Cyber Securities

Home>Topics>Cyber Securities
Refine Results
  1. All
  2. Articles
  3. Online Articles
  4. Magazine Articles
  5. Videos
  1. Protecting operational technology

    Operational technology (OT), including industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, is becoming increasingly connected. Along with the important benefits of connected industrial operations come significant cybersecurity risks. In particular, security experts across all industrial sectors are struggling to minimize the enlarged attack surfaces and other cybersecurity vulnerabilities created by the merger of OT infrastructure with IT networks. In 2015, the SANS Institute conducted a surveyed of ICS security professionals around the world. The survey results found that 34 per cent of respondents believed that their systems had been breached more than twice in the past 12 months, posing a severe risk to the reliability and availability of their plants. Complex OT environments Why is it such a big challenge to secure a large industrial operation? The scope of the task, diversity of equipment and vendors, shortage of resources and lack of integrated and automated procedures all complicate the process of effectively protecting OT infrastructure. This is certainly the case for most energy and utility companies. OT environments often include thousands of field assets across multiple production facilities, many of which are remote field locations and some of which are unmanned. At the same time, these assets have been installed by multiple vendors over many years and rely on proprietary hardware, software and communication protocols that were not designed with any security capabilities. More importantly, many energy manufacturers and utility companies have not created an integrated policy to protect their industrial assets and operational equipment, even though their OT infrastructure is increasingly interconnected with their IT networks. In parallel, there are generally no policy definitions for the roles and responsibilities among the plant facilities, operation and control teams, and corporate IT security staff. Despite investments in standalone security tools, most energy and utility companies are still forced to use manual processes and are not in the position to implement an integrated and automated approach for protecting their OT environment. Top-down and integrated approach A top-down and integrated approach is required to effectively protect an OT environment. “Top-down” implies that all policies, procedures and technology solutions are driven by the corporate operation and control team. “Integrated” means that all the intersection points among IT and OT, remote plants and head office, and involved third parties must be taken into consideration when enforcing policies and executing procedures. However, as a best practice to ensuring the success of a top-down security strategy, complete visibility and a full asset inventory must first be obtained and secure connectivity among these operational assets must also be established. Once these two perquisites have been achieved, the following are recommendations for a top-down, integrated strategy that can be applied to protect the OT infrastructure: ·          Operation-wide policies and procedures for securing the operational assets should be clearly defined by the corporate operation and control team;   ·          Granular policies by plant, asset and user identity should be included in these policies; ·          Security policies should be deployed centrally and enforced locally in order to protect any network segregation; ·          Enforcement should be fully automated and include monitoring for policy violations; ·          If there is a policy breach, an incident alarm should alert security analysts to begin investigating the event; ·          If an incident does occur, authorized personnel must have the ability to promptly access an asset for incident response; ·          Backup and restore procedures should allow recovery from an incident; and ·          Risk management and compliance reports should be run by the corporate office. This list of recommendations may seem obvious, although in complex, multi-site industrial environments, this is a complex task. Security essentials The main purpose of OT security activities should be protecting the field assets. These are the operational equipment that, if compromised, will pose the largest risk to operational safety, integrity and efficiency. To meet this objective, energy and utility companies should focus on the security essentials. What this means is that the basic security activities should be done correctly through automated and repetitive processes that cover the entire OT environment. The following are examples of many security essentials that must be performed to protect OT infrastructure: ·          Schedule verification processes to check that qualified operating system patches and antivirus signatures are installed along with triggers to automate processes to install updates; ·          Schedule the collection and transfer of device logs to a centralized Security Information and Event Management (SIEM) system for correlation and alerting, if necessary; ·          Schedule the monitoring of ports, services and applications against the organizational whitelist and blacklist policies; ·          Manage remote access authorization, privileges and accountability; ·          Generate compliance reports to monitor that company and regulatory requirements are being met and determine if any fixes are required; and ·          Schedule regular scans of IP address ranges and create alerts for any unexpected changes, such as a new device on the list or a device that is not acknowledging its presence. Security posture and compliance Considering the scale of operations and consequences of a security breach, protecting an OT environment is a complex task. To simplify the complexity and reach an improved security and compliance posture, energy and utility companies should pursue a top-down, integrated approach for defining, automating and enforcing policies and procedures. Those policies should focus on protecting the operational assets and their enforcement should be fully automated. Energy and utility companies must do the basic security essentials properly — those security essentials that, if implemented correctly, will bring the highest security ROI. Once these essentials are covered, an energy or utility company will then be in a position to implement and benefit from additional, and more advanced, security measures. Shmulik Aran is CEO of Nextnine, a provider of security management solutions for connected industrial control system environments. This article is the fourth and final article is a series on OT security management for the energy supply industry. The  first article presented an overview of the OT security challenges faced by energy and utility companies connecting their IT and OT operations and offered three recommendations for improving the security posture of a connected operational environment. The  second article looked at the importance of network visibility and operational asset inventory and the third article analyzed approaches for establishing secure connectivity among operational assets.  

    Online Articles

    Online Articles

    Thu, 1 Dec 2016

  2. What you can do to decrease operational risk part II: Securing your supply chain

    The electricity industry faces significant risks to its operations via an exposed supply chain—potentially resulting in embedded access and future control by U.S. enemies enabled by compromised equipment

    Online Articles

    Online Articles

    Wed, 23 Nov 2016

  3. New poll finds energy storage vital for European power sector

    Energy storage is seen by power industry professionals as the most vitally important area for the European electricity sector over the next two decades.

    Online Articles

    Online Articles

    Wed, 30 Nov 2016

  4. FERC cybersecurity safeguards pass muster with OIG

    In short, OIG and KPMG found that the FERC program was satisfactory

    Online Articles

    Online Articles

    Mon, 14 Nov 2016

  1. New Cybersecurity Jobs Index From ISACA Shows Skills Gap Is Growing

    Online Articles

    Online Articles

    Fri, 14 Oct 2016

  2. Pan-industry JIP assesses cyber security risks

    Platform operators need confidence that countermeasures can deal with bigger and more sophisticated cyber-attacks, claims DNV GL.

    Online Articles

    Online Articles

    Thu, 29 Sep 2016

  3. Safety products: Cyber security solution for utility operational networks

    Safety equipment: RAD and Check Point introduced end-to-end cyber security solution for utility operational networks.

    Online Articles

    Online Articles

    Mon, 9 May 2016

  4. World Energy Council releases report on cyber security and energy facilities

    The World Energy Council has released The Road to Resilience – Managing Cyber Risks, the third report in a series about Financing Resilient Energy Infrastructure.

    Online Articles

    Online Articles

    Wed, 5 Oct 2016

  5. EnergySec announces industry advisory board

    The board will advise EnergySec leadership on key security issues affecting energy organizations

    Online Articles

    Online Articles

    Tue, 1 Nov 2016

  6. Monitoring system: Cyber security solution for industrial automation

    Safety products: Tripwire provides unified visibility for networks, endpoints and controllers.

    Online Articles

    Online Articles

    Mon, 27 Jun 2016

  7. Siemens Opens Cyber Security Centers in US & Europe

    Siemens (NYSE: SI) opened its Cyber Security Operation Center in Europe and the U.S. to protect industrial facilities worldwide.

    Online Articles

    Online Articles

    Thu, 17 Mar 2016

  8. Safety products: Managed cybersecurity services

    Utility safety: Vencor Labs to provide the Sacramento Municipal Utility District with managed cybersecurity services.

    Online Articles

    Online Articles

    Tue, 4 Oct 2016

Get More Results