Cyber Strategy
Cyber Secure
Cyber Operations
Cyber Response
Cyber ResilienceCyber Security Landscape and the Industrial 4.0 Revolution
Some of the activity a cyber-attacker could do is steal your identity and start spreading fake news or steal your credit card information. This all could be done, but at first the attacker has to have some kind of access to launch his attack and normally this is done through sending an email attachment which might contain malicious code or scripts that run at the background and gathers information. Cyber-attacks have become a topic in the mainstream news and media outlets. Companies, organizations and countries are spending heavily in securing their IT infrastructure as it becomes essential for their business operations to continue functioning.
Cyber Security Landscape and the Industrial 4.0 Revolution
Some of the activity a cyber-attacker could do is steal your identity and start spreading fake news or steal your credit card information. This all could be done, but at first the attacker has to have some kind of access to launch his attack and normally this is done through sending an email attachment which might contain malicious code or scripts that run at the background and gathers information. Cyber-attacks have become a topic in the mainstream news and media outlets. Companies, organizations and countries are spending heavily in securing their IT infrastructure as it becomes essential for their business operations to continue functioning.
The risk is even greater in the world of critical infrastructure because these risks could exceed quantitative risks and beyond, resulting in the loss of life and process. When we talk about critical infrastructure; we are indeed talking about transportation networks, metros and trains, aviation and airports, power plants and water desalination, manufacturing and nuclear. These infrastructures are called operational technology (OT) have become more dependent on the fourth industrial revolution and the commercial of the shelf (COTS) IT product with a strong focus on the convergence of IT/OT as digital transformation takes shape. Traditional OT systems were self-isolated, air-gapped, works in isolation and required no internet access. The digital transformation and industrial 4.0 revolution is changing the paradigm with a demand for always-on connectivity, real-time monitoring, cyber security and effective service delivery.
The risk is even greater in the world of critical infrastructure because these risks could exceed quantitative risks and beyond, resulting in the loss of life and process. When we talk about critical infrastructure; we are indeed talking about transportation networks, metros and trains, aviation and airports, power plants and water desalination, manufacturing and nuclear. These infrastructures are called operational technology (OT) have become more dependent on the fourth industrial revolution and the commercial of the shelf (COTS) IT product with a strong focus on the convergence of IT/OT as digital transformation takes shape. Traditional OT systems were self-isolated, air-gapped, works in isolation and required no internet access. The digital transformation and industrial 4.0 revolution is changing the paradigm with a demand for always-on connectivity, real-time monitoring, cyber security and effective service delivery.
The next battlefield – Cyber-Attacks and Digital Warfare
There are many other examples of such OT vs. IT differences; another one is performing vulnerability scans. One can assume that in IT this does not do any harm but put that into the context of OT then the situation changes completely. Where performing any sort of vulnerability scan can result in system malfunction, buffer overflows and process outage as these industrial control systems are not designed to accept large amount of traffic, nor are they designed with resilient TCP/IP and application stacks therefore resulting in denial of service or affecting the integrity of system units.
Another interesting area of debate is OT environment do not have offline, staging or development environments unlike IT, where we have all of them. It is always difficult to understand why customers don’t have an offline development environment; even if it is not a replica but simply a lite version of the production would yield so many benefits. Not only would it allow to improve the overall security posture by testing security controls and even perform vulnerability assessment and penetration testing without ever impact any production networks.
The next battlefield – Cyber-Attacks and Digital Warfare
Despite most industrial control systems and networks are largely based on traditional IT technologies; securing them in the same manner as IT networks becomes a challenge; as their operational environment is different. One of the main challenges we find in industrial networks is applying security patches on OT systems; there are many reasons for this, such as lack of IT connectivity to download patches; lack of approved patch cycles and supported versions from OEM vendors; requirement to be physically onsite since there is no remote connectivity; lack of clear patch management process, all contribute towards this issue. Leaving systems unpatched for a long duration only means you compound on the situation and vulnerabilities accumulate exponentially leaving you highly vulnerable to any sort of cyber-attack.
Another interesting area of debate is OT environment do not have offline, staging or development environments unlike IT, where we have all of them. It is always difficult to understand why customers don’t have an offline development environment; even if it is not a replica but simply a lite version of the production would yield so many benefits. Not only would it allow to improve the overall security posture by testing security controls and even perform vulnerability assessment and penetration testing without ever impact any production networks.
Conclusion
It recommended for organizations to conduct a periodic cyber risk assessment to ensure that cyber risks are kept too acceptable limit and tolerance levels. Aim to achieve compliance to international and regional standards such as IEC-62433 (ISA99), National Cybersecurity Authority – Saudi Arabia, NESA IAS, DESC ICS Standard and NIST CSF. Such standards are starting point for any organization to design and implement cyber secure network architecture and build a zero-trust relationship and defense in depth strategy for the OT environment. The defense in depth strategy entails building different layers of defense; if one fails the next layer aims to protect the infrastructure and so on. The IEC-62443 standard also suggest segmenting the network into zones and conduits to ensure secure network and restrict data flows. Adoption of Industrial Network Anomaly Detection and Secure Asset Management tools will also significantly enhance the cyber security posture as new and emerging trends in the space.
Conclusion
It recommended for organizations to conduct a periodic cyber risk assessment to ensure that cyber risks are kept too acceptable limit and tolerance levels. Aim to achieve compliance to international and regional standards such as IEC-62433 (ISA99), National Cybersecurity Authority – Saudi Arabia, NESA IAS, DESC ICS Standard and NIST CSF. Such standards are starting point for any organization to design and implement cyber secure network architecture and build a zero-trust relationship and defense in depth strategy for the OT environment. The defense in depth strategy entails building different layers of defense; if one fails the next layer aims to protect the infrastructure and so on. The IEC-62443 standard also suggest segmenting the network into zones and conduits to ensure secure network and restrict data flows. Adoption of Industrial Network Anomaly Detection and Secure Asset Management tools will also significantly enhance the cyber security posture as new and emerging trends in the space.
See also:
Dubai