- Shifting from proprietary to open, standards-based solutions can lower costs, increase operational flexibility and avoid vendor lock-in
- Generating real-time business intelligence from operational data can enhance service delivery
- Improving the effectiveness of automation systems drives new efficiencies into the industrial processes they control, yielding better performance and results
- Ensuring that the operational health and safety levels of the systems and processes are continually maintained.
The following are five of the major hurdles that critical infrastructure and industrial process companies often face as they move forward with initiatives to modernize their control environments.
1. Lack of “Last Mile” Coverage and Instrumentation for Device Visibility – ICS systems are increasingly leveraging wireless and Internet connectivity to expand the system’s reach and effectiveness. Gaining faster access to more granular and real-time data from far-flung end points can produce substantial operational benefits. From a security perspective, however, such expansion introduces new risks.
One of the primary security issues that arise in these implementation scenarios stems from the fact that embedded devices often lack local or remote logging capabilities. As a result, they cannot adequately log relevant security and compliance data. Additionally, interactive remote access can be cumbersome, hard to achieve or only available in an insecure manner.
To address the lack of visibility largely inherent in these devices, organizations should place network sensors logically near the devices to detect events which would normally be present in event logs. Network Intrusion Detection Systems and network flow tools are two such examples. Additionally, organizations should consider protocol-aware gateways or firewalls to restrict access and add a layer of security, since many industrial protocols lack authentication and security features.
2. Not So Automatic “Automation” – Whether or not they have the Critical Infrastructure designation, ICS operators of all kinds face growing internal and external (regulatory) requirements to produce ever-increasing amounts of operational data. It is a growing operational and administrative burden, and automation systems operators must find an efficient and secure way to deal with it. Since old habits – and cautions – die hard, many asset owners are averse to fully automating their data collection processes.
This reluctance to fully automate data collection often leads operators to conduct partial automation efforts. Examples include scripts being run manually on each individual host, or scripts that can run remotely but have to be initiated manually. These half-measures are not thorough and are often incomplete.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.