Nowadays, more and more businesses understand that digitalisation is necessary for them to thrive. A 2019 Deloitte Smart Factory study found that 86% of manufacturers felt their smart factory initiatives would be the main driver of competitiveness over the next five years. In 2020, these initiatives have been accelerated due to the global pandemic. In a recent report by the World Economic Forum, ‘Building Resilience in Manufacturing and Supply Systems in the Covid-19 Context and Beyond’, suggests that manufacturers adopt new working models to increase manufacturing resilience. However, as we face the current crisis, accelerating digitalisation alone is no longer sufficient. In this article, we will explore how to build resilient industrial networks and deploy cybersecurity defences in order to sustain continuous industrial operations.
The importance of countermeasures
The start of a cybersecurity journey often begins with a risk assessment. After this, companies can establish relevant security policies. In order to implement these, it is worthwhile to create a security architecture to help achieve secure network infrastructure. For instance, regulating who can access the network by utilising access control lists. Finally, companies can proactively monitor and respond to cybersecurity incidents by implementing industrial cybersecurity countermeasures on OT networks.
Countermeasures such as firewalls strengthen the perimeter defence of industrial networks. These provide effective vertical protection to bar people who do not have permission to access the network. However, when someone manages to get through that, or engineers accidentally dispatch a wrong command inside the network, there are no measures to mitigate the risks that can result. Therefore, deploying horizontal protection such as virtual patching and an IDS (intrusion detection system) or IPS (intrusion prevention system) is also important. In the following sections, we will consider how both vertical and horizontal protection measures have significant roles to play in securing industrial networks.
1. Vertical protection – build secure network infrastructure to implement security policies
Industrial networks have often been pieced together over years, or even decades. Therefore, gaining visibility into the network and its various components and architecture can be a challenging first step.
Network segmentation is a fundamental precaution that can ensure only certain traffic can flow within designated areas.
Standards such as IEC 62443 can be very helpful in identifying policies that make sense for industrial networks.
2. Horizontal protection – deploy industrial cybersecurity to monitor and respond
Although north-south (vertical) traffic is well managed and the defence is well built, employees, vendors and contractors might still have direct access to the network. If there are no protection measures, this inadvertently allows them to bypass traditional protections such as firewalls and possibly introduce viruses or malware onto industrial networks. This is why horizontal protection, such as virtual patching and intrusion prevention, is crucial to protect critical assets such as PLCs and HMIs.
Industrial IPS safeguards critical assets
Since PLCs and HMIs are designed to control production processes, if the communication between PLCs and the control centre is compromised, or HMIs malfunction, it could cause damage to assets or even personnel. Therefore, it is important to prevent any unauthorised protocols or functions going through PLCs and HMIs. An industrial IPS features OT-centric Deep Packet Inspection technology, which can identify multiple industrial protocols and allow or block specific functions, such as read/write access. This way, users can be more confident that the traffic on their industrial networks is trusted and non-malicious.
Virtual patching protects unpatched devices
As a rule, devices should be kept up-to-date in order to prevent cyber threats. However, in industrial networks, it is sometimes less than ideal to stop operations to perform the updates. Furthermore, updates may not be available for these critical assets. For instance, some HMIs are running on Windows XP, which is no longer supported by updates. Under such circumstances, virtual patches play an important role to safeguard critical assets from the latest cybersecurity threats.
Moxa combines industrial networking and cybersecurity expertise to provide layered protection for industrial networks.
|Tel:||+27 11 781 0777|
|Articles:||More information and articles about RJ Connect|
© Technews Publishing (Pty) Ltd | All Rights Reserved