Back to Blog

Protecting the process from Cyber-Attack

The threats are very clear. Criminals. State actors. Opportunists. Disgruntled employees. Careless administrators. Bad luck. All can lead to malicious software or malicious individuals gaining access to your critical process manufacturing systems. The consequences of such a breech could range from inconvenience while systems are patched or disinfected to wholesale disaster, resulting in loss of production or worse if safety critical or environmentally sensitive systems are breeched or destroyed.

Traditionally organizations have relied on IT to protect the corporate network and we have, in recent years, seen great leaps in security management and control, proactive management of the software estate, centrally managed policies, automated and timely patching strategies for operating systems and key hardware and firmware. This combined with business controls and end user education allows a managed and risk based approach to cyber-security.

However, extending this best practice to the Process Control Network and Process manufacturing (OT*) domain is challenging, even for companies who have well managed corporate domains. Why is this? There are several reasons:

  • Traditionally Process Control Networks have been owned and operated by Process control engineers, who are understandably focused on delivering manufacturing results and may not have the time or the knowledge to examine and manage their networks and systems from a Cyber-Security perspective.
  • The business requirements in the PCN network are typically very different to those in the corporate domain, and there may be little understanding within the corporate IT department of the challenges and constraints in the OT world. Re-booting the server every Sunday is just not an option in a continuous process with an annual 2 week shutdown.
  • Many process manufacturing vendors have been slow to provide advice and tools to their clients to ensure that their products are well maintained, and actively monitored and managed. This picture is further complicated by the wide variety of vendors, devices, networks, protocols that comprise a complex process manufacturing facility.

There are solutions. Initiatives such as NIST in the United States and the EU NIS Directive in Europe provide guidance and provide opportunities to implement best practice into industrial control systems and related infrastructure.

Rex worked with a global chemical company to help them to implement NIST compliant processes and procedures. Rex was able to combine its deep knowledge of IT infrastructure with many years of Industrial (OT) experience. This allowed us to bridge the gap between the corporate IT world, and the realtime OT domain. Rex assisted with the design and development of a central GSOC** to provide the technical support, software management, patches and monitoring required to ensure compliance. The result was a risk based approach to proactively manage cyber-security consistently around the world. The project provided the client with the tools needed to further develop and enhance the management of their OT assets into the future.


Notes:

*OT  or Operational Technology is defined as technology that interfaces with the physical world and includes Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS).

**GSOC or Global Security Operations Centre. Provides the hardware and software needed to monitor and manage the OT systems. Includes tools and services from various vendors. Provides mechanisms for monitoring and patching systems in a consistent timely fashion.