Network & Cyber Security
Modern networks generate data that describe current and change of status within a device. Un-configured this data remains hidden, simply logged away internally until over written. In the event of a network compromise whether intentional or not, this data holds the key to the source and extent of the compromise.
When the world changed
It is widely accepted that the world changed on September 11th 2001. Nation state threats, the convergence of enterprise and industrial network technologies on Ethernet and TCP/IP and the emergence and continued development of the Cyber Threat has led to new and potentially game changing challenges for automation systems and Engineers alike. Add in to the mix the fact that legacy ICS technology - PLCs/Controllers/ RTU has proved to be extremely reliable and these assets are being well and truly sweated!
Nearly 20 years on, strategies are being developed at the highest levels of Government to assist industry in addressing these challenges. The recently formed National Cyber Security Centre (NCSC) provides excellent guidance on these matters one recent set of papers Security for Industrial Control Systems (SICS) is a must read for those given responsibility for finding solutions. At the plant level has that much really changed? Is the automation network now being treated as a critical fully managed OT utility or still the simple connectivity replacement for those legacy serial networks of the past?
OT =/= IT
Operational Technology (OT) aka SCADA differs from Information Technology (IT) in a variety of ways. OT systems are typically distributed with a fundamental reliance on the automation network for basic operation. The OT system will typically operate 24/7/365 and comprise a wide range of networked devices, many of which are ‘weak’ in terms of modern IT system standards. This can make them particularly vulnerable to mis-configuration, misuse of other cyber related challenges - a soft target! Furthermore traditional defences of Anti-Virus (AV) and Anti Malware may not be activated because of potential impact to the primary OT operation.
Cyber information overload
What will become apparent after the first few hours of research is there is so much that could and may need to be done; it will be deciding upon what should be done first, by who and when that needs to be defined. A challenge that seems too big at the outset needs to be broken up into smaller achievable objectives.
Time to partner?
IT4A can help OT managers responsible for network security focus on the activities that will bring the most significant return in a reasonable timeframe and budget. Starting with a network review, in cyber talk this would be a 'blue team' exercise. IT4A can identify the gaps between good practice and the installed system. With the key network design and security challenges documented, activities can be scheduled to fast track remediation of the high priority activities posing the greatest risk to the business. The information gathered during the network review will form the basis of the next steps towards any Cyber certification - Cyber Essentials through to ISO27001. Let IT4A help you secure and optimise your OT infrastructure.