By Debraj Chakraborty, Business Development Manager, Rockwell Automation
One of the most significant changes brought on by the COVID-19 pandemic has been the sudden shift to telecommuting and the rapid adoption of digitalisation. Previously a concept associated with millennials and tech-startups, working from home and connecting exclusively online has become the new normal seemingly overnight.
While both businesses and individuals have been quick to adapt, their focus has mostly been on maintaining business continuity. Governments and corporations alike are leaning heavily on technology for their primary modes of communication and information sharing. Likewise, the manufacturing sector – especially factories dependent on manually-operated machinery – are now looking for ways to scale up automation to at least enable basic processes to be carried out remotely, to limit the number of workers that must be physically present on the factory floor.
However, this heightened integration of and dependency on digital infrastructure has resulted in a greater vulnerability to cyberattacks. For one, there has been the mass migration of sensitive information on unsecured networks – one typical example being employees accessing confidential files remotely or on personal laptops. People are also spending more time online for both work and leisure. In a rush to revert to business-as-usual, speed has been prioritised over safety. Coupled with the swift adoption of new technologies, without fully understanding their security parameters, this has given cybercriminals unpreceded opportunity to exploit the myriad of weaknesses exposed. Rogue actors often take advantage of the confusion and uncertainty shrouding a crisis, like the current COVID-19 pandemic, to launch cyberattacks on unsuspecting individuals or organisations.
Cybersecurity is even more complicated and multifaceted in the industrial, manufacturing, pharmaceutical, and R&D, sectors. Companies in this space face the challenge of merging legacy infrastructure, decades of paperwork-based record-keeping, as well as on-site machinery and information-sharing systems while having to ensure that intellectual property, as well as safety and quality standards, are not compromised.
Weaving a Robust Safety Net
Bringing together the right combination of technology and processes presents its own challenge. Not every organisation has existing employees equipped with the requisite knowledge and skills required to understand not only where the gaps are, but also how to design, deploy and maintain more secure and connected systems. Besides, such systems should be designed and implemented with a comprehensive view of cybersecurity.
A holistic approach to industrial security must be enterprise-wide – from the mailroom to the factory floor and executive boardrooms – encompassing every single end-device. More important than the technology itself, are the people who embody the organisation; its employees. Risk management must account for all factors: people, processes and technologies. It merges the strengths and capabilities of the IT and operations teams – both of which are indispensable in securing network infrastructures.
Identifying Areas for Improvement
First, a security assessment should be conducted to identify all the current and anticipated risks and vulnerabilities an organisation is and could be exposed to. A thorough evaluation will account for software, networks, control systems, site-infrastructure nuances, policies, procedures and even employee behaviours.
The foundation of an effective cybersecurity strategy is built on comprises of the following:
- An inventory of authorised and unauthorised devices and software
- Detailed observation and documentation of system performance
- Identification of tolerance thresholds and risk and vulnerability indications
- Prioritisation of each vulnerability based on impact and exploitation potential
- Mitigation techniques required to bring an operation to an acceptable risk state
The Myth of the Panacea
No cure-all security technology or technique can create a watertight defence system that accounts for every threat. Take a bank, for example – it does more than simply lock its doors to protect its cash assets and highly valuable and sensitive data like the personal information of its clientele. In an increasingly interconnected world, all companies should also adopt a multifaceted approach to protect their physical, intellectual, and digital assets.
Defense-in-depth (DiD) security is based on the idea that any one point of protection can and will likely be compromised at some point. Hence, DiD security establishes multiple layers of protection through a combination of physical, electronic and procedural safeguards.
A DiD security approach consists of six main components:
- Policies and procedures
Engaging External Expertise
Most companies are already facing headwinds from the global economic downturn. While investing in cybersecurity can feel like an additional burden on strained resources, it plays an almost disproportionately outsized role in mitigating risk, deterring bad actors, and reassuring employees, corporate partners, and shareholders.
Working with cybersecurity experts allows for an objective assessment of your organisation’s vulnerabilities. This forms the foundation of an effective cybersecurity strategy which should be able to integrate seamlessly with legacy infrastructure and account for regulatory restrictions, employee behaviours, and industry-specific risks.
Rockwell Automation has defined five core security principals when developing a control system:
- Secure network infrastructure
A resilient industrial network security system is essential, limiting access to authorised individuals and protecting data against manipulation or theft. With many still working from home, security systems now need to account for the remote connectivity of people, processes, and information. Networks used in large-scale industrial applications can harness cloud technology, data analytics, and mobility tools to optimise systems monitoring.
- Authentication and policy management
Often overlooked when developing safety controls around user authentication is the need to minimise potential exposure to threats from internal resources. Management user accounts should be integrated with a means of centralised control. Scalable solutions should also be planned to allow for flexible workflows around disconnected environments, guest user access, and temporary privilege escalation before the necessity arises.
- Content protection
Automation equipment such as controllers often contains sensitive information. Smart industrial systems require a shared, secure environment to protect an organisation’s intellectual property while maintaining productivity and quality.
- Tamper detection
Unwanted activity and modifications within operational systems can be quashed with speedy detection, recording, and robust, coordinated response. Cybersecurity measures to deter and address potential threats include a means to centrally record and track all user actions, regular backups of operating asset configurations and electronic files, as well as a meticulous inventory of all devices on a plant floor.
Plant machinery, operation systems, and data storage units can be brought together under a single-system architecture that allows for centralised monitoring and reporting. By leveraging Converged Plantwide Ethernet (CPwE), multinational corporations can achieve greater flexibility, visibility, and efficiency required to remain competitive while retaining full control over their digital assets.
A Constant Evolution
Talk of Industry 4.0 began almost a decade ago, but an unexpected impact of the novel coronavirus has been the acceleration of digitalisation for businesses across every country and sector. While innovative technologies such as intelligent automation, cloud computing, and machine learning have been proven to optimise efficiency and reduce overhead costs, organisations must also be ready to deal with the associated risks, namely an interconnected enterprise that is almost entirely housed on a digital network.
Cybersecurity systems and protocols are a crucial component of a successful digital transformation, and businesses should seek to continuously review, improve, and upgrade their protective infrastructure accordingly.