classic | mobile
 

Search...

SA Instrumentation & Control Buyers' Guide

 

A false sense of cybersecurity in industrial control systems
October 2017, IT in Manufacturing


“It won’t happen to us. What would anyone gain from attacking us?” this is all too often the message from companies, who have the mistaken impression that they are safe from cyber criminals and the huge damage that they can cause from cyberattacks. “I have an endpoint security solution and a firewall, so I’m safe.” Unfortunately, in the industries of today’s modern world there is no such thing as total and complete cybersecurity, as the most secure computer, the most secure HMI and the most secure industrial control system (ICS) switch, are those still sealed in boxes.

Although companies think that they are doing a better job at protecting and securing their data and operations on their ICS, cyber-attacks are becoming more sophisticated and they are increasingly targeting control systems. While some companies have made considerable security improvements, they have not kept up to date with today's well funded and determined cyber criminals. As much as companies have done to improve their ICS security posture, the cyber-criminal gangs have done better. ICS security incidents are up and technologies like cloud, Big Data, IIoT and Bluetooth are being embraced before the potential risks have been identified and addressed.

Cybersecurity is also no longer just a technology or an ‘IT issue’; it has become a fundamental business issue. Business needs to understand that they have to start incorporating cybersecurity into their future plans and strategy. With the business driving the industry towards the cyber-physical realm with more interconnected systems, the risks are increasing exponentially. The positives for these interconnected systems far outweigh the negatives, and companies are adopting these ‘new technologies’ in order to gain a competitive edge in the market by helping to improve productivity and enhance system controls. But failure to incorporate an adequate cybersecurity strategy, failure to have a resilient back-up plan, will result in your company becoming increasingly vulnerable to a growing number of cyber threats.

To put this into perspective, if your company is a victim of a cyberattack, how would you and your colleagues respond to that attack? Are you confident that the critical assets in your control systems have been backed up, and more importantly, are you sure that all of the critical assets have been correctly identified? Do you trust that your business continuity plan will have your company up and running again in a predefined space of time, in order to continue production? These are some of the questions that need to be tabled at both board and at senior management level.

Though technology plays a critical role in ICS cybersecurity, it does not help to think that by implementing a cybersecurity solution you will no longer be at risk. Anyone who tells you that they have a silver bullet solution regarding ICS cybersecurity is trying to sell you magic beans. The cybersecurity risks come from both external parties (cybercriminal) and internal entities (from staff), and attacks can be deliberate, targeted, technology issues or just simple carelessness. Therefore, the cybersecurity approach in ICS environments needs to be holistic and layered. It is a combination of technology, adequate training to both your security team members and general staff, designing a secure ICS network and enforcing policies and procedures.

Cybercrime is nothing new, but incidents specifically targeted at operational technology (scada systems for instance), is making the headlines like never before with companies across the globe suffering high profile and damaging breaches. Locally within South Africa (and Africa), we have been fortunate so far, as cyberattacks launched locally against manufacturing, mining and critical infrastructure, have been minimal with only a few reported incidents, but the scary stat is that these attacks are increasing.

For more information contact Tommy Thompson, Nclose, +27 (0)11 463 0096, tommy@nclose.com, www.nclose.com


Share via email     Share via LinkedIn   Print this page

Further reading:

  • Kick-start the organisation’s IIoT/Industrie 4.0 journey
    November 2017, RJ Connect, IT in Manufacturing
    Consequently, these challenges have set in motion a number of changes in factories, culminating with the introduction of new technologies and concepts. As optimal production is pivotal in the age of ...
  • Soteica Visual MESA solution for thermal power plants
    November 2017, Yokogawa South Africa, IT in Manufacturing
    However, many TPPs face problems in optimal load distribution and optimal planning of equipment, operational monitoring of key performance indicators, as well as avoiding penalties by minimising harmful ...

  • November 2017, IT in Manufacturing

  • EcoStruxure for mining and metals
    November 2017, Schneider Electric South Africa, IT in Manufacturing
    Redefining power and automation technologies makes it easier to deploy digital capabilities.
  • IIC launches smart factory ­machine learning testbed
    November 2017, IT in Manufacturing
    The Industrial Internet Consortium (IIC), the world’s leading organisation transforming business and society by accelerating the adoption of the Industrial Internet of Things (IIoT), has announced the ...
  • The IoT.nxt big thing
    October 2017, IT in Manufacturing
    Future-proof digital platform bridges the operational silos of traditional legacy systems.
  • The potential value of manufacturing analytics
    October 2017, Absolute Perspectives, This Week's Editor's Pick, IT in Manufacturing
    Mature analytics organisations understand the value of using digital technology to tap into data to achieve better business performance.
  • Tomorrow’s digital technologies take flight at Aerosud Aviation
    October 2017, 1Worx, IT in Manufacturing
    This article deals with the implications of the changes for South Africa and how these could best be leveraged to support objectives as spelled out in the NDP, namely industrial growth, exports and the creation of high-value employment opportunities.
  • New technology automates Modbus routing setup in gateways
    October 2017, RJ Connect, IT in Manufacturing
    Save time and money when configuring and managing a large number of Modbus devices.
  • Emerson upgrades handheld communicator
    October 2017, Emerson Automation Solutions, IT in Manufacturing
    The AMS Trex Device Communicator leverages industrial IoT solutions to improve reliability decision making.
  • Next-gen MES Technology
    October 2017, This Week's Editor's Pick, IT in Manufacturing
    Manufacturing execution systems (MES) can help manufacturers and other industrial organisations reduce costs while improving operations, collaboration, asset management, workflow and safety. Specific ...
  • Rockwell Automation expands MES applications
    October 2017, Rockwell Automation, IT in Manufacturing
    Rockwell Automation continues to develop its scalable MES applications to allow operations to configure their environment without programming, add more applications, increase DCS process system integration, ...

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual





 

         
    classic | mobile

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.