The days of “Security by Obscurity” are a thing of the past.
There may have been some reasonable arguments behind this old method of protection, in which smaller operations feel they can “fly under the radar.” However, smaller operations now tend to be more at risk – but those stories don’t make the news.
Headlines are made when a major corporation or populous city is hit with a cyber attack. When an industry behemoth like Honda was breached and production was halted at factories across the globe, it made national news. In the public sector, the City of Atlanta had well-publicized headaches with the SamSam ransomware, which shut down numerous services and cost millions of dollars.
While the big boys may get all the attention, the truth is smaller operations are most frequently at risk.
Smaller Operations Are Targeted Most
According to the National Cybersecurity Association, around 70% of cyber attacks are targeted toward small businesses. From an industrial perspective, America’s nearly 70,000 water and wastewater utilities are considered underprepared for an attack. In fact, Fort Collins, Colorado – with a population under 170,000 – has been hit twice by attackers. Elsewhere, hackers used firewall vulnerabilities to create “blind spots” for grid operators at several small power generation sites in the first-of-its-kind cyber attack on the American grid system.
The hide-the-key-under-a-rock style of Security by Obscurity may have been acceptable in the past, but the rise of connected systems, Industrial Internet of Things (IIoT), and remote facilities has caused a drastic change over the years.
Smaller doesn’t mean safer, anymore.
Better Protection Is Now Available
There is good news, though. Technological advances are providing better protection for industrial operations. Industrial Cyber Security options offer a wide range of benefits and can help you identify and assess, detect and protect, recover and prevent, and respond and alert against cyber attacks.
Identify and Assess: Especially for operations relying on Security by Obscurity, getting a security assessment (or audit) from Industrial Cyber Security professionals is a cost-effective but highly productive way to identify “holes” in your operation’s networks.
Detect and Protect: Secure remote connectivity and/or network segmentation and isolation is important. There are platforms available that protect against a potential breach and notify personnel about suspicious activity.
Recover and Prevent: Industrial Cyber Security experts can help you build a foundation to quickly recover and get back up and running again with version control and recovery – while preparing for the future by securing data storage and creating fault-tolerant infrastructure.
Respond and Alert: Programs that have alarm notifications in response to an event, as well as security auditing and reporting, ensure you and your operation stay alert of any suspicious activity.
It’s important to remember that cyber security is a continuous process. An operation should always be going through these steps, making sure protections are in place to keep processes running smoothly.
It can feel overwhelming trying to digest all of the available Industrial Cyber Security options on the market – particularly for an operation that has relied on obscurity in the past. However, there are simple steps that industrial companies can take to be better protected from attacks.
If you’re interested in scheduling a discussion or assessment to see how protected your network is against an attack or would like to learn more about Industrial Cyber Security, reach out to the experts at AutomaTech or email us at firstname.lastname@example.org.