Closely Guarding Your Cyber Connections

by | Feb 21, 2007 | Cybersecurity | 0 comments

Recently the Digital Bond cyber-security blog pointed to a vulnerability note on the Trend Micro anti-virus package and noted:

Software designed to protect ends up putting virtually every system on your network at risk.

This had to cause pause among anyone reading this blog. In spite of best efforts to ward off the ravages of viruses, even those packages responsible for protection can be compromised.

When I saw this article appear in my RSS feeds, I ran it by our resident cyber-security expert and DeltaV product manager, Bob Huba, who you may recall from earlier cyber-security posts. Bob noted that the unfortunate reality of today’s highly interconnected world is that new vulnerabilities come up all the time.

Constant vigilance must be a critical part of your cyber-security efforts. Patch, patch, patch is your best practice and this process requires a close partnership between you and your automation suppliers to perform these practices. Suppliers have to do their part with prompt patch certification and anti-virus support to make sure these patches and additions don’t break existing software functionality. This certification must get clearly communicated to the automation system/cyber-security administrators around the globe to quickly plug these vulnerabilities.

One thought Bob shared is that perhaps some installed automation systems are “over connected” with the enterprise. Each connection is a source of vulnerability and its business case should be carefully considered. The connections should be designed more with cyber-security than low cost in mind. It’s likely best to have a single external connection from these automation systems that “you can guard like heck.”

An analogy is the bank vault with layer upon layer of security which serves to slow down potential breaches so that they can be discovered and thwarted in time.

It sounds like the choice is either to heavily devote attention to these connections or lock down and disconnect from the network–something not too practical as process manufacturers try to optimize their business processes and manufacturing systems.

Comments

Author

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

This blog features expert perspectives from Emerson's automation professionals on industry trends, technologies, and best practices. The information shared here is intended to inform and educate our global community of users and partners.

 

Privacy Policy | Cookie Policy | Data Protection Statement

PHP Code Snippets Powered By : XYZScripts.com