3 Steps to Strong Cybersecurity

3 Steps to Strong Cybersecurity

Benefitting from smart manufacturing requires a security strategy to help secure your infrastructure, protect assets and maintain network availability.

By Umair T. Masud, consulting services product manager, Rockwell Automation

Global cyberattacks, such as WannaCry and Petya, affected thousands of targets and networks around the world. Even if you escaped these, attacks that target an industry, company or country can cause as much damage, whether the goal is to disrupt operations, gain attention or ransom data.

Decrease Your Attack Surface

Food and beverage companies are getting better at basic cyber hygiene. That approach starts with not just understanding what is connected on your plant floor, but understanding its attack surface. In other words, what are those assets’ vulnerabilities? Then use that knowledge to patch them. 

To help minimize your risk, consider a security program focused on four key areas:

  1. Maintain an asset inventory with an emphasis on understanding the attack surface or vulnerability.
  2. Manage vulnerability, patch and configuration. Have programs in place to address known vulnerabilities, patch regularly and have mature processes around how configuration changes are made and tracked.
  3. Employ backup and recovery mechanisms for all critical assets to verify you have the ability to quickly pull from a known good backup.
  4. Complete regular risk assessments to measure risk and manage it. Use the assessments to show your organization the level of risk they are exposed to and the resources — time, money, people — needed to mitigate it.

Successfully implementing these tenets of basic cyber hygiene are the first steps in building an effective cyber security program, and improving your ability to defend against future cyberattacks.

Obsolescence and Cyber Risk

A key tenet of basic cyber hygiene is the ability to address known vulnerabilities. But in some instances, a vendor might no longer support a critical asset. Consider the following questions when evaluating the overall risk of maintaining obsolete hardware or software:

New Digital Manufacturing eBook Available: Whether your firm is small or large, digital manufacturing is here. In the free 2018 Digital Manufacturing eBook, learn how to plan a smart manufacturing strategy; how adopting the IIoT can boost security and safety; why not to wait for IIoT standards; how EtherNet/IP has changed linear position sensors; how pyrometers provide temp readings in tough conditions; and more, including webinars and videos. Download this free resource at http://bit.ly/tj18digmfgebook. [CLICK IMAGE TO DOWNLOAD]

  •  What is the impact of someone exploiting this vulnerability?
  • Is there a way to address this vulnerability through the application of an alternative mitigating control?
  • If not, can I justify migrating to a supported platform/solution/product set for this application?

Answers to these questions become the basis for your discussions around mitigation and migration. You can begin budgeting funds to move from basic cyber hygiene to an industrial cyber program that allows you to continually evaluate risk and match funding and resources to keep that risk to a minimum.

For all the benefits smart manufacturing can offer, it also requires a more comprehensive approach to security. Seamless connectivity and smart devices are the catalysts to smart manufacturing — they but can also be a conduit for security threats.

These basic steps can help secure your infrastructure, protect assets and maintain network availability.

 

The Journal From Rockwell Automation and Our PartnerNetwork™ is published by Putman Media, Inc.

The JOURNAL

Check Out the February Issue

The JOURNAL from Rockwell Automation and Our PartnerNetwork™ is a bimonthly magazine, published by Putman Media, Inc., designed to educate engineers about leading-edge industrial automation methods, trends and technologies.