As the industrial world becomes more dependent on technology, the benefits of a connected, dynamic network also make it more important to have a formidable cyber security strategy.
It’s also a reality that some operations may not have extra room in the budget for a top-of-the-line Industrial Cyber Security platform.
(Here is a handy graph showing the relationship between the cost of an Industrial Cyber Security product versus the probability of a breach.)
However, there is good reason for industrial operations to take cyber security seriously. Recently, the country’s 70,000 water and wastewater facilities are dealing with a wave of online threats – with one IT manager at a midsize water utility plant saying, “It’s not a question of if (there will be an attack), it’s a question of when. Most small and midsize utilities are overstressed.”
There has also been a rise in targeted attacks, including ransomware that specifically goes after Industrial Control Systems. These ransomware attacks have increased rapidly – particularly in the health care and utilities markets.
That’s why it’s important for companies to take a preventative approach, instead of a reactive approach. For example, Middlesex County Utilities Authority (MCUA), responsible for management of wastewater and solid waste services in Central New Jersey, identified a Critical Remote Facility that needed protection. They found a cost-effective solution to secure the remote facility – and one that was implemented quickly.
In addition to AutomaTech’s Industrial Cyber Security offerings, here are some actions that are a step in the right direction and can be implemented without breaking the bank.
- Assess Your Systems
Getting an assessment of the strength (and vulnerabilities) of your networks can provide valuable insight. AutomaTech offers cyber security assessments that can help you mitigate risk, enable compliance, and explain best practices in understandable ways. This is a cost-effective way to understand your facility better and help prepare for the future.
- Review Password Policies
It’s critical that facilities consistently review password policies and leverage multifactor authorization (MFA). For example: are you still using default passwords? It sounds elementary and the process may seem like a nuisance to some employees, but these simple acts really can help protect your operations.
- Regularly Update Control System Software
It’s important to regularly update your industrial software, antivirus and other software in your ICS – if there are still updates available in your current system. Checking for software updates regularly also makes you aware if your system has become obsolete. For more information, here is a white paper from Tempered about the importance of protecting your ICS.
- Implement Industrial Firewalls & VPNs
Looking into Industrial Firewalls & Virtual Private Networks (VPNs) can be a simple and cost-effective way to keep your OT networks secure.
While these simple steps won’t offer the full protection that industrial operations may need, they are an excellent starting point. If you’re interested in scheduling an assessment to see how protected your network is against an attack or would like to learn more about Industrial Cyber Security, reach out to the experts at AutomaTech or email us at firstname.lastname@example.org.