Industrial Cybersecurity

Industrial Cybersecurity

Industrial cybersecurity refers to the protection of industrial control systems and associated networks that are used to monitor and control industrial processes. These systems are used in critical infrastructure industries such as power generation, water treatment, and oil and gas production, as well as in manufacturing systems, building automation systems and many other contexts.

The field of industrial cybersecurity is evolving rapidly, driven by the challenges of digital transformation. Today, industrial cybersecurity must adapt to increased connectivity between IT and industrial networks, as well as heightened attack sophistication and volumes. In recent years, we are seeing a attacks that impair or shut down industrial systems more than double annually.

The primary objectives of industrial cybersecurity are to ensure safety, reliability, and efficiency. Safety refers to preventing any harm to individuals or the environment. Reliability pertains to maintaining the smooth functioning of physical operations. Efficiency refers to keeping production costs low. Protecting information is not a primary focus, which is why practitioners rely on industrial standards such as the IEC 62443 series, NIST 800-82, and ANSSI standards for industrial cybersecurity, rather than IT standards such as ISO27001. A related methodology is Secure Operations Technology (SEC-OT), focused on protecting physical operations. SEC-OT follows the following principles:

Ensure continued operation by physically securing networks critical to control

Limit impact of attacks by monitoring and managing information flows

Identify residual risks by assessing attack types and consequences that not reliably defeated by current security measures​

This new approach for industrial cybersecurity is mirrored by the cybersecurity engineering strategy announced by the US Department of Energy.  This strategy provides guidance such as a consequence-focused design, which prioritizes protecting critical networks first and implementing controls that aim to eliminate cyberattacks instead of just mitigating them.

Following these approaches, Unidirectional Gateways are becoming an important tool in the field of network engineering and cybersecurity engineering. The gateways are used routinely to provide robust segmentation for industrial control networks in industries such as power generation, rail systems, and petrochemical pipelines. Unlike firewalls, which only mitigate attacks, Unidirectional Gateways eliminate the risk of external cyberattacks, such as targeted ransomware.

And if at any time you would like an update on the latest Unidirectional Gateway developments, please use the form below to request a free consultation with one of Waterfall’s unidirectional technologies experts:

Free consultation with one of Waterfall's Industrial cybersecurity technologies expert

Read more about Data Diodes and Unidirectional Gateways

Cyber Education

The Missing Link: Industrial Cybersecurity and the Role of Education

Waterfall Security Solutions is of course an industrial cybersecurity technology provider, but technology is only part of any industrial security program – policies, procedures and training are also essential. This means that the advancement of security education has always been essential to Waterfall’s mission to improve industrial cybersecurity. The potential consequences of malicious misoperation of industrial processes can have thoroughly unacceptable consequences for property, the environment, workers at industrial sites, and public safety. To improve one’s security posture, it is required to have a wider awareness of modern risks, threats and cyberattack techniques, in addition to a deeper understanding of

Read More »
Press Releases

Waterfall Collaborates with Educational Organization Cybati for Indepth ICS Cybersecurity Training

Hands-on demonstrations and training will be available at the SANS ICS Summit   Rosh HaAyin, Israel – March 21, 2017 – Waterfall Security Solutions, a global leader in cybersecurity technologies for critical infrastructures and industrial control systems, today announced its collaboration with the cybersecurity educational organization Cybati. Cybati’s mission is to enable educational institutions, industrial asset owners, operators, researchers and supporting entities to understand control system environments and cybersecurity risks. It does so through its hands-on, academic and professional control system cybersecurity CybatiWorks™ platform.  As part of the collaboration, Cybati’s training platform will include Waterfall Security’s Unidirectional Gateway, integrated in its lab

Read More »