Protect Yourself With Good Cyber Hygiene Practices

Rockwell Automation

 

July 9, 2018

Global cyber attacks — like WannaCry and Petya — affected thousands of targets and networks around the world.

Even if you escaped these, attacks targeting an industry, company or country can cause as much damage, whether the goal is to disrupt operations, gain attention or ransom data.

In just the last few years I’ve seen substantial maturing around how food and beverage companies manage cyber risk within their industrial environment.

We’re beginning to see companies not just think about cybersecurity from the perspective of defense in depth, but also starting to adopt capabilities that allow them to address cyber risk across an attack continuum.

They’re doing this by focusing in on the five functions:

– Identify what they have and the associated risks
– Put protection mechanisms in place to protect what they have
– Detect when threats bypass those protection mechanisms
– Implement capabilities to respond to incidents quickly
– Develop a system to support rapid recovery
These are the five functions addressed in the NIST cybersecurity framework, and they’re a good place to start to understand what capabilities are needed to implement a base level of cyber hygiene within your industrial control environment.

Decrease Your Attack Surface

Right now I’d say food and beverage companies are getting better at basic cyber hygiene. That approach starts with not just understanding what is connected on your plant floor, but understanding its attack surface.

In other words, what are those assets’ vulnerabilities? Then use that knowledge to address the known vulnerabilities by patching them.

To help minimize your risk, consider a security program focused on four key areas:

1. Maintain an asset inventory with an emphasis on understanding the attack surface or vulnerability
2. Vulnerability, patch and configuration management. Have programs in place to address known vulnerabilities, patch regularly and have mature processes around how configuration changes are made and tracked
3. Employ backup and recovery mechanisms for all critical assets to help ensure you have the ability to quickly pull from a known good backup.
4. Complete regular risk assessments to measure risk and manage it. Use the assessments to show your organization the level of risk they are exposed to and the resources (time, money, people) needed to mitigate it

Successfully implementing these tenets of basic cyber hygiene are the first steps in building an effective cyber security program for your organization and improving your ability to defend against future cyber attacks.

Obsolescence and Cyber Risk

A key tenet of basic cyber hygiene is the ability to address known vulnerabilities. But in some instances a vendor might no longer support a critical asset. Consider the following questions when evaluating the overall risk of maintaining obsolete hardware or software:

  • What is the impact of someone exploiting this vulnerability?
  • Is there a way to address this vulnerability through the application of an alternative mitigating control?
  • If not, can I justify migrating to a supported platform/solution/product set for this application?

The answers to these questions become the basis for your discussions around mitigation and migration. You can begin budgeting funds to move from basic cyber hygiene to an industrial cyber program that allows you to continually evaluate risk and match funding and resources to keep that risk to a tolerable level.

For all the benefits that smart manufacturing can offer, it also requires a more comprehensive approach to security. Seamless connectivity and smart devices are the catalysts to smart manufacturing — they but can also be a conduit for security threats.

Take these basic steps to help secure your infrastructure, protect assets and maintain network availability.

For more information HERE

https://www.rockwellautomation.com/global/overview.page

 

 

 

 

Related Articles


Changing Scene

  • Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco International has recently announced the grand opening of a new state-of-the-art facility on Higney Avenue in Dartmouth, Nova Scotia, Canada, making this the largest facility of any distributor in the Atlantic region. The new building, facilitated by Touchette Real Estate, a division of Groupe Touchette, will feature Wesco’s comprehensive suite of services and solutions including… Read More…

  • PataBid Nominated for Canadian Choice Award in Software Services

    PataBid Nominated for Canadian Choice Award in Software Services

    PataBid is proud to announce its nomination for a Canadian Choice Award in the Software Services category. This recognition highlights PataBid’s commitment to supporting the electrical contracting community across Canada by providing innovative estimating software solutions that streamline estimating processes and ensure predictable and profitable projects. Read More…


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    Explore how Omron’s latest X-Ray machines and AI-driven solutions are setting new standards in manufacturing efficiency and quality control. The manufacturing landscape is swiftly evolving, and Omron is at the forefront with its innovative PCB inspection machines. These systems offer profound insights into SMT production process, enhanced quality control, and can significantly reduce labor costs. Advancements… Read More…

  • KUKA Establishes New Software and Digital Business Segment

    KUKA Establishes New Software and Digital Business Segment

    Software is playing an increasingly important role in mechanical engineering. What used to be mostly solved mechanically is now done by electronics and the associated software. “With KUKA Digital, we are expanding our offering in order to position ourselves broadly for a market with strong growth potential. Our customers need products, solutions and consulting approaches to digitalize… Read More…