All about Industrial Cyber Security

What is Industrial Cyber Security?

Industrial Cyber Security is the practice of protecting industrial networks and systems, such as Automation, Control systems  (for example DCS or PLC based systems) , Safety Instrumented Systems and Supervisory Control and Data Acquisition Systems (SCADA), from cyber-attacks. These cybersecurity measures for Industrial systems are essential, to protect industrial assets against physical damage such as equipment damage due to maliciously wrong operation or worse incidents such as loss of containment, environmental damage, fires and explosions.

Hence, Industrial Cyber Security is the domain that deals with protection of industrial systems and infrastructure from cyber-attacks.

Industrial Cybersecurity is a relatively new field that has grown in importance, as the number of industrial systems that are based on computers has increased many times-in fact all modern automation, control and safety systems are based on microprocessor technology and thus prone to cyber attacks, even if they are not directly connected to the internet.

Why has Industrial Cybersecurity become so important now?

Cyber-attacks against industrial systems are becoming more sophisticated, with attackers now targeting critical infrastructure such as power grids, nuclear facilities, and manufacturing plants. The most common types of attacks involve gaining access to networks through remote access tools, or by exploiting vulnerabilities in business systems (such as MIS or ERP systems) connected to these systems.

Since a majority of the installed base of these Industrial automation systems are based on legacy DCS and PLC systems, that were not designed with security as a factor and are vulnerable to cyber attacks, it is important that owners and operators of these systems protect them to prevent unwanted mishaps from taking place.

What kind of mishaps can take place when Industrial Automation and Control systems get attacked?

Well the possibilities are endless. Imagine if some non state actor gained the ability to remotely operate the water sluice gates of a dam, or could be able to release the contents of a tank storing hazardous chemicals. Sometimes merely freezing the ability of the Control System can also be disastrous to not only the company that owns it, but also to the populace in general. Look at how the Colonial Pipeline attack disrupted fuel delivery in large parts of the East Coast of the US. Or earlier attacks where the water supply of a city (Oldsmar, FL) was attempted to be poisoned using remote login software to gain access to the SCADA of the Water Supply facility.

What is OT Security?

OT is short for Operational Technology and is used to describe systems that are used for Operational uses such as Building Automation Systems, Industrial Automation Systems, HVAC control systems, access control systems, navigation systems of ships, etc that operate machinery of some kind.These are also referred to as cyber-physical systems. OT Security deals with the security of these systems. Industrial Cyber Security is considered as OT security and deals with cyber security of industrial control systems.

These are distinct from IT Systems (Information Technology Systems) that are primarily used to process data and not operate machinery. Examples of these are ERP systems like SAP or Oracle, Email and Web servers, Customer Relationship Management (CRM) Systems, Banking systems, Stock Trading Systems and so on.

Which Industries have experienced cyber attacks?

Industries in the Oil & Gas, Pipelines, Steel, Automobile manufacturing, Nuclear Processing, Water Treatment and others have experienced cyber attacks of at least one kind that led to either near misses that could have resulted in a disaster or have damaged machinery or caused other consequential damages that resulted in hardships to the public at large. Industrial Cyber security threats are growing as global tensions grow and this will be another attack surface of adversaries who may try to cause harm to critical infrastructure.

What is Industrial Cyber Security Certification?

Industrial Cybersecurity Certification is of two types, one is certification issued to components (hardware and software) and one is certification issued to people.  The Abhisam Certified Industrial Cybersecurity Professional (CICP) is an example of a people certification.

What strategies can you implement to ensure Industrial Cybersecurity?

The first strategy is to create awareness of industrial cybersecurity. Many IT professionals assume that it is just similar to IT cybersecurity, which is far from the truth. Unfortunately people working in industry assume that anything related to cybersecurity is the responsibility of IT cybersecurity professionals, which is not correct. Industrial Cybersecurity is quite different from IT cybersecurity and both IT cybersecurity professionals, as well as Operational Technology professionals (such as Design Engineers, Plant Operations supervisors and others involved in industrial operations) should be aware of Industrial Cyber Security. This is the first step to ensure security of manufacturing systems and other industrial systems.

The second step is to follow the Abhisam Industrial Cybersecurity Lifecycle to get a grip on OT security.

Industrial Cyber security