Maintaining a strong cybersecurity posture is an ongoing effort for manufactures and producers. In a Plant Magazine article, ‘Cyber-securing’ your plant, Emerson’s Michael Lester joins other cybersecurity experts to share his thoughts.
Near the article’s opening, Michael is quoted describing the current situation.
Today’s reality, explains Michael Lester, Director of Cybersecurity Strategy, Governance and Architecture at Emerson Automation Solutions, is that “manufacturers are under pressure from their boards to ensure the right level of cybersecurity is achieved to protect their manufacturing environments and processes from the increasing level of cyberattacks we are experiencing globally.”
A solid cybersecurity poster begins with mapping business and manufacturing systems.
To bring their cybersecurity to the appropriate level, manufacturers first need to map their business and manufacturing systems. This, Lester explains, will help provide understanding and ownership of each process and achieve business continuity and resiliency objectives around cyberattacks.
A thorough threat analysis should also be conducted. It’s best practice to review the MITRE ATT&CK matrices, said Lester, “specifically the recently-developed MITRE ICS ATT&CK Matrix, which is based on a global knowledge base of adversary tactics and techniques used in real-world attacks.”
Building a defense strategy from this assessment is next.
Lester says it must address weaknesses and mitigates risk in every operation that could be impacted by direct or indirect attacks and should also include a risk-based prioritization of any gaps.
Ongoing testing is an important component.
Lester adds that once the defense-in-depth strategy is in place, “it should be tested and reviewed methodically, purposefully and regularly to ensure it is effective and does not jeopardize ongoing operations or introduce other risks.” Roles, responsibilities and employee training should be updated.
…Lester believes that manufacturers are going to need to consider using multiple technologies (but also always focus on people and processes in addition to technology).
Looking forward, he also foresees that “manufacturing and industrial-specific technologies will include more secure communications and capabilities that are robust and meet the requirements and specifications with the devices and systems being used to maintain safety, control and monitoring. Some cybersecurity technologies are specifically designed for use in manufacturing and industrial environments like The Dragos Platform to achieve inventory, visibility, detection, and response capabilities in operations that engage both the OT and the IT functions in an organization. These should have priority when reviewing how to achieve higher levels of manufacturing and plant security.”
He adds that some existing technologies that are more prevalent in the Enterprise IT environments are also being used in manufacturing, but may have limitations or need to have significant configuration to work appropriately and prevent unintentional safety or control impact.
Read the article for more on the views expressed by the other cybersecurity experts about opportunities to improve your cyber-defenses. Visit the Cybersecurity Protection section on Emerson.com for more on the technologies and expertise to help improve your cybersecurity.