Does your company have information, recipes, designs and manufacturing techniques in different locations or countries? The chances are that the more spread your operations, the more cyber risk you face. Rockwell Automation explains.
In the fast-changing world of cyber threats, it may well be that companies will increasingly consider cyber security as a good reason supporting the case to reshore manufacturing to the UK, but where that is not possible, it is vital to understand the risk and mitigate it as much as possible.
According to our own Doug Wylie, Certified Information Systems Security Professional and director of product security risk management at Rockwell Automation, every time a new connection is added to a network, the cyber risk expands along with potential attack points available for those who seek to benefit from damage, disruption or information theft.
“It’s essential to recognise cyber security is not a one-time investment,” Mr. Wylie suggests. “Millions of new devices and new users are becoming connected and interconnected around the world every day. Security is a commitment that commands vigilance and an ongoing investment in people, process, product and technology.”
The increased potential attack points means that the availability (up time), integrity and confidentiality of information held on any connected devices, or importantly, any systems which link to connected devices are more vulnerable to attack from anyone given the means, motive and opportunity to gain from a cyber-attack.
Knowing that all connected systems are inherently vulnerable, there is a strong call to action to develop a robust security culture and a proper security strategy. Although there is no quick-fix or one-size-fits-all solution, the best risk mitigation does not have to be a painful exercise. What’s more, with an improved security infrastructure and better control of information flow comes many opportunities to take advantage of new technologies such as cloud, mobility and virtualisation – not to mention being better able to take advantage of the Internet of Things securely through smart devices.
So what about this industrial security strategy and security culture? At Rockwell Automation we talk about and deliver services based around layered security and defence-in-depth principles which can help forward thinking companies to embrace, rather than fear, the leading technologies and open platforms that promise greater control, flexibility and efficiency.
The defence–in-depth security strategy is applied to a system design to complement the physical, electronic and procedural protective layers. This approach is a deterrent and can slow and thwart unauthorised activities against a control system. In turn this increases the likelihood of attacks being detected before any information is lost or before any damage can be done.