domingo, 19 mayo 2024
Visitas totales a la web: 89656505

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

How COVID-19 is affecting manufacturing cybersecurity

John Livingston. CEO of Verve Industrial Protection.

Forward-looking organizations realize they need the same level of aggressiveness to protect assets as they have done for COVID-19 risk reduction. A three-pronged strategy on securing essential infrastructure is highlighted.

COVID-19 created the greatest disruption to manufacturing since World War II, and its implications on control system cybersecurity will be as dramatic. Forward-looking organizations now realize they need the same level of aggressiveness to protect their assets as they have used to lower risk from COVID-19. A three-pronged strategy helps close the cybersecurity gap to ensure essential infrastructure continues to operate in the new normal.

COVID-19 is one of those “exogenous shocks” that accelerates the pace of change overnight. For the past 15 to 20 years, control systems have evolved to greater connectivity and use of commercial off-the-shelf components, more recently referred to by brands such as “Industry 4.0” and “IIoT.” The change of pace, however, is evolutionary rather than revolutionary. These initiatives require organizational change, technical proof of concepts, capital investments, upgrades to control systems, etc. All of this takes time.

Then COVID-19 happened. Suddenly, within the course of four to six weeks, organizations found remote management of facilities became a necessity.

To maintain safe operations, on-site staff has been reduced to essential employees, delaying or remotely conducting cybersecurity tasks. Remote access into industrial facilities has grown more in the past six months than in the past six years as travel and onsite access was restricted. While organizations had discussed the benefits of remote access and monitoring for years, the COVID-19 crisis forced their hands, whether ready or not.

It will be difficult, if not impossible, to put the genie back in the bottle. Because the economic disruption has lasted longer than anticipated, new business processes become more ingrained, leaders become invested in new approaches, test cases and proofs of concept now exist and the status quo shifts. What was seen as a short-term fix has become a permanent change.
COVID-19 also is driving a long-term shift in strategy of where production will happen. Long, complex, global supply chains are giving way incrementally towards onshoring critical components. As the economy recovers, industrial organizations must invest in new capacity to manufacture domestically. These facilities will likely push the boundaries of “connected industry” or “Industry 4.0” using the model of the pandemic operations as a guide.

ICS/OT cybersecurity: Promise, peril

Some may argue COVID-19 was a necessary catalyst to achieve the promise of a more efficient industrial base with digital manufacturing, with McKinsey and others estimate the $1 trillion opportunity of digital and connected manufacturing. However, this pandemic also highlights the industrial control system and operations technology (ICS/OT) security perils shifting to digitalization without the proper infrastructure in place. Control systems are normally “insecure by design.” They are not designed, as modern information technology (IT) systems are, with an assumption that they will connect with the outside world and the cyber threats that exist. They often do not receive the same rigor of security management as IT systems such as regular patching, system hardening, configuration management, backup requirements or anti-malware.

As more commercial off-the-shelf components are introduced into control systems, the vulnerabilities present in these systems now extend into industrial facilities. A planned shift to greater connectivity would have balanced the promise of these initiatives while making necessary changes to protect companies against cybersecurity risks.

COVID-19 also forced many organizations to shift to remote management with limited onsite staff. In the immediate term, the explosion of remote access opened these systems to threats from targeted attacks and collateral damage from ransomware.

Reducing onsite staff also limits the bandwidth to manage these devices securely. To the extent that control systems are managed for security, it often is done by onsite personnel who manually patch or update anti-virus or conduct backups. These security maintenance tasks often are de-prioritized in a world of limited onsite resources.

In many cases, industrial cybersecurity was approached as building very high walls between IT and OT systems to limit the possibility of accessing these “insecure by design” systems. Now, due to COVID-19,  a gate was created and more organizations have been allowed through that gate. At the same time, it reduced the protection of the assets within the gate, which is not a great security recipe.

Use a three-pronged approach to protect critical infrastructure assets

To secure these connected systems, it is not enough to just monitor the network access; we must manage the endpoints inside the walls as well. As connectivity expands and remote access increases, endpoints are now more accessible than ever and, unfortunately, the onsite capacity to manage and secure these assets has declined. To ensure the security of critical infrastructure, a new approach to OT systems management is needed, mirroring IT systems that have been exposed for years. A three-pronged approach to control system endpoint management is a good starting point.

  1. Develop real-time visibility into the risks and security status of all operational assets. While it’s true you can’t protect what you can’t see, securing an asset requires a different mindset.  Users need to go beyond knowledge of its existence to determine whether the asset is at risk and if the security deployed is active and up to date. This includes knowing all of the underlying software and firmware of the device, the criticality of that device to the process, the patch levels and vulnerabilities present, the status of key security controls such as anti-virus or whitelisting, backups, the configuration security, whether the device is protected by a well-configured firewall, etc. Successful organizations take this 360-degree view of their asset risk to manage endpoints.
  2. Think global: Scale security analysis globally. ICSs cannot be protected by leaving security to site-level resources when fewer resources will be onsite. By the same token, prioritization requires controls system knowledge to understand potential risks to operations. A centralized database is necessary across all sites and assets need to enable cross-vendor analysis of risks and potential remediation strategies. This insight enables risk remediation playbooks to be distributed for deployment, producing efficiency and consistency in risk prioritization and remediation planning.
  3. Manage security onsite. Effective industrial security requires management, not just monitoring, and that engages the knowledgeable experts onsite. As stated above, many of the risks to control systems are due to a lack of security systems management. Too often, organizations stop at monitoring because the alternatives for endpoint management are either inefficient (manual) or risky (IT systems management automation tools).

Organizations now have a third option: OT systems management tools built for control systems offer the same automation capabilities, but within the control of the local control engineers. These tools automate processes such as patching, configuration and software management, user and account management, and backups, but are locally-controlled so they are deployed at the appropriate time and within the proper testing sequence to ensure reliable operations.

COVID-19’s disruption created shockwaves through life and presented an existential threat to many individual businesses. Critical infrastructure faces unfamiliar territory and new risks brought on by a sudden shift to remote work and greater cybersecurity threats. Organizations must accelerate their OT systems management efforts to keep pace. The three-pronged approach can help protect critical infrastructure.

Fecha de publicaciónseptiembre 03, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos


Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

Responsable Servicio de Prevención Propio

Fundación SUMMA HUMANITATE Madrid (España)

Últimas noticias


Con este primer artículo, queremos iniciar una serie sobre la seguridad de los Juegos Olímpicos y Paralímpicos de “Paris 2024”. En dicha serie, vamos a analizar la naturaleza del evento, para entender su dimensión y la complejidad de dotarle de unas condiciones adecuadas para las tres situaciones que pueden darse en un evento.

La empresa privada que investiga el incendio de Valencia avisa sobre los peligros de las fachadas ventiladas

Se trata de Synthesis, la misma que indagó sobre el colapso de la Torre Windsor de Madrid, en 2005, o el fuego...

Lecciones del incendio de Valencia

El reciente incendio del edificio de Valencia ha hecho que se ponga el foco de atención en este tipo de riesgos, y en las medidas preventivas y reactivas para la protección frente a ellos.

El país más bello y triste jamás inventado

David Jiménez retrata el mundo de los reporteros en la novela 'El Corresponsal', inspirada en hechos reales y ambientada en el totalitarismo...

¿Sabes cuáles son las diferencias entre la Guardia Civil de la Policía Nacional?

Ambos cuerpos se dedican -en esencia- a velar por la protección de los ciudadanos. Sin embargo, cada uno de ellos tiene unas...