Industrial security refers to the measures taken to protect industrial facilities, equipment, and intellectual property from unauthorized access, theft, and damage due to cyber attacks. This encompasses elements of physical security, cyber security, and personnel security to ensure the safe and secure operation of industries, including critical infrastructure and manufacturing facilities.
With the increasing threat of cyber attacks, industrial organizations must implement strong cyber security measures to protect their systems and data. Industrial security today faces the challenge of adapting to the growing interconnectivity between IT and industrial networks, and the increasing sophistication and volume of attacks. The number of attacks that disable or shut down industrial systems has risen dramatically in recent years, more than doubling every year.
This changes the landscape of industrial security cybersecurity protections, closely linking it with safety, reliability, and efficiency. Safety is ensuring no harm to people or the environment. Reliability is ensuring smooth physical operation. Efficiency is reducing production costs. Because of this focus, owners and operators rely on industrial security standards such as:
More recently the National Cyber-informed engineering (CIE) strategy announced by the US Department of Energy attempts to capitalize in the expertise of engineers in industrial systems to reduce the risks created by an intelligent adversary. The design principles are: Consequence-focused design, Engineered controls, secure information architecture, design simplification and active defenses. The related Secure Operations Technology (SEC-OT) methodology, focuses on protecting physical operations and provides concrete examples for creating a secure information architecture by physically restricting information flows.
As an example, Unidirectional Gateways are becoming an important tool in the field of network engineering and cybersecurity engineering. The gateways are used routinely in industrial security strategies to provide robust segmentation for industrial control networks in industries such as power generation, rail systems, and petrochemical pipelines. Unlike firewalls, which only mitigate attacks, Unidirectional Gateways eliminate the risk of external cyberattacks, such as targeted ransomware.
This new approach for industrial cybersecurity is mirrored by the cybersecurity engineering strategy announced by the US Department of Energy. This strategy provides guidance such as a consequence-focused design, which prioritizes protecting critical networks first and implementing controls that aim to eliminate cyberattacks instead of just mitigating them.
Following these approaches, Unidirectional Gateways are becoming an important tool in the field of network engineering and cybersecurity engineering. The gateways are used routinely to provide robust segmentation for industrial control networks in industries such as power generation, rail systems, and petrochemical pipelines. Unlike firewalls, which only mitigate attacks, Unidirectional Gateways eliminate the risk of external cyberattacks, such as targeted ransomware.
And if at any time you would like an update on the latest Unidirectional Gateway developments, please use the form below to request a free consultation with one of Waterfall’s unidirectional technologies experts:
Supply chain security is bigger than one standard or one approach. Supply chain has fingers into remote access and cloud services and many other things beyond SBOMs and vendor questionnaires. Pedro Fernandes of Accenture joins us to look at the big picture and at what it takes to really commit to supply chain security.
Cybersecurity investments, like safety investments, involve ROI calculations. But unlike safety, security ROI is not baked into engineering practice. Wally Magda – a senior standards and security instructor, advisor and former NERC CIP auditor joins us to look at today’s ROI problems and what to do about them.
Complex networks “drift” over time – maintaining an original security vision is hard. Robin Berthier, CEO and Co-Founder of Network Perception joins us to look at a new technology for understanding what’s happening to our networks.
Forescout’s recent Icefall report documents 56 new OT vulnerabilities, many in certified “secure” industrial equipment. Daniel Dos Santos, Head of Security Research, joins us to look at the vulnerabilities and at what they mean for industrial security.
The big picture of industrial security programs is why we do security, who does what, and to what standards or risk tolerances. Darren Conway of Capula joins us to look at documenting industrial security policies and programs, not just technology.
Relationships, humour and a complete lack of creepiness – Laura Torres and Sarah Jennings of FoxGuard join us to look at the art of marketing industrial security solutions.
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
