How digitalisation is bringing the fight to industrial security threats ~
It’s no longer a question of
whether your business will be attacked, but rather when it will be attacked.
Cyber attacks, particularly those on public sector and utility businesses, are
now a regular, often daily occurrence. Here, Robin Whitehead, managing director
of systems integrator
Boulting Technology, explains how this is impacting the role of the chief
information security officer (CISO) and resulting in the need for end-to-end
digitalisation.
It’s a simple fact that data makes the modern economy turn.
Being the first business to take action, based on the insights gained from some
pivotal piece of information, gives businesses a distinct competitive
advantage. However, it’s also quickly becoming a fact of life that the same
data is being targeted by skilled cybercriminals intent on stealing this new
currency and even causing maximum damage to infrastructure.
We can see the potential scale of cyber crime if we look at
the number of data breaches made each month. For example, in December 2017,
security firm IT Governance reported that 33.8m records — including a mixture
of personal and business information — had been leaked around the world. In
November 2017, the number was 59m.
Sophisticated
cyber attacks
With the world facing the likes of WannaCry, Petya and NotPetya
in 2017, sophisticated cyber threats are the biggest technological fear in
2018. Although sectors such as financial services and the public sector are
most at risk, there have also been numerous high-profile attacks on utilities,
oil and gas and food manufacturing environments in recent years.
At 9:30am on 27 June, 2017, confectionary manufacturer
Cadbury was hit by a cyber attack, which halted production at its Hobart
factory in Australia. Computers at the facility were infected with the Petya
ransomware virus and displayed a message on the screen demanding payment in
cryptocurrency.
Later that same day, NotPetya — a variant of the Petya
virus — went on to do further damage to facilities across Europe. NotPetya exploits
a backdoor in the update system of a Ukrainian tax-preparation programme
running on Windows and used by around 80 per cent of all Ukrainian businesses.
It uses a vulnerability in the Windows operating system called
EternalBlue — originally believed to have been developed by the US National
Security Agency (NSA) — to encrypt the filesystem’s master file table (MFT),
preventing the system from locating its own files.
Launched on June 27, 2017 — on the eve of Ukraine’s
Constitution Day holiday — NotPetya quickly spread to networks in Russia,
France, Germany, Italy, Poland, the UK and the US and affected many sectors.
“It’s massive,” Christiaan Beek, a lead scientist and principal
engineer at McAfee, told WIRED about the situation in Ukraine. “Complete
energy companies, the power grid, bus stations, gas stations, the airport, and
banks are being targeted.”
The new CISO
It should come as no surprise then that the advice of IT
and security experts is now being sought at the highest levels of business. The
role of the chief information security officer (CISO) is also changing in
response. Acting as the head of IT security, the CISO has traditionally been
responsible for things like operational compliance and adherence to ISO
standards as well as performing IT security risk assessments and ensuring that
the business is using the latest technologies.
However, increasingly, the CISO must now also drive IT
security and strategy, guiding everyone from the shop-floor staff to the most
senior officials in the business on how best to protect them from cyberattacks.
The modern CISO now takes a seat at the boardroom table, ensuring business
continuity, come what may.
Modern CISOs need to be visionaries and good communicators
in their own right, exerting their influence at all levels of the business to
bring about long lasting technological and security change.
End-to-end digitalisation
For industrial businesses, this change cannot come soon
enough. The desire to integrate manufacturing networks with the outside world
and the increased use of smart data is driving efficiencies and cost savings in
sectors from food and beverage, pharmaceutical and automotive to utilities such
as gas, water and energy. At the same time, it’s also leaving them vulnerable
to attacks that can lead to business disruption and extended periods of downtime.
Part of the reason for this is that many businesses have
traditionally operated in silos, with information technology (IT) and
operational technology (OT) experts not historically well aligned to the same
objectives and outcomes. However, as we increasingly use more
internet-connected devices such as PLCs, HMIs, intelligent motor control
centres (MCCs), telemetry devices and smart meters — all relaying millions of
data points to centralised and often remote SCADA and ERP systems — it will
become crucial to take a joined-up approach to industrial operations. Cue
end-to-end digitalisation.
For many businesses, replacing hardware and software to
allow functionality such as standardised Fieldbus communications, real-time
cloud data, analytics and centralised control across every aspect of their operations
is neither a cheap undertaking nor one that is quick to enact.
After all, most engineering plant managers have built up a
complex system over many years, retrofitting new components and modules to
existing equipment. This is driving the need for end-to-end digitalisation,
moving away from fragmented system control, maintenance and upgrade towards a
holistic approach that encompasses system-wide transparency, alarms and notifications,
including analytics that can deliver actionable insights to improve process
efficiency.
At Boulting Technology we’re helping our customers
introduce cybersecurity measures to retrofitted equipment in existing
industrial setups. Our range of control systems, networking products,
intelligent motor control centres and more, form an integrated system that
gives engineers easy and secure access to their operation around the clock.
Ultimately, end-to-end digitalisation will help companies respond to attacks
and breaches in minutes rather than hours or days.
So, while we come
to the realisation that cyber attacks are simply a normal part of doing
business, take heed of your CISO’s advice and rethink your end-to-end
digitalisation strategy.