The dynamics of industrial network security create an environment that is unique on a number of fronts. Diverse data origins and applications, inconsistent internal networking strategies, and the reluctance of many to truly appreciate the breadth of the isse can make cybersecurity a daunting task. IEN recently sat down with Andrew Kling, senior director of cybersecurity and system architecture at Schneider Electric to discuss some key strategies that can help the industrial sector grow and improve an area that impacts all facets of the enterprise
Jeff Reinke, IEN: How would you describe the current state of cybersecurity in the industrial sector?
Andrew Kling, Schneider Electric: In need of evolution. Particularly in the advent of the digital transformation and Industrial Internet of Things (IIoT), cybersecurity can no longer be an afterthought; there’s too much at stake both financially and operationally. We must look beyond competitive lines and collaborate globally via information sharing to up-level risk awareness and prepare together to ward off the looming threat of cyber-attacks.
It’s a global threat that impacts not just those directly tied to the industrial sector, but anyone at risk of an attack – the entire global population. One critical need is to evolve from having a predominantly reactive attitude and approach to cybersecurity.
JR: What is some of the low-hanging fruit for manufacturers when it comes to cybersecurity? Where do they need to start?
AK: We can’t emphasize enough the importance of engaging with a team that can provide a professional site security assessment. Cybersecurity threats evolve daily. It’s a process that will never have a completion date as things change and new threats pop up constantly.
Manufacturers must look beyond the status quo they have done for years and engage with external experts who can continually monitor and suggest process changes to ward of the latest threats. Other specific recommendations to strengthen site security practices includes:
- Look to your facility’s supply chain. Demand cybersecurity awareness from your suppliers.
- Apply and maintain documented procedures provided by systems, solutions and software suppliers.
- Be aware of industry cybersecurity standards and implement and adhere to these standards.
- Make security part of the operations lifecycle, including strong employee training.
JR: Where does the industrial sector struggle the most? Why?
AK: The struggle is with consistency, once the initial proactive steps are taken. Or, post-incident when the dust has settled and there’s an urge to be lulled back into a false sense of security given the heightened attention to prevention that happened immediately post attack. Resources will be plentiful in the immediate wake of an attack, but once the incident has passed, maintaining the proper level of resources can be an uphill battle.
A continuous assessment of the ever-evolving security risks and a plan to address them is essential to leveling out preparedness. Having a proactive program, inclusive of a regular security assessment process, can lessen the risk of an attack and make it much easier to keep a security-focused program alive.
JR: The connected enterprise has broken down a lot of silos between operations, IT, procurement, etc. What silos need to be broken down for industrial cybersecurity to improve?
AK: There needs to be more perspective into each other’s worlds by security professionals in operations, IT, procurement and all areas of the business. IIoT and the general digitization movement requires manufacturers to unify their operations and business processes. One way is by bringing the IT functions historically controlled within the business closer together with the operational technology (OT) functions that historically controlled the manufacturing process.
The plain truth is that these two groups already share the cybersecurity risks. These are the benefits of more connected and intelligent devices that allow for better visibility and control of more than just the real-time efficiency of operations. Plant managers now can also control other critical business variables in real-time, including safety, reliability and operational profitability. Just remember, with this improved connectivity and all of the associated benefits, come shared cyber-risks between those connected parts of the business.
JR: What element of employee involvement needs to be improved to make cybersecurity better?
AK: Organizations should promote general cybersecurity awareness by providing regular and ongoing employee training focusing on the detection of potential risks such as phishing and appropriate network use. Basic cybersecurity knowledge is a requirement for all employees in today’s business environment. Also, IT and OT professionals must regularly be trained to understand the cybersecurity risks and the best preventative steps possible when maintaining company assets.
JR: Looking forward, what is the biggest change that needs to occur in order to optimize industrial cybersecurity?
AK: Awareness of how great the risks are and a willingness to look beyond a single organization’s situation, and work toward the greater good of cybersecurity collaboration, information sharing and prevention. We are facing a new reality and geopolitical climate where malicious actors have unlimited time, resources and funding to carry out cyber-attacks. The only way to address this behemoth threat is alliance and cooperation against growing threats.