The concept of cyber security in the manufacturing and process industries, though having been discussed in all seriousness for years now, continues to be slowly implemented when you consider broad industry application. But some signs are pointing to the fact that 2013 may be the year this scenario changes.
In the past week alone, I have had discussions or seen news addressing three critical aspects of industrial security that I have not seen discussed much before. To be clear, what I have seen a great deal about over the years tends to focus on the application of software-based cyber security, such as firewalls, white listing and authentication as well as process-oriented steps involving policies and procedures. The three, less-talked-about concepts I’m referring to in this post involve embedded security, patch management and the involvement of major safety groups in the cyber security initiative.
On the embedded security front, I was given a preview of a new product soon to be released by Icon Labs that can be used to retrofit security onto existing assets. In essence, any device in your operation—from sensors and drives to controllers and actuators—that is or can be connected to a network can now have embedded-level firewall protection. According to Icon Labs, its Floodgate Defender device is a small footprint firewall appliance for drop-in security of existing industrial systems that can be used as a standalone device or integrated with McAfee ePolicy Orchestrator (ePO). Of course, Floodgate Defender—as a retrofit—is not actually an embedded security device, since you can’t crack open your existing assets and integrated Floodgate Defender onto the device’s motherboard. However, by providing firewall protection at the device level, Floodgate Defender is designed to bring the defense-in-depth concept from the enterprise level down to the device level. Stay tuned on this one, I’ll have more information to share when the product is released.
Another cyber security move brought to my attention this week comes from GE’s Measurement & Control business, which introduced its CAP Software Update and SecurityST Appliance. The SecurityST Appliance is said to provide centralized account management, event logging and management, network intrusion detection and update and backup change management. And while these issues are certainly important, it was the CAP Software Update release that piqued my interest because of its focus on patch management—a critical cyber security issue that all-too-often doesn’t get the attention it deserves once the core cyber security software is installed. Designed “to keep pace with constantly evolving cyber threats,” GE says its new CAP Software Update will help asset owners more effectively manage their current digital patch levels and anti-virus/host intrusion detection signatures. Patch management is one of those boring-but-important cyber security issues that no one should overlook. Without it, holes in your otherwise well-planned cyber security plan start to appear within days, if not hours.
My last cyber security point, for now, comes from renowned cyber security expert Eric Byres, CTO and co-founder of Tofino Industrial Security. In his latest blog post Eric offered his cyber security predictions for 2013. Though I found all his prognostications to be of interest, it was his prediction around the involvement of major safety groups in the industrial cyber security initiative that really got my attention. Here’s what he had to say: “This year, security consultancies like TÜV will make a major push into the SCADA and process security markets … and the IEC safety standards will start to be reevaluated in terms of security.” Byres added that he also hopes efforts like the Department of Homeland Security’s LOGIIC analysis of Safety Instrumented Systems will “start to make headlines too and not stay hidden under a bushel.”
While we’re on the subject of Eric Byres, I wanted to announce that we have just confirmed his participation in The Automation Conference 2013, to be held in Chicago on May 14-15. Eric will deliver a keynote presentation on cyber security and automation systems and hold court in a special “Ask the Expert” session where you can put your cyber security questions to Eric directly. Space is limited at the conference, so register today at www.theautomationconference.com.
