Cybersecurity: An indispensable digital transformation co-pilot

05 May 2020

To drive operational efficiencies, improve performance or to gain a competitive edge, digital transformation is being adopted in almost in every operational technology (OT) environment. This means that, to safely connect plants and sites –irrespective of whether it an on-premise or off-premise solution – cybersecurity is not optional, says Arun Veeramani.

The attack surface at a manufacturing plant has increased greatly as the number of OT assets that are connected to take advantage of Industrial Internet of Things (IIoT) grows.  Almost every vendor is requesting remote access to the OT assets to provide predictive maintenance, asset performance management or to get data for analytics optimisation. These remote connections turn into potential vulnerabilities that need to be actively managed. These vulnerabilities are even more pronounced when legacy OT systems are not patched, or are so old that there are no patches or updates available. It is, therefore, critical to have a secure remote access solution with capabilities such as strong access controls, multifactor authentication, standardisation across the company, and a solution that also has capabilities for playback of sessions and an ability to audit. 

Another challenge
Visibility of processes and assets presents another challenge for manufacturers. Unlike enterprise IT assets which are refreshed every few years, the assets at a plant can go decades before being refreshed. This means the inventory list of the different assets is only partial and often does not include critical information like firmware versions, software applications and security patches. 

With so many purpose-built hardware and multiple communication protocols, companies that are not able to identify their assets will not be able to protect them. Not so surprisingly, asset discovery and inventory is one of the top needs. With uptime and availability being a priority in the OT environment, the ability to discover assets through passive scanning of the network (passive asset discovery) is needed so as not to potentially interfere with the functioning of the asset. Active asset discovery, though more intrusive because of the selective probing, still plays an important role as it will discover assets that may not be communicating on the network as often for the passive asset discovery to work effectively. Honeywell Forge Cybersecurity Software has capabilities for both active and passive asset discovery capabilities, so that manufacturers can discover and inventory the assets and better manage the risks.

As companies look at improving their cybersecurity maturity, many think that it takes a backseat to operational uptime and 24/7 critical operations. Small incremental cybersecurity gains over time really add up – performing vulnerability scanning, disabling unused features or updating passwords can be undertaken by marginally extending scheduled downtimes. A best practice to improve cybersecurity performance would be to embed it into the project management operation processes and procedures to ensure it is part of the concept, design and selection of OT assets. Recognising and leveraging all the opportunities during plant operations can go a long way in improving the cybersecurity posture of a company. 

One barrier to addressing cybersecurity challenges is the scarcity of cyber talent in the job market. According to ISC2 – an international nonprofit organisation specialising in cybersecurity training and certification, about 3.5 million positions will go unfulfilled by 2021. Turning to software platforms to automate and optimise some of the cybersecurity tasks will help cyber experts already on the team to be even more effective at managing cybersecurity performance. Additionally, OT managed security service and even outsourcing security operations center (SOC) capabilities can enable manufacturers to detect breaches and respond appropriately even in the face of the skills gap. For example, Honeywell offers Managed Security Services through which customers get 24/7 monitoring, patching and antivirus updates. Additionally, training the operators and engineers on basic cyber hygiene is essential so that it is not left only to the cyber staff to manage every little task. Training also mitigates a major threat vector – internal threats due to employee cyber inexperience leading to bad actors gaining access to company systems. In addition to periodic training, effective policies and procedures, and access management needs to be in place as well.

An evolving threat
It is important to be aware that, as technology evolves, so do malware and threats. There is no silver bullet or an end point for cybersecurity, rather it is an ongoing journey for a company to protect itself. Every site or plant needs to determine its cyber risk profile through an objective cybersecurity assessment and have a roadmap to address gaps and vulnerabilities. For a more cyber mature organisation, specialised assessments such as a network assessment or wireless assessment to address specific areas of their systems should be considered. Penetration testing is a more advanced technique to test out the defences of a mature organisation and is a way to uncover both technical and non-technical vulnerabilities. 

To address OT cybersecurity needs, a company that has a deep understanding of operational technologies and even has a hands-on experience with OT can bridge the mistrust that sometimes exist between the IT and the OT team. The CIO and the IT team can rest easy knowing that cybersecurity is being addressed while the operations director or plant manager can trust an OT cybersecurity company to understand challenges and criticalities of running a plant. 

To conclude, a holistic cybersecurity program needs to be in place to safely harness the power of IIoT while minimising downtimes due to cyber-attacks. Consider cybersecurity as a co-pilot as you pilot your company on a safe digital transformation journey.

Arun Veeramani is a senior offering manager with Honeywell’s Industrial Cyber Security team.

Contact Details and Archive...

Related Articles...

Additional Information...

Print this page | E-mail this page