measures about the network architecture of the plant. In detail,
- Industrial Security Check: quick assessment of a day at the plant;
- IEC 62443 Assessment: identifies security risks and defines measures to mitigate them
- ISO 27001 Assessment.
- Threat & Vulnerability Assessment: analytically identifies, classifies, and evaluates according to a “risk-based” program.
- Scanning Services or detailed inventory of OT assets through inventory tools.
Implement Security
In terms of Cybersecurity, in addition to implementing innovative methods and cutting-edge technologies for risk mitigation, Siemens defines organizational measures and provides training to plant personnel: from the production manager to the line operator. Because of the amount of data relating to machinery, both for performance control and maintenance purposes, safely reaching the IT level as continuity of operation must be essential using mechanisms designed to guarantee it (network redundancy, automation cell segmentation, disaster recovery, etc.).
Currently and commonly, there is little or no training on cybersecurity issues within production environments, only basic knowledge with an IT approach, often aimed only at office staff (purchasing, administration, etc.). However, taking into more significance because even the personnel in the OT world are exposed to risks due to external cyberattacks and human error, it is necessary to increase the awareness of the production staff on security issues to reduce the risk of accidents drastically. In detail, Siemens offers the following services:
- Security Awareness Training: specific and personalized online training on Cybersecurity for production environments.
- Industrial Security Consulting
- Automation Firewall Next Generation: the first line of defense against structured threats.
- Application Allow listing
- Antivirus
- Industrial Anomaly Detection: to ensure communication transparency between the various production assets.
Manage Security
The theme of industrial safety envisages a set of actions to be implemented cyclically because the level of protection achieved today could be insufficient tomorrow; Unfortunately, not a day goes by that hackers do not develop ever more sophisticated methods to easily breach what up until a moment before could have been considered “safe.” Siemens is committed to ensuring that its strategy and measures are constantly adapted to new scenarios and security standards which are also continually evolving, guaranteeing transparency and early detection of threats and offering complete management systems for software updates (patch management) necessary to maintain the desired level of security. In detail, Siemens provides the following services:
- Industrial Security Monitoring
- Industrial Vulnerability Manager
- Patch Management
Also Read: Cybersecurity: What Awaits Us In 2021