How would you react to find an intruder had been in your house undetected for 229 days? Well this is a similar case for people and their manufacturing facilities. The average time between a cyber-security breach and its detection is 229 days. Leading the list of potential targets, is manufacturing facilities, for cyber espionage, denial of service (DoS) and web-application attacks.
Martyn Williams, Managing Director of industrial automation software supplier, COPA-DATA UK, discusses three steps manufacturers should take to stay safe in the cloud.
As the manufacturing sector moves towards industrial automation, the IoT and the cloud, the number and nature of cyber threats is also growing. A decade ago, user security was the IT department’s responsibility. Connected devices, the collapse of traditional industrial automation architecture and the move to the cloud means cyber security needs to take centre stage in any manufacturing facility.
Hackers traditionally targeted the IT and enterprise systems, but now manufacturers are seeing the same threats on their production lines, sensors, PLCs and SCADA systems. Traditional security focussed on passive defence, but increasingly advanced attacks require a different approach.
The one thing manufacturers need to understand is that any industrial automation system today is vulnerable to cyber-attacks. The only way of taking advantage of the benefits of IoT and the cloud is to stay vigilant and use industry best practice. Industrial security is no longer the IT department’s concern, but a 24/7 job for everyone, including those in the boardroom.
From Intellectual Property (IP) to trade secrets or critical production data, most departments in your organisation have sensitive information that could be the target of cyber-attacks. The first step is to identify these valuable data assets and restrict access to them by ‘hiding’ them behind additional layers of protection and encryption.
Manufacturers can protect valuable production data using industrial automation software that has comprehensive security features, such as strong encryption, secure user administration and digital file signatures to recognise bogus programs. Software that allows you to allocate password-protected access to individual users is particularly beneficial because it empowers manufacturers to create individually configured access levels for different users. This means only authorised users gain access to valuable information.
One of the biggest concerns many people have about cloud computing is that once data is in the cloud, it can be accessed by unauthorised users with malicious intentions. However, there is a significant distinction to be made. Validated software and cloud computing providers help ensure that their cloud is protected at the physical, network, application and data layers so that their services are as resilient to attack as possible and client data remains safe.
The problem arises when user’s store or access company data through alternative devices or consumer cloud solutions. The most common ones are personal smart phones, tablets or e-mail addresses.
Bring Your Own Device (BYOD) was an industry trend five years ago, today it is a reality. Employees everywhere use their own devices to access work e-mails, remote monitoring applications, CAD designs and other sensitive information. Unfortunately, this practice exponentially multiplies the risks of a cyber-attack.
However, manufacturers can’t afford to hide their heads in the sand and hope BYOD will go away. Your best bet is to train your employees on the best-practice use of BYOD and reduce the number of devices and applications used to access company data. BYOD is not a replacement of corporate devices; it should be a controlled strategy to enable mobility.
Slowly, but surely, industry is starting to outline and implement cyber security standards to make industrial networks, devices, software, processes and data more secure. For example, the NIST Cyber Security Framework published in the US compiles leading practices from several standard bodies. There is no such thing as a fool proof formula, but NIST is a good place to start.
For Industrial Automation and Control Systems (IACS), IEC-62443 offers industry guidance that allows end users, systems integrators, security practitioners and the designers and manufacturers of industrial automation and control systems to work to the same standards. This results in a comprehensive and secure hardware and software system, the basis of any cyber-secure manufacturing facility.
Although cyber security in today’s connected factory is never 100% airtight, best practice helps manufacturers detect threats early and address them in an effective way. This means your industrial security system will be able to spot intruders early rather than after 200 days when it might just be too late.