Cisco Canada Blog

What you should know about Industrial Control System Cybersecurity

April 26, 2018

Every year we release the Cisco Annual Cybersecurity Report to advise businesses and IT professionals on security trends and emerging threats.

Not surprisingly, this year the Internet of Things (IoT) warranted further discussion – particularly as it pertained to operations technology and networks. So we surveyed security professionals within the manufacturing industry to determine how prevalent attacks on OT equipment and networks have become.

The results proved what many have already warned manufacturers about: the attacks are coming, and you need to be prepared.

31% of security professionals said their organizations have already experienced cyber-attacks on OT infrastructure.

38% said they expect attacks to extend from IT to OT in the next year.

69% of organizations believe OT is a viable attack vector in 2018.

To prevent such attacks, some manufacturers are investing in improvements to their cybersecurity architecture. But more can be done. Manufacturers, you need to secure your industrial control systems (ICS).

Access the full ICS cybersecurity guide now: Mobile version | Desktop version

How can you secure industrial control systems?

Cybersecurity requires several layers of defense to protect your equipment from the vulnerabilities that hackers can exploit. To secure your industrial control systems, ask prospective vendors the following questions to determine whether they can implement a successful ICS security solution.

How do you detect and protect against an ICS security threat?

Why it Matters: Monitoring, defending, and remediating against risks and threats throughout your network prevents downtime and loss of control – even against physical anomalies like squirrels, jellyfish, or birds.

How do you participate in ICS standards creation, research, and industry training?

Why it Matters: Adhering to ICS standards with up-to-date products, policies, and procedures ensures you won’t implement an inefficient security solution that doesn’t drive compliance.

How do you secure each boundary level of an ICS network?

Why it Matters: Applying a strategy to secure every level of your ICS network prevents disjointed solutions and insufficient levels of security.

How is your industrial hardware manufacturers and supported?

Why it Matters: Employing compatible, supportable, and flexible hardware from a vendor with design and support expertise is vital to avoid unnecessary network traffic and implementation issues from a poorly designed system.

How does your security help drive broader business outcomes?

Why it Matters: Maintaining the same standards of availability while securing your ICS is critical to achieve the increased connectivity required for an IoT network and drive the digital transformation of your architecture.

How does your solution integrate with other IT and Operations products and services you offer?

Why it Matters: Integrating IT and Operations security products and services decreases the likelihood of introducing vulnerabilities and gaps into your system.

What types of visibility does your solution offer into an ICS?

Why it Matters: Gaining full visibility into every zone and segment of your ICS enables you to defend against risks and threats that go undetected through different layers.

Can you describe the full range of security provided by your solutions at the IT and operations interconnect?

Why it Matters: Establishing network requirements and management processes through IT and Operations convergence preserves the existing availability standards and improves your security.

What authentication and authorization protocols do you implement for network access?

Why it Matters: Utilizing a comprehensive set of authorization policies and protocols lowers your risk by keeping out unknown or unwanted entities, without impacting operations.

How do you know that your security solution will successfully integrate with my network architecture?

Why it Matters: Implementing a solution that integrates seamlessly with your existing systems helps you avoid introducing unknowns and unintended consequences, or creating new vulnerabilities.

Remember: every vendor has strengths and weaknesses. The answers to the above questions will help you identify potential weaknesses and make an informed decision around the services and features required to secure your ICS.

Like what you see? SUBSCRIBE NOW and never miss another blog.

Leave a comment