“It won’t happen to us. What would anyone gain from attacking us?” this is all too often the message from companies, who have the mistaken impression that they are safe from cyber criminals and the huge damage that they can cause from cyberattacks. “I have an endpoint security solution and a firewall, so I’m safe.” Unfortunately, in the industries of today’s modern world there is no such thing as total and complete cybersecurity, as the most secure computer, the most secure HMI and the most secure industrial control system (ICS) switch, are those still sealed in boxes.
Although companies think that they are doing a better job at protecting and securing their data and operations on their ICS, cyber-attacks are becoming more sophisticated and they are increasingly targeting control systems. While some companies have made considerable security improvements, they have not kept up to date with today's well funded and determined cyber criminals. As much as companies have done to improve their ICS security posture, the cyber-criminal gangs have done better. ICS security incidents are up and technologies like cloud, Big Data, IIoT and Bluetooth are being embraced before the potential risks have been identified and addressed.
Cybersecurity is also no longer just a technology or an ‘IT issue’; it has become a fundamental business issue. Business needs to understand that they have to start incorporating cybersecurity into their future plans and strategy. With the business driving the industry towards the cyber-physical realm with more interconnected systems, the risks are increasing exponentially. The positives for these interconnected systems far outweigh the negatives, and companies are adopting these ‘new technologies’ in order to gain a competitive edge in the market by helping to improve productivity and enhance system controls. But failure to incorporate an adequate cybersecurity strategy, failure to have a resilient back-up plan, will result in your company becoming increasingly vulnerable to a growing number of cyber threats.
To put this into perspective, if your company is a victim of a cyberattack, how would you and your colleagues respond to that attack? Are you confident that the critical assets in your control systems have been backed up, and more importantly, are you sure that all of the critical assets have been correctly identified? Do you trust that your business continuity plan will have your company up and running again in a predefined space of time, in order to continue production? These are some of the questions that need to be tabled at both board and at senior management level.
Though technology plays a critical role in ICS cybersecurity, it does not help to think that by implementing a cybersecurity solution you will no longer be at risk. Anyone who tells you that they have a silver bullet solution regarding ICS cybersecurity is trying to sell you magic beans. The cybersecurity risks come from both external parties (cybercriminal) and internal entities (from staff), and attacks can be deliberate, targeted, technology issues or just simple carelessness. Therefore, the cybersecurity approach in ICS environments needs to be holistic and layered. It is a combination of technology, adequate training to both your security team members and general staff, designing a secure ICS network and enforcing policies and procedures.
Cybercrime is nothing new, but incidents specifically targeted at operational technology (scada systems for instance), is making the headlines like never before with companies across the globe suffering high profile and damaging breaches. Locally within South Africa (and Africa), we have been fortunate so far, as cyberattacks launched locally against manufacturing, mining and critical infrastructure, have been minimal with only a few reported incidents, but the scary stat is that these attacks are increasing.
For more information contact Tommy Thompson, Nclose, +27 (0)11 463 0096, tommy@nclose.com, www.nclose.com
© Technews Publishing (Pty) Ltd | All Rights Reserved