miércoles, 25 noviembre 2020
Visitas totales a la web: 86188777

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

How COVID-19 is affecting manufacturing cybersecurity

John Livingston. CEO of Verve Industrial Protection.

Forward-looking organizations realize they need the same level of aggressiveness to protect assets as they have done for COVID-19 risk reduction. A three-pronged strategy on securing essential infrastructure is highlighted.

COVID-19 created the greatest disruption to manufacturing since World War II, and its implications on control system cybersecurity will be as dramatic. Forward-looking organizations now realize they need the same level of aggressiveness to protect their assets as they have used to lower risk from COVID-19. A three-pronged strategy helps close the cybersecurity gap to ensure essential infrastructure continues to operate in the new normal.

COVID-19 is one of those “exogenous shocks” that accelerates the pace of change overnight. For the past 15 to 20 years, control systems have evolved to greater connectivity and use of commercial off-the-shelf components, more recently referred to by brands such as “Industry 4.0” and “IIoT.” The change of pace, however, is evolutionary rather than revolutionary. These initiatives require organizational change, technical proof of concepts, capital investments, upgrades to control systems, etc. All of this takes time.

Then COVID-19 happened. Suddenly, within the course of four to six weeks, organizations found remote management of facilities became a necessity.

To maintain safe operations, on-site staff has been reduced to essential employees, delaying or remotely conducting cybersecurity tasks. Remote access into industrial facilities has grown more in the past six months than in the past six years as travel and onsite access was restricted. While organizations had discussed the benefits of remote access and monitoring for years, the COVID-19 crisis forced their hands, whether ready or not.

It will be difficult, if not impossible, to put the genie back in the bottle. Because the economic disruption has lasted longer than anticipated, new business processes become more ingrained, leaders become invested in new approaches, test cases and proofs of concept now exist and the status quo shifts. What was seen as a short-term fix has become a permanent change.
COVID-19 also is driving a long-term shift in strategy of where production will happen. Long, complex, global supply chains are giving way incrementally towards onshoring critical components. As the economy recovers, industrial organizations must invest in new capacity to manufacture domestically. These facilities will likely push the boundaries of “connected industry” or “Industry 4.0” using the model of the pandemic operations as a guide.

ICS/OT cybersecurity: Promise, peril

Some may argue COVID-19 was a necessary catalyst to achieve the promise of a more efficient industrial base with digital manufacturing, with McKinsey and others estimate the $1 trillion opportunity of digital and connected manufacturing. However, this pandemic also highlights the industrial control system and operations technology (ICS/OT) security perils shifting to digitalization without the proper infrastructure in place. Control systems are normally “insecure by design.” They are not designed, as modern information technology (IT) systems are, with an assumption that they will connect with the outside world and the cyber threats that exist. They often do not receive the same rigor of security management as IT systems such as regular patching, system hardening, configuration management, backup requirements or anti-malware.

As more commercial off-the-shelf components are introduced into control systems, the vulnerabilities present in these systems now extend into industrial facilities. A planned shift to greater connectivity would have balanced the promise of these initiatives while making necessary changes to protect companies against cybersecurity risks.

COVID-19 also forced many organizations to shift to remote management with limited onsite staff. In the immediate term, the explosion of remote access opened these systems to threats from targeted attacks and collateral damage from ransomware.

Reducing onsite staff also limits the bandwidth to manage these devices securely. To the extent that control systems are managed for security, it often is done by onsite personnel who manually patch or update anti-virus or conduct backups. These security maintenance tasks often are de-prioritized in a world of limited onsite resources.

In many cases, industrial cybersecurity was approached as building very high walls between IT and OT systems to limit the possibility of accessing these “insecure by design” systems. Now, due to COVID-19,  a gate was created and more organizations have been allowed through that gate. At the same time, it reduced the protection of the assets within the gate, which is not a great security recipe.

Use a three-pronged approach to protect critical infrastructure assets

To secure these connected systems, it is not enough to just monitor the network access; we must manage the endpoints inside the walls as well. As connectivity expands and remote access increases, endpoints are now more accessible than ever and, unfortunately, the onsite capacity to manage and secure these assets has declined. To ensure the security of critical infrastructure, a new approach to OT systems management is needed, mirroring IT systems that have been exposed for years. A three-pronged approach to control system endpoint management is a good starting point.

  1. Develop real-time visibility into the risks and security status of all operational assets. While it’s true you can’t protect what you can’t see, securing an asset requires a different mindset.  Users need to go beyond knowledge of its existence to determine whether the asset is at risk and if the security deployed is active and up to date. This includes knowing all of the underlying software and firmware of the device, the criticality of that device to the process, the patch levels and vulnerabilities present, the status of key security controls such as anti-virus or whitelisting, backups, the configuration security, whether the device is protected by a well-configured firewall, etc. Successful organizations take this 360-degree view of their asset risk to manage endpoints.
  2. Think global: Scale security analysis globally. ICSs cannot be protected by leaving security to site-level resources when fewer resources will be onsite. By the same token, prioritization requires controls system knowledge to understand potential risks to operations. A centralized database is necessary across all sites and assets need to enable cross-vendor analysis of risks and potential remediation strategies. This insight enables risk remediation playbooks to be distributed for deployment, producing efficiency and consistency in risk prioritization and remediation planning.
  3. Manage security onsite. Effective industrial security requires management, not just monitoring, and that engages the knowledgeable experts onsite. As stated above, many of the risks to control systems are due to a lack of security systems management. Too often, organizations stop at monitoring because the alternatives for endpoint management are either inefficient (manual) or risky (IT systems management automation tools).

Organizations now have a third option: OT systems management tools built for control systems offer the same automation capabilities, but within the control of the local control engineers. These tools automate processes such as patching, configuration and software management, user and account management, and backups, but are locally-controlled so they are deployed at the appropriate time and within the proper testing sequence to ensure reliable operations.

COVID-19’s disruption created shockwaves through life and presented an existential threat to many individual businesses. Critical infrastructure faces unfamiliar territory and new risks brought on by a sudden shift to remote work and greater cybersecurity threats. Organizations must accelerate their OT systems management efforts to keep pace. The three-pronged approach can help protect critical infrastructure.

Fecha de publicaciónseptiembre 03, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El paracaidista español que humilló a los «temibles» espías soviéticos

Joaquín Madolell, natural de Melilla y militar del Ejército del Aire, desarticuló la mayor red del espionaje...

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

Últimas noticias

El virus frena la fuga de pilotos del Ejército del Aire tras perder 400 en una década

El equivalente a diez promociones completas de la academia general ha abandonado el Ejército del Aire desde 2007. Militares instruidos, formados bajo las partidas presupuestarias del cuerpo militar, que en la mayoría de los casos opta por seguir con su trayectoria profesional en el sector privado, seducidos por las mejoras retributivas y la posibilidad de seguir a los mandos de una aeronave más allá de los límites establecidos en las Fuerzas Armadas.

Detenidos cinco empleados de Amazon por robar medio millón de euros en teléfonos móviles en el almacén de San Fernando

Los detenidos arrancaban los códigos de seguridad imei de los teléfonos para dificultar la investigación policial La Policía Nacional...

De luchar contra la violencia a hacerlo contra la COVID: así se garantiza la seguridad en un partido

La COVID-19 sigue afectando a cada uno de los aspectos de nuestra vida. El fútbol, por supuesto, es uno de ellos. Pero...

El FBI alerta: tu televisión te está grabando y escuchando

La agencia de investigación criminal de Estados Unidos avisa de los riegos que implicar tener estos aparatos en casa

En Demanda de la Isla del Rey Salomón

Navegantes olvidados por el Pacífico Sur 1495. Cristóbal Colón escribe alborozado a los reyes Católicos desde las Indias para informarles de...