How does IOT look from an industrial perspective?
Industry 4.0 and industrial IOT are two terms that go together. It is the concept of taking devices and enabling them to become smarter sensors in order to improve their productivity and reduce operation costs. Industrial control systems are now highly interconnected and there are growing connections between the devices internally and between the industrial network to external environments. While new technologies that are introduced into the production networks increase efficiency and allow companies to focus more on innovation, they also expose these networks to new threats, which require security measures to be taken into account at all times.
What kind of threats are SCADA systems facing these days?
There are 4 main threats that can occur as part of a cyber attack: Recent events such as WannaCry ransomware campaign shows how generic attacks initiated by cybercriminals can also affect industrial control systems. Due to the attack, multiple industrial companies in various industries were hit. The most severe incident we know of so far is Renault/Nissan, which had to halt production in some factories due to the WannaCry attack.
What are non-malicious threats? And what risks do they impose?
Not all threats are derived from malicious intentions. Even human errors can create the same effect, where an innocent mistake or misconfiguration can lead to a different reaction to what the system was programmed to do. Since we are already monitoring the industrial environment, we help our customers to reduce risks that are also created unintentionally.
How are Cyber risks different across different industry sectors?
We work with various industries like manufacturing, critical infrastructure, building management systems, and there is indeed a lot of difference. Motive for instance is usually very different, in some cases it’s mostly motivated by regulation, while other industries are more motivated by business needs. The actual technologies being used and the vendors involved could also vary between industries. That being said, any sector can benefit from our solutions.
How do you begin to assess the safety of a SCADA system? What would be the first things you’d look at?
Our technology is able to listen to the communications in a non-intrusive way and analyze what is the normal behavior profile. This allows us to quickly recognize when there are deviations from the expected behavior. Our three main benefits are:
Visibility to the asset and network activity. Many companies are not even aware of the devices running on their network; they know the process but they don’t know the protocol and the assets within the environment. Being able to see your entire network is the first step towards securing it. Risk management helps the user to identify where breaches could come from in the future, and how an attack can make use of those access vectors to attack the industrial environment. Detection of threats - detecting ongoing threats such as cyber-attacks or non-malicious activities that are attempting to change the normal operations and require immediate response from the user.
What trends can we expect to see in the near future with SCADA security?
Generally what we’re seeing in the industry is an IT/OT conversion. These 2 fields are becoming closer together, and are starting to create joint processes that focus on industrial IOT. Security needs to be addressed by those teams. Specifically in industrial control systems, joint teams today need to bridge the gaps between IT/security teams and the operational teams, who need to work together. Only companies that have a joint IT/OT efforts to address their industrial security needs, are able to effectively secure their most critical assets.