A digital transformation is well underway with many manufacturers striving to improve safety, reliability, efficiency, emissions and/or throughput. The Industrial Internet of Things is making it possible to monitor more areas of the production operations than was possible in a fully-wired technology era.A strong cybersecurity program must go hand in hand with this digital transformation. In an Automation World article, Cybersecurity Lessons From Critical Infrastructure, Emerson’s Jaime Foose shares her thoughts along with other automation and security solution suppliers.
On the difficulty of patching Operational Technology (OT) systems, Jaime notes:
“There are a handful of critical devices that probably can’t be patched without some downtime…”
Planning and preparation is paramount:
“You look to do that in an outage window,” Foose says. “You take a short outage, do it in the middle of the night, or a time where it’s least disruptive to the process.” With proper preparation, she says, systems can be patched and rebooted in a controlled manner that doesn’t interfere unduly with the processes they control.
Beyond operating system and application software patching:
…basic security steps normally undertaken in the business IT world can also help secure industrial systems. Implementing user account controls, installing malware protection—including antivirus software and whitelisting-approved access points to prevent unauthorized access—are all among the measures Emerson recommends.
Jaime describes four best practice categories, recommended by organizations such as the U.S. National Institute of Standards and Technology (NIST), to follow:
- Analyze your system to map out what is on your networks and where it resides. This will help you plan defenses and plug gaps in security.
- Deploy defenses, including closing open ports and services that aren’t needed, installing patches, installing malware protection and making sure backups are in place and regularly updated in case all else fails.
- Monitor your systems for unusual activity and intrusions. Managing alarms and keeping track of them is vital for this to work.
- Incidence response is the final piece of the puzzle, ensuring that plans are in place for use when something does go wrong—which may include natural disasters and other incidents, not just cyber attacks.
Read the article for thoughts and recommendations from other suppliers. For those in the power, water and wastewater industries, you can learn more about industrial control system (ICS) cybersecurity in the Power and Water Cybersecurity Suite section on Emerson.com.
You can also connect and interact with other cybersecurity experts in the Operate & Maintain group in the Emerson Exchange 365 community.