Ensure your plant experiences the benefits coming from compliant and future-proof security tools and resources.
How to do Security well
Although it is important to have the right hardware and software to have a secure system, good security also means taking into consideration human factors, simple uplifts that provide significant security advantages and considering the best business case based on your individual circumstances and resources.
Industrial devices and networks have been difficult to apply user based identity management onto. OpusV's Identity and Access Management (IAM) solution is focused on bringing role based user access to every device in your industrial control network. You must identify who is on and is accessing your network. Partial identity information is almost worse than none.
Even if your system gets breached, can you maintain access and control of critical plant function? In a worst case scenario, do you have backups you can restore from? How confident are you that backups your can’t be infected? Do you have incident response plans that allow a plant to get back full functionality quickly? Or do your current practices take hours or days?
Much about security comes down to people. Have you fostered a culture of security or does your organisational culture find security practices annoying? The best security is often baked into everything, not treated as a separate area. Your security capacity is also limited by the level of security competence you have access to. Do you have competent people involved? Security is its own unique field and requires unique expertise to run.
Meet AEMO's CSF
In Australia, AEMO have a number of security requirements. These compatibility expectations are also something that will increase over time. Whilst meeting current requirements is key, much can be gained by maturing your systems further along AEMO’s projected roadmap. Advancing maturity levels may also future-proof your plant against the rapidly evolving AEMO requirements, saving you both stress and costs.
It’s important to maintain strong awareness of current risks. This means being conscious of the current security environment. Taking into consideration your entire supply chain is crucial to doing this effectively. To increase awareness, it’s also a good idea to audit behavior for all key software, hardware and people that make up your system. This information can be helpful to flag a security breach or remove issues before they become major concerns. During an incident, this increased data also helps in understanding what has occurred and more efficiently implement countermeasures or responses.
Prevention + Response
Take time to prepare your capacity to be able to prevent and respond to security incidents. Beyond hardware and software, you may want to consider any processes and practices that will also protect your plant against accidental or unintentional vulnerabilities. Do you have triggers and alerts already in place to help you react quickly to prevent a situation from escalating? Pre-prepared escalation plans are essential for responding to an incident more efficiently and effectively. Do you have these and are key personnel confident using them?
Malicious actors can be both domestic or international, and have a range of motivations for their attempts. Nonetheless a common threat matrix can be used to frame our assessment and response.
Holding systems ransom
Ransomware locks your system making it inaccessible until you pay for access. Ransomware is one of the most common ways malicious actors raise money.
Attacking another entity with your fingerprints
To cover their tracks, bad actors may initiate crimes against other organisations using their access to your systems.
Taking hardware offline
Malicious actors may use access to your system to take key hardware offline or carry out a Denial of Service attack (DoS).
Editing your software or data
Bad actors may use access to your system to edit data or system settings. This can cause pieces of hardware or software to malfunction or provide inaccurate data.
Camping and mining information
Spyware allows a person or organisation to monitor information about your business without your knowledge. This information may be used against you or sold to others.
Infecting your backups
A predictable response to a security incident would be to restore systems from an assumed ‘clean’ backup. Because of this, malicious actors will often make sure to only initiate an attack once they know they’ve also infected your backups.
Benefits of Doing Security Well
Doing security well provides a range of tangible advantages and benefits to your plants.
Stable plant function
Without malicious actors travelling through your system your plant will operate more reliably and predictably.
Protect your reputation
Security incidents can range from embarrassment to being framed for someone else’s criminal actions. The reputational issues can effect future licenses and last for years.
Avoid surprise costs
Hackers run a business often designed to cause their victims financial loss. Even after recovering from an attack, additional costs are required to clean your system to prevent the issue from recurring.
Good cyber security practices make meeting AEMOs increasing requirements easier and cheaper.
Peace of mind
As cyber crime continues to rise, find peace of mind knowing your organisation has mitigated the main risks.
Trickle on benefits
Good security also results in robust processes and practices that can make your plant easier to run and maintain. This can include things such as better monitoring capabilities, cheaper maintenance and better user controls and management.