Recently, Emerson Automation Solutions CTO Peter Zornio & Director of Cybersecurity Michael Lester were joined by Dragos CEO Robert M. Lee to discuss cybersecurity in digital transformation initiatives. In the webinar, Enable a Secure Digital Transformation with your ICS, Robert, Peter and Michael discussed ways to deal with the challenges of an increased attack surface from increase connections and flows of data to a wider group of people.
After introductions, Peter explained that digital transformation typically means that more people need more access to data from the Industrial Control System (ICS) and other Operational Technology (OT) devices and systems. This may include not only manufacturing and production staff members, but also third-party suppliers who assist in optimizing asset performance.
This increased data flow requires careful consideration of the architecture and systems and processes to continually monitor this architecture.
Robert noted that a common approach is to develop a cyberattack prevention-based strategy, but this approach alone is not enough. Information security requires detection and response in addition to prevention. With Industrial Internet of Things (IIoT) devices as part of a digital transformation initiative creating hyper-connectivity, it’s really important to be able to understand what’s actually going in the automation architecture and to make sure it is clear how best to respond.
With robust cybersecurity representing elements from Information Technology (IT) and OT, it’s important to start with the basics to bridge organizations and cultures. For example, IT security places a very high priority on software vulnerabilities. On the OT side, intrusion detection and response are critical to keep bad actors from learning how the controls operate and how to cause problems. It’s important that the cybersecurity plan have a common mission to establish priorities and meld organizational cultural differences.
Peter noted that many times, communications paths are opened during troubleshooting and forgotten and never closed once the issue has been solved. It’s important to start with an audit to review the current state and identifying communications paths that no longer need to be open.
Robert added that the most successful projects are those where the IT and OT organizations engage as partners. Together they create the problem statement and requirements and then jointly tackle execution of the project. Barriers to success are created when different organizations develop different requirements that may be in conflict.
We’ve only scratched the surface of some of the key ideas and best practices discussed in this webinar, so make sure to give it a full viewing. Some of these discussions include the MITRE ATT&CK framework, segmenting risk, and assessing organizational capabilities.
Visit the Cybersecurity section on Emerson.com for more on the technologies, solutions and practices to better secure your operations and advance your digital transformation initiatives. You can also connect and interact with other ICS cybersecurity experts in the DeltaV and Ovation forums in the Emerson Exchange 365 community.