| | December 202019CIOReviewThe constant stream of security patching and OS updates combined with the need for virus and malware detection software installed throughout the environment mean that, best case the manufacturing environment is hard to manage and worst case, it's an unmaintained attack surface2013, equipment support portals can quickly become back doors into the environment from which bad actors can easily navigate throughout the network. And although every organization in the world is at risk from phishing related attacks, the risk in a manufacturing environment still running on large numbers of unsupported and unprotected operating systems is particularly high-and the damage can be physical and catastrophic.Problem 4: The Shifting Technology LandscapeIndustry 4.0 and the Internet of Things are dramatically changing the technology footprint of the manufacturing shop floor. Legacy SCADA protocols like Profibus and Modbus are making way for TCP/IP based communications; Centralized on-premise, two tier architectures are evolving to decentralized edge/cloud multi-tier solutions; And SCADA systems are increasingly interconnected with MES, ERP and analytics platforms. The larger solution providers are investing heavily and evolving their products rapidly. The smaller niche players have a multi-decade legacy of outdated technologies that will take many years to modernize and solutions will be vulnerable until that is done. To complicate matters further, finding IT talent with knowledge of industrial controls technology is increasingly rare, and the population that built the previous generations of industrial control platforms are now approaching retirement age.The Industrial controls domain is a time bomb. Aging technology responsible for critical equipment, vulnerable to cyberattacks in an increasingly connected world, with a multi-year remediation timeline, a talent shortage and closely tied to physical equipment that gets replaced every 20 years or so... It sounds like the trailer from a blockbuster disaster movie. In the meantime, IT teams can take the following steps:1. A complete audit of the Operational Technology environment including SCADA systems, embedded controllers, kiosks to assess the technology landscape.2. Engage with plant & equipment vendors directly to understand technology upgrade roadmaps, patch availability, disaster recovery planning and assess their own access and cyber security policies3. Implement segregated VLAN and manufacturing firewalls to serve as bi-directional protection of malware that could get into the environment. Update policies & controls where possible. 4. Develop quarantine procedures for any devices entering the manufacturing VLAN and ensure those processes are understand throughout the Operations teamsManufacturing Enterprise Security will be heavily dependent on edge defenses for at least the next 5-10 years as plant equipment manufacturers re-architect and redevelop their control systems in line with today's technologies and cyber security standards. IT, who have been historically quite disconnected from Operational Technology, will need to ensure they are including manufacturing environments. Matt Griffiths
< Page 9 | Page 11 >