By Gregory Hale
One of the good things that occurred after last week’s news from the Department of Homeland Security (DHS) involving Russian attackers being able to penetrate the networks of hundreds of U.S. utilities is the idea of companies operating in the manufacturing industry might end up motivated to actually do something.
Then again, as often is the case, after the big headlines disappear, there is a loss in momentum and life goes back to normal.
But will it? In this age of digital connectivity, will everybody’s work life ever be the same? Will it ever be “normal” again?
There is no doubt the attack news could bring about a level of fear from users, but what they have to realize is it doesn’t really matter if Russia is knocking on the door or if little Johnny hopped up on energy drinks and tucked away in a basement down the street is coming after you, everybody needs to get activated to not only create a security plan, they also have to start executing that plan because some kind of cyber attack – albeit intentional or unintentional – will eventually be headed your way.
“The recent discussion about nation-state attacks against critical infrastructure has obviously raised awareness about an ongoing concern. However, the discussion should really be focused on the preparedness of critical infrastructure operators, which is different for each company, rather than on who the adversary might be or what they might be capable of,” said Eric Knapp, chief engineer and director of technology at Honeywell Industrial Cyber Security. “We know that there is a threat against industrial automation and control systems, which support much of our critical infrastructure. We know that there are nation-state level cyber tools and exploits that are readily available to anyone, thanks to the 2016 leak of Equation Group hacking tools. We know that the majority of operators aren’t prepared to defend against these tools, evident by the number of real-world incidents caused by WannaCry outbreaks over the past year, and further supported by our findings with LNS Research.”
That survey, entitled “Putting Industrial Cyber Security at the Top of the CEO Agenda,” was conducted for Honeywell by LNS Research. It polled 130 strategic decision makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), and their use of industrial cybersecurity technologies and practices.
Among the findings of the survey were:
• Over 50 percent reported working in an industrial facility that already has had a cybersecurity breach
• 45 percent of the responding companies still do not have an accountable enterprise leader for cybersecurity
• 37 percent are monitoring for suspicious behavior
• Although companies are conducting regular risk assessments, 20 percent are not doing them at all
Slow or low adoption could mean either manufacturers will move forward with digital transformation and remain insecure, or they will end up delayed in their movement forward, thus losing valuable time and potential revenues, until they adopt a security program.
Either way, it appears security is such a vital concern for moving forward, it is almost incomprehensible as to why there are no real cyber programs in play across the board.
But then again, it is also clear companies are still in the mindset where they have never been hacked, so why should they waste their precious budget on something that never has happened before.
Fight Another Fight
But as the old saying goes, and it has never been more true, there are two types of companies out there, one that has been hacked and the other that knows they have been hacked.
“There’s an old martial arts adage, ‘Fail seven times, stand up eight.’ The notion that you will never be attacked, or that if attacked your adversary will never breach your defenses, is simply unrealistic,” Knapp said. “However, when hit, how do you respond? If your cyber plan is mature enough to include incident response plans and disaster recovery, you will recover to fight another day. This is especially important in an industry that is, unfortunately, still fighting an unfair fight against a much more capable adversary.”
Manufacturing automation professionals, whether they are engineers, operators, executives, safety or security experts, need to remain focused on what needs to be done, which is keeping plants safe, secure and profitable.