Ultra Intelligence & Communications

Enhancing ICS Security Solutions Keeps Your Plant Operational

August 25th, 2017 / By

Enhance ICS Security Solutions to Keep Your Plant Operational

What happens when the systems responsible for powering the electric grid and utilities, water treatment plants, oil and gas production and every other industrial system that keeps our society moving forward go down? It can be catastrophic.

Companies increase the risk of a very bad incident when they do not incorporate security into their Industrial Control Systems (ICS) design.

These systems face increasing security risks. Yet the importance of addressing those risks with ICS security solutions is still something new to many in the C-suite. The reason is that the need for ICS security design is still relatively new, and the full extent of impacts unknown.

In 2016, The Sans Institute conducted a survey of the current state of ICS security. Some of the key findings from survey respondents indicate that:

  • 67% of companies perceive high levels of threats to control systems (up 43% from 2015)
  • 54% place responsibility for threat intelligence on internal staff
  • 43% place responsibility for security assessments on internal staff
  • 23% consider their supply chains or partners as a top vector threat
  • security incident information-sharing is down (contrary to other industry verticals)
  • planned ICS security improvements are behind schedule

Note: To see the full survey results, please visit this link.

How can organizations stay ahead of skilled attackers and manage these ICS security risks?

Security teams must design systems that cover all the bases. When you start planning a security design for your plant or facility operations, remember this: Traditional information assurance (IA) practices are outdated. Those outdated practices are all about secure implementations of encryption and key management – protecting your information from an external attacker.

An external focus is simply not enough anymore. Cyber attacks can occur from within a system, not just from the outside. An attacker gets into your system and then looks to pillage as many other areas and devices as possible, as the prevalence of Level2 attacks demonstrate. That means that the danger to your facility lies within the interconnected devices inside the system that individually manage essential, discrete operations. Your security team must protect these devices against both external AND internal attackers.

If that sounds alarming, it is. However, knowing the threat is a first step toward mitigating it. These four steps should be part of your ICS security solutions:

  • Translate the inherent reliability risks of a system into mitigation requirements.
  • Design an architecture for new and legacy systems that emphasizes robustness and reliability.
  • Use simple, bolt-on solutions for immediate cyber-protection that are also IEC-62443 compliant.
  • Evaluate tactics for appraising multi-layer and multi-vendor security.

Layering in security into your network architecture can mitigate ICS protocol weaknesses affordably, without affecting operational performance. To achieve this level of cyber safety, companies will need ICS operators who understand network vulnerabilities, COOs who understand the real cost of production interruption, and CSOs who understand security, safety, and risk. All need to work together to find the optimal solutions for their business.

Ultimately, knowledge is power when it comes to ICS security solutions. Keeping your facility secure from threats will keep your systems up and running. Everyone needs to work together to address the threats.

To learn more about how to improve your ICS security, view our webinar on building a stronger and smarter industrial control system.