There is a diverse landscape of threats that are becoming increasingly prevalent to organizations of all sizes. Protecting your business from these threats with a proactive approach will ensure your data and production environment are not at risk. No one security method is sufficient in this landscape to protect what is of value to your business. It is imperative to use a defence-in-depth approach to establish multiple layers of security utilizing physical, electronic and procedural safeguards.
Several older control systems and industrial applications that were installed years ago have older software and systems in place. Environments such as this are susceptible to these types of attacks. Typically, systems in the industrial world are not updated, upgraded and patched to ensure a level of protection, making them a target for attacks which would have a tremendous impact on production operations. On top of this, most plant networks have not implemented proper layers of security in both their physical and logical network architecture.
How should you approach this situation? You need a plan.
An Industrial Network and Security assessment performed by a qualified Systems Integrator can help you to understand the IT configuration within your facility and where your potential issues may reside. This assessment can provide a clear picture of the machines and systems deployed in your environment with a defined roadmap to implement a secure, resilient infrastructure architecture to support the digitization of your plant floor.
There are three areas you should look at when assessing your system:
- Physical Network Infrastructure: The company you work with should perform a visual assessment of physical environments in the plant. This will help you to assess and report on cabling, enclosures, server rooms and hardware-type based on your environment. The report will also provide details on the lifecycles of existing hardware and should provide recommendations regarding upgrading or replacing equipment where necessary. There should also be an in-depth recommendation around the security and access to your physical devices to help prevent malicious tampering or unauthorized device connections to your network.
- Logical Network and Cyber Security: This part of the assessment will gather and document the existing state and logical layout of the plant network and how it integrates with your enterprise network. The integrator will perform a network scan to identify all devices connected to the network and determine the security issues related to those devices. Ultimately, this should lead to recommendations for design changes based on proven reference architectures.
- Compute and Storage Resources: The third part of the assessment will gather information on other resources that support the production facility and assets. These include servers, storage devices, virtualization solutions and HMIs. This will help the integrator to gain an understanding of redundancy and backup state and provide recommendations for the future state of the infrastructure based on your business RPO (Recovery Point Objective) and RTO (Recovery Time Objective) requirements.
JMP can perform an audit of devices and applications on your plant network. Our first goal would be to ensure the network is configured in a manner to prevent malicious types of attacks from penetrating the environment. Secondly, we would ensure any older applications or operating systems are upgraded, patched and monitored with appropriate backups in place for a quick recovery if an event does occur.
JMP is constantly looking towards the future, which includes the continually growing network infrastructure and security challenges that our customers are faced with. Contact us today for an Onsite Assessment to determine if you are facing security issues in your business.
For more information:
Network and Security Services Manager