Michael Rothschild has more than 20 years of experience in security. Prior to his role at industrial security vendor Indegy, Michael worked in product management and marketing roles with Thales, RSA, Dell, Juniper Networks, and Radware. He taught marketing at Yeshiva University and currently occupies a board seat at Rutgers University. In his spare time, Michael volunteers as an emergency medical technician.
At a high-level, what is cybersecurity, and why should manufacturers care? Are there benefits to utilizing an active versus passive protection system for manufacturers?
Cybersecurity is about protecting your industrial computer systems from unauthorized access, preventing theft, damage, or manipulation of those systems.
Unfortunately, industrial control networks were designed decades ago, before cyber threats in OT (operational technology) environments existed. The focus was operational reliability and ensuring smooth business operations. Today, however, due to a confluence of trends, OT operations are being targeted, and security is more important than ever. Threats to your ICS (industrial control systems) network can come from a variety of sources, including cyberattack, malicious insider, and human error. This is the reason Indegy gives unique focus to being able to monitor and alert on changes within the OT environment, whether the changes were done through the network or locally on devices.
An active system will:
How does operational technology give hackers potential to access a company’s assets, and what are potential risks associated with an attack?
The focal point for attacks on industrial operations and critical infrastructure has centered on industrial controllers. What really matters is that these controllers are extremely reliable and literally control everything from cooling stations to turbines, electrical grids, oil and gas, and much more. Industrial control systems literally keep the lights on. When industrial controllers were first deployed, they were not connected and interconnected. Today’s advances in technology have put these devices online and, thus, they have become the target of the hacker. Furthermore, controllers were not built to address the security threats or the innocent human errors we now experience. Outsiders, insiders, and outsiders masquerading as insiders are all possible actors that launch sophisticated attacks to take over machines for nefarious purposes. A carefully executed attack can accomplish as much, if not more than, modern day warfare.
Within manufacturing, are there specific segments you feel are more vulnerable or likely to be exposed to a cyberattack?
We find that there is not a specific OT infrastructure that is favorable to an attack. What we do find is that there is generally a fair amount of research or reconnaissance done before an attack is launched. Hackers, whether insiders or outsiders, look for weak links in the chain and use that to exploit. For example, a distributed organization may be well protected at HQ but not as protected at a remote location. The hacker will use the remote location to get into the organization.
To specifically address this reality, there has been a newer deployment model that has opened called ICSaaS, or industrial cyber security as a service, which provides a cloud-based deployment for smaller organizations or organizations that have many remote locations and cannot or do not want to deploy physical gear. It provides the comprehensive security needed to ensure industrial protection across the entire organization.
Cybersecurity remains a large and often overlooked risk within the manufacturing industry. What are key steps manufacturers can take to implement a cybersecurity plan?
There are three key elements (albeit not the only elements):
How does the National Institute of Standards and Technology (NIST) standard for cyber protection ensure manufacturers and their assets are less vulnerable to attacks?
The NIST framework was created through collaboration between government and the private sector in response to executive order (EO) 13636: Improving Critical Infrastructure Cybersecurity, which calls for the development of a risk-based cybersecurity framework. It provides a set of industry standards and best practices to help organizations manage and reduce cybersecurity risk to critical infrastructure. NIST is the authoritative standard to which organizations both in the U.S. and overseas map their cybersecurity standard.
To read more, visit https://info.indegy.com/wp-nist-cybersecurity-framework-lp.