INSTRUMENTATION • ELECTRONICS


FIRST LINE OF


Jonathan Machin on the importance of operational technology security


DEFENCE T


he importance of IT-security has been acknowledged by experts for years whereas securing industrial control systems seems to have been


overlooked. Whilst attacks on operational technology (OT) environments are becoming more frequent, companies are looking for ways to eliminate network vulnerabilities and bridge the gap between OT and IT. Procentec has sparked widespread


interest in the industry with the release of new solutions to strengthen industrial network security.


SPOTTING BOTH EXTERNAL AND INTERNAL THREATS


Although the focus is often on external attacks (malware, phishing and hackers), internal threats can be just as damaging and are more likely to occur. Whether it’s a mistake due to inexperience with a task or protocol, or with the intention to inflict damage, these threats can lead to costly downtime. Keeping track of modifications to physical assets is more important than ever. But if an industrial network’s security doesn’t extend much beyond a firewall, the


Procentec delivers solutions that tackle a range of different OT network security issues


devices on that network are vulnerable. A firewall won’t protect a network from people who know how to go around it. Even if a network is air gapped, you can’t safeguard it against authorised individuals who make an error. Te Security License product tackles the everyday threat posed by unintentional and bad actors. It permanently monitors any planned or unplanned changes to a user’s devices, giving an industrial network an extra layer of protection. Some of its key features include Quiet


Eliminating network vulnerabilities is key 26 www.engineerlive.com


Hours and Maintenance Mode. Quiet Hours will tell the user if there is any communication on the network when there shouldn’t be any (e.g. during events, night-time, weekends, holidays, etc.). Maintenance Mode allows the user to make changes on their network without getting a security alert. In addition to this, there are multiple inspections included to tackle the most often overlooked security vulnerabilities. Te port scan, SNMP write access scan, device password scan and communication baseline scan make sure all the entries to a network are secured.


MAINTAINING DATA INTEGRITY FROM SOURCE TO DEVICE Updating software in a decentralised OT environment can be a haphazard affair. But not knowing what has been installed can pose serious risks to a network. According to Honeywell’s latest “USB Treat Report”, the number of USB threats specifically targeting OT-systems has almost doubled from 16% to 28% in 2020. Te risks are way bigger than just spreading malware: a USB-device can even be used to attack systems directly. LockBox is designed to overcome the persistent problem of unverified and randomly downloaded software. Tis blockchain-based platform provides a centrally controlled catalogue of approved firmware, manual brochures, release notes and datasheets for individual network devices. It allows users to share the latest files safely with authorised users and stops the distribution of files via email, shared folders or USB sticks.


Jonathan Machin is with Procentec. www.procentec.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52