In this digital industrial development era, manufacturing companies can use various connected devices to monitor and remotely control or change devices (machines/tools) such as conveyor belts, valves, fans, pumps, and others.
However, this also increases the potential consequential threats or disruptions to the sustainability of the factory supply chain.
Every device connected to TCP/IP gives irresponsible parties the opportunity to intrude and jeopardize production activities and factory KPIs. Understanding and cooperation between IT and OT elements are needed to mitigate this threat.
For details on OT Security Please Read on The Importance of Cybersecurity in the OT Sector
The main concern of this IT-OT convergence is visibility. Hundreds of PLC-DCS sensors should be able to be monitored not only via HMI/SCADA, but also can be securely monitored remotely. The database must be able to create Big Data for follow-up actions. For this reason, security solutions are needed to keep them running normally. These preventive solutions are required in order to identify & counteract these risks.
NGFW (New Generation Firewall)
The primary security measure for this convergence is a powerful Next Gen Firewall toolkit.
This device that also functions as a gateway will monitor network traffic, perform filtration, and allow only safe traffic.
NGFW will constantly update you when something interferes with network performance and the number of individuals accessing the network and give you a comprehensive assessment needed to select sufficient capacity devices.
No matter how sophisticated your security devices are in protecting lanes, internal threats also need to be anticipated. We can approach it from the end-user side that performs on-site maintenance by connecting the laptop to the HMI directly for configuration. In general, these machines still use the old Operating System which is known to be stable. This is a risky move if it is connected anywhere because there is no security update available for that version. This is where the Endpoint Detection & Response agent needs to be installed on the HMI.
EDR (Endpoint Detection & Response)
EDR functions as a protective barrier, where the maintenance staff can safely configure/maintain machines. For devices that are connected to the local wifi, the security measure on the access point device can be a barrier.
Sandboxing
Sandboxing is required because the development of malware and viruses, like Zero-Day attacks, are increasingly frequent and common. For optimal prevention, Sandboxing technology can be used for early testing in a self-contained environment, as a filter for files, attachments, URLs, and programs from incoming/outgoing traffic.
In implementing these various security solutions, especially in the Operational Technology aspect, good integration is needed in terms of the specific environment per factory and the technology used so your investment can be optimal.
You can contact us ACS Group, to discuss what solutions are suitable for your business organization.