• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech

Industrial automation security amidst growing cyber threats

June 10, 2016
Versatile Diesel Engines

Versatile Diesel Engines

September 29, 2023
Steinmüller Africa Won 2022 Arnot Company of the Year Award

Steinmüller Africa Won 2022 Arnot Company of the Year Award

September 27, 2023
advertisement
ADVERTISEMENT
Tata Steel and ABB Jointly Explore Technologies to Help Reduce Carbon Footprint of Steel Production

Tata Steel and ABB Jointly Explore Technologies to Help Reduce Carbon Footprint of Steel Production

September 14, 2023
Jet Demolition Safeguards Mines Against Illegal Mining with Shaft Capping

Jet Demolition Safeguards Mines Against Illegal Mining with Shaft Capping

September 14, 2023
Risk and Insurance in a Shifting Energy Market

Risk and Insurance in a Shifting Energy Market

September 11, 2023
Clarifying the Role of Breathalyser Results in Employee Dismissals

Clarifying the Role of Breathalyser Results in Employee Dismissals

September 11, 2023
Pushing Polymers Limits

Pushing Polymers Limits

September 11, 2023
Enabling Finance Boosts Sasolburg Mine

Enabling Finance Boosts Sasolburg Mine

September 11, 2023
WearCheck Expands Its Skilled Workforce  

WearCheck Expands Its Skilled Workforce  

September 11, 2023
Eriez® Empowers Growth in South Africa with Appointment of Morake Hlahane

Eriez® Empowers Growth in South Africa with Appointment of Morake Hlahane

September 11, 2023
Africa’s Mines and Factories Must Brace for AI and ‘Bots’

Africa’s Mines and Factories Must Brace for AI and ‘Bots’

September 8, 2023
Duferco, Vedanta Fund Long-Term Project into Novel Zinc Refining Process

Duferco, Vedanta Fund Long-Term Project into Novel Zinc Refining Process

September 6, 2023
  • African Mining Brief
  • Magazine Archive
  • Contacts
  • Media Kit
Wednesday, October 4, 2023
African Mining Brief
No Result
View All Result
  • Login
  • Home
  • News
  • Events
  • Industry
  • People
  • Projects
  • Press Releases
  • Magazine Archive
MAGAZINE ARCHIVE
ADVERTISE
  • Home
  • News
  • Events
  • Industry
  • People
  • Projects
  • Press Releases
  • Magazine Archive
No Result
View All Result
African Mining Brief
No Result
View All Result
  • Home
  • News
  • Events
  • Industry
  • People
  • Projects
  • Press Releases
  • Magazine Archive
Home Cyber Crimes

Industrial automation security amidst growing cyber threats

by Newton Mthethwa
June 10, 2016
in Cyber Crimes, News, Opinions, People, Security
0
491
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Although open and collaborative networks have raised productivity and profitability, they have also increased vulnerabilities, making systems more open to cyber attacks than ever before.

A Frost & Sullivan white paper, entitled Cyber Security for Industrial Automation & Control Environments, which was completed in partnership with Schneider Electric, reveals that the proliferation of cyber threats has prompted asset owners in industrial environments to search for security solutions that can protect their assets and prevent potentially significant monetary loss and brand erosion.

The paper further shows that while some industries have made progress in minimising the risk of cyber attacks, the barriers to improving cyber security remain high. “More open and collaborative networks have made systems more vulnerable to attack. In addition, end user awareness and appreciation of the level of risk is inadequate across most industries outside critical infrastructure environments.

“The uncertainty in the regulatory landscape also remains a significant restraint. With the increased use of commercial, off-the-shelf IT solutions in industrial environments, control system availability is vulnerable to malware targeted at commercial systems. Insufficient expertise in industrial IT networks is a sector-wide challenge.”

Against this background, the white paper recommends that organisations need to partner with a solutions provider who understands the unique characteristics of the industrial environment and is committed to security.

One such end-to-end solutions provider, Schneider Electric is seeking to ‘build in’ security for its new solutions and services across the entire lifecycle, as well as improve security capabilities in existing solutions.

Given the complex nature of the challenge, Schneider Electric is approaching the
problem from different angles: Schneider Electric recommends a ‘Defence-in-Depth’ approach to cyber security for its customers. Defence-in-Depth is a hybrid, multi-layered security strategy that provides holistic security throughout an industrial enterprise and is expected to become a security standard in factories of the future.

Originally a military strategy, Defence-in-Depth was developed by the U.S. Department of Defense’s National Security Agency (NSA).

The six key steps used in the Defense-in-Depth approach are:
·        Security plan: Policies and procedures that cover risk assessment, risk mitigation and methods to recover from disaster.
·        Network separation: Separating the industrial automation and control system from other networks by creating demilitarised zones (DMZ) to protect the industrial system from enterprise network requests and messages.
·        Perimeter protection: Firewalls, authentication, authorisations, VPN (IPsec) and antivirus software to prevent unauthorised access.
·        Network segmentation: Containment of a potential security breach to only the affected segment by using switches and VLANs to divide the network into sub-networks and by restricting traffic between segments. This helps contain malware impact to one network segment; thus limiting damage to the entire network.
·        Device hardening: Password management, user profile definition and deactivation of unused services to strengthen security on devices.
·        Monitoring and update: Surveillance of operator activity and network communications, and regular updates of software and firmware.

The white paper highlights that best practice cyber security planning, in effect, addresses total security requirements in a unified manner; not just that of cyber security. It states that, according to the Pareto Principle, approximately 80 percent of impacts arise from 20 percent of causes. Recognising that the reason for inaction can sometimes be the sheer enormity of the task, Schneider Electric’s recommendation to clients is generally to adopt a step-by-step plan. This means:
1.        Identifying the biggest impact to the organisation in terms of a security breach;
2.        Zoning in on which specific area of plant operations is linked to that impact;
3.        Outlining what the biggest vulnerabilities are in relation to that area of operation; and
4.        Minimising or eliminating those vulnerabilities.

Once complete, the organisation can move on to the next impact-area-vulnerability issue. Rather than revamping an entire system at once and falling victim to ‘analysis paralysis’, a focused step-by-step approach not only ensures that the significant changes with the highest impact are effected immediately, but also the organisation does not spread itself too thin and therefore, realises the best value for Rands invested.

However, a step-at-a-time tactic should not tempt organisations into losing sight of the ‘big picture’. This is where security beyond the cyber threat needs to be considered as well.

According to the paper, with Schneider Electric’s best practice cyber security planning, comprehensive suite of industrial control solutions (from I/O level through to PLCs, SCADA and enterprise level solutions such as Ampla), building access control, data centre solutions, electrical distribution products, as well as security systems (including video surveillance, access control, fire and life safety and intrusion detection systems), organisations are reassured that any plan to mitigate vulnerability will be holistic. This is possible not only because of the diverse offerings available, but also because a single view of total operations is made possible.

Organisations can therefore make the successful shift toward securing their operations by relying on industrial control solutions providers that treat security as core to their offerings.

Tags: cyber attacksCyber Security for Industrial Automation & Control EnvironmentsFrost & SullivanSchneider Electricthe industrial automation and control system
Share196Tweet123
Newton Mthethwa

Newton Mthethwa

Jan - March 2023 Magazine

Versatile Diesel Engines

Versatile Diesel Engines

September 29, 2023
Steinmüller Africa Won 2022 Arnot Company of the Year Award

Steinmüller Africa Won 2022 Arnot Company of the Year Award

September 27, 2023
Tata Steel and ABB Jointly Explore Technologies to Help Reduce Carbon Footprint of Steel Production

Tata Steel and ABB Jointly Explore Technologies to Help Reduce Carbon Footprint of Steel Production

September 14, 2023

Trending News

  • Business Maverick Zunaid Moti Announces Departure from Moti Group

    Business Maverick Zunaid Moti Announces Departure from Moti Group

    1062 shares
    Share 425 Tweet 266
  • Scraper Winch

    736 shares
    Share 294 Tweet 184
  • Thyssenkrupp Uhde Expertise Extends the Life of Ammonia Tanks

    641 shares
    Share 256 Tweet 160
  • Slope Stability

    634 shares
    Share 254 Tweet 159
  • Underground Support Systems

    630 shares
    Share 252 Tweet 158
  • Another successful turnkey modular construction and transit solution from thyssenkrupp Uhde delivered to a key customer

    600 shares
    Share 240 Tweet 150
  • African Mining Brief
  • Magazine Archive
  • Contacts
  • Media Kit

© 2023 African Mining Brief I All Rights Reserved Powered by Clivo.

No Result
View All Result
  • Home
  • News
  • Events
  • Industry
  • People
  • Projects
  • Press Releases
  • Magazine Archive

© 2023 African Mining Brief I All Rights Reserved Powered by Clivo.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In