This #CybersecurityAwarenessMonth, let’s recommit to protecting our sensitive data and improve our cybersecurity awareness because cybersecurity is everyone’s responsibility.
With the launch of Secure365, we’re doing our part to #BeCyberSmart by offering a holistic cyber management program that extends across the IT/OT enterprise to identify, protect, respond to, and recover from cyberattacks in heavy industries. Our IASCA certified Team tackles your cyber security needs in three steps:
AUDIT – Assess what you have. Each asset that exists on the network should be categorized and documented. In addition, configurations should be backed up to a non-network location.
MITIGATE – Find the gaps in your security solution and remedy those. The most common would be switch configuration (network segmentation) and firewall rule evaluation.
MONITOR – Continuous network monitoring is required to know what is happening on the network. As a result, the network is the largest vector for would-be attackers.
Cybersecurity is a program to be developed and not a one-time product purchase. To create a well-developed program, augmenting an IT staff with credentialed industrial security experts can be a cost-effective solution.
An interview with our SME: Dave Jennings
Dave has over 20 years of professional experience in industrial controls systems. David’s focus areas include SCADA controls and visualization, ICS networking, cybersecurity, and data collection and reporting.
How long have you been working in the field of cyber security?
It isn’t easy to trace back my official start date of entering the field of cyber security field, primarily due to the broad field of cybersecurity that touches so many facets of a business. I have been involved in aspects of cybersecurity since my engineering career began over 20 years ago. I started my career in electrical engineering within manufacturing. Early in the 2000’s, we saw the adoption of traditional standard Ethernet (same as in the enterprise IT space) on the manufacturing plant floor. During that time, I was involved in networking projects and the proper Ethernet networks design specifically for the plant floor. I saw a need to develop my skills beyond that of an electrical engineer in this space, so I continued higher education in the information system (IT) and cybersecurity fields. I completed my Master’s degree program in 2015 and have held cybersecurity auditor certifications from ISACA since 2019.
One of the key elements of the multi-faceted cybersecurity program is backup and restore from a disaster recovery perspective. Disasters can occur from a number of sources, including naturally. This is not a specific cybersecurity function but would be included in a developed security program. Physical security is a factor, including controlling access to equipment with physical keys.
What I consider today to be termed cybersecurity are continuous asset auditing and monitoring. I believe this is where my expertise can help manufacturers in their journey to a safer, more secure environment.
What are some of the additional threats you have seen arise in the last couple of years?
Ransomware is the number one threat because of the attraction to how lucrative it can make an attacker. Most attacks are made strictly for monetary gain. Other attacks, such as stealing proprietary information or destroying reputations, might be shared amongst competitors, but they all have one thing in common, and that is stealing what is yours, and the price paid could be upwards of millions. What these attackers are looking for is a way in to breach your security. Unfortunately, the easiest way is through manipulating people or by using social engineering. The tactics for social engineering have increased significantly through emails and Even voices can all be copied, manipulated, and used to attempt to get a victim to click on the malicious link, the bait. Once the attacker has the link, that PC can be infected, credentials can be stolen, and additional attacks can be launched from that location.
Why is protecting your company from cyber attacks so important?
I will approach this question from a manufacturing perspective. Security is different for different industries. If it was a bank or online store, then protecting personal information would be the key. If you own a social media platform, maybe privacy would be the number one reason. For manufacturing, safety and production are the factors. Safety is always the highest priority, either to people, equipment, or the environment. Those can have as much of a monetary effect as production if something is compromised. Production should be obvious. No production equals no goods to sell.
Security on the manufacturing floor should be approached by individuals that have experience within manufacturing and engineering. Yes, traditional IT methods are employed on the plant floor, but certain actions cannot be taken. For instance, an automated procedure could cut off the email server from the network and isolate it if malware is discovered. This cannot happen within manufacturing if that asset is providing a continuous function of the manufacturing process. I will restate a part of my response to the last question; Augmenting an IT staff with credentialed industrial security experts can be a cost-effective solution to a problem that is developing at a significant rate.