Nigel Stanley MSc CEng FIET MIEEE Anthony Dickinson BSc MBA Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TÜV Rheinland 2mc In the Aluminium Industry nigel.stanley@us.tuv.com adickinson@2mc.co Building Cyber Resilience in Aluminium Manufacturing June 17 th , 2020
1872 1904 1908 1955 1970 2009 2012 2014 2017 Founded to ensure First vehicle inspection First elevator First product First branch office Global market New test mark with QR One of the biggest Center of Excellence the safety of inspection certification abroad in Luxembourg leader in photovoltaic code for fast research independent service Wireless Internet of manufacturing plants certification and more providers for ICT Things transparency security (IoT) Protecting society against threats from new technology since the birth of manufacturing plants 2
McKinsey Global Institute predicts the global workforce will peak by 2030 This colossal economic pressure demands the adoption of automation through digitalisation All of us on the webinar are tasked with delivering growth ! 3
Your production systems are under attack … 4
Cyber attackers now targeting safety systems … Reported DECEMBER 2017 December 2017 M T W H F S U 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 The attacker gained remote access to a safety instrumented system (SIS) engineering workstation and deployed the TRITON attack framework to reprogram Triconex SIS controllers which, in turn, entered a failed safe state Source: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html 5
Industry 4.0 increases exposure to Cyber risk, a complex and evolving risk It’s easy to think Cyber risk is a risk like any other, … yet Cyber risk is a risk like no other Functional Safety : Cybersecurity : Defence against random and systematic technical failure to Defence against negligent and wilful actions to protect protect life and environment devices and facilities Established regulations and standards OT/ICS an attractive target Common expert opinion New regulations and laws emerging Many years experience Continuously changing threats Consistent hazards Experience levels may be low Conflicts between IT and OT security You could prove ‘safe’, BUT … not now you can’t prove secure! ! 6 6
Summary of key findings. The findings reveal the cybersecurity vulnerabilities in the OT environment. On average, organizations had four security compromises that resulted in the loss of confidential information or disruption to OT operations. The majority of organizations have not achieved a high degree of cybersecurity effectiveness. To minimize OT-related risks organizations need to replace outdated and aging connected control OT and IT security systems in facilities, according to 61 percent of respondents. risk management efforts are not Not enough expertise and budget are often cited as reasons for not having a strong security posture aligned. in the OT environment. Accountability for executing a successful cybersecurity strategy. Organizations are lagging behind in adopting advanced security technologies. 7
Ask 1 Has the risk of cyber attack against your business changed? Yourself 2 What is your OT cyber risk? Is the risk increasing or decreasing? 3 What assets do you have, where are they, and how critical are they right now? 5 How can you monitor production systems for real-time cyber threats, events, and incidents? 4 Have your safety systems been targeted by cyber attacks? What does this mean to maintaining business ! output and plant availability? 8
Continuous Adaptive Risk Monitoring (CARM) for Operational Technology Provides a real time view of Helps protect operational Ideal for asset and risk owners business risk in the context of availability and the integrity of who must manage operational cybersecurity threats and safety systems, that are now risk and need visibility into the vulnerabilities to OT and safety being targeted by cyber emerging cyber risks inherent critical systems attackers in operational technology Continuous Adaptive Risk Monitoring Findings OT Cyber OT Cyber Risk OT Cyber Risk OT Cyber Risk OT Cyber Threat Incident Awareness Assessment Management Detection Readiness Incl. Self-Assessment Workshop NIST CSF Business Context Asset Discovery Table Top Exercise Training IEC 62443 Auth. Sources Threat Intelligence Cyber Range … Certification Workflow Monitoring Periodic 9
A real-time view of emerging threats, vulnerabilities and dependencies Presented within the up to the minute business context necessary to improve operational cyber resilience What is my OT How can I monitor cyber risk; and is them for real-time the risk increasing cyber threats, or decreasing? events, and incidents? What assets do I What and where have, where are are my safety they, and how critical assets, and critical are they how are they now? impacted? 10
Summary Business needs a way to understand OT cybersecurity risk in the context of the 1 business Threat actors are after intellectual property 2 and are out to cause disruption Safety systems can no longer be safe 3 if they are not secure Regulators and standards bodies are starting to embrace cybersecurity risk and expecting 4 businesses to keep up Access the full research here: https://tinyurl.com/y85eskun Cybersecurity by compliance alone 5 will never be enough 11
Thank You Nigel Stanley MSc CEng FIET MIEEE Anthony Dickinson BSc MBA Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TÜV Rheinland 2mc In the Aluminium Industry nigel.stanley@us.tuv.com adickinson@2mc.co Building Cyber Resilience in Aluminium Manufacturing June 17 th , 2020
Recommend
More recommend
