Industrial cybersecurity has become an essential element of risk management according to the US-based ICS Cybersecurity team at Yokogawa Electric. Just last year the company released the results of a survey looking at industrial autonomy. According to the survey, two-thirds of process industry companies are anticipating fully autonomous operations by 2030. The report reveals future trends in automation and autonomy, business priorities, and technologies being deployed in process industries including oil and gas, pharmaceuticals, chemicals, petrochemicals, and power generation. According to the report, 67 percent of respondents expect significant automation of most decision-making processes in plant operations by 2023.
With this shift to autonomous operation in industrial environments, come cyber risks. Recent reports indicate hackers are increasingly targeting industrial control system endpoints.
“Industrial cyber attacks are no longer novel. It’s becoming an everyday reality,” says Matt Malone, an ICS cybersecurity consultant with Yokogawa. “The attacks are becoming more prevalent and more well known.”
That’s why Malone has made it his mission to better prepare industrial environments for such attacks. Industrial Cyber talked to Malone about the importance of cybersecurity as risk management. He says organizations need to understand that the risks of cyberattacks are not decreasing and plan accordingly.
“I don’t think it’s a secret that a lot of control systems globally are playing catch up in regards to their cybersecurity policies and programs,” Malone says. “That’s been my mission, to evangelize the need for cybersecurity for control systems.”
In light of the increasing attacks on industrial control systems, Malone says it’s important for every organization to improve its cybersecurity program. And if organizations don’t have a cybersecurity program, Malones says it’s way past time to develop one.
Luckily, many organizations seem to be paying attention. More than 50 percent of respondents in the Yokogawa survey said they plan to invest in cybersecurity over the next three years.
Malone says this shift is part of a larger shift in the industry.
“The days of closing the curtains on a cyber attack are coming to an end,” Malone says. “We’re starting to see companies become more willing to disclose whether or not they’ve been attacked and the remediations they’re taking. As that happens, it becomes a warning to others.
“As we see that shift to companies becoming more open with some of their attacks and countermeasures and some of their protections, I think we’re going to see that same shift in spending.”
Malone is an advocate of information sharing around cybersecurity attacks. He says highlighting these attacks is key to getting industrial organizations to understand the cybersecurity risk to their facilities.
“Not having any solutions or a program and just relying on security by obscurity isn’t an option anymore,” Malone says. “Some people think, ‘I’m a small plant, so who would really want to attack me with malicious code.’ With the amount of code that’s out there, some of it not even intended for industrial control systems, a lot of it is making its way to industrial control systems. Some of the older solutions that involved super glue and USB ports aren’t going to work anymore.”
Malone says industrial cybersecurity is an essential element of risk management. The first step is to understand the cybersecurity risk of your facility and the second step is to plan to mitigate that risk.
“This is an issue, but there’s something that can be done about it. It’s not something that has to be fixed overnight and it can’t be fixed overnight because we didn’t get here overnight,” Malone says. “There’s not really going to be an end state where one day you’re 100 percent secure from any and all malicious attacks. That’s not a realistic expectation. It’s a process that can be bettered over time with continuous improvements.”
Yokogawa is a leading provider of industrial automation and test and measurement solutions. The company serves a diverse range of process industries including oil, chemicals, natural gas, power, iron and steel, and pulp and paper.
Yokogawa offers a range of solutions and services to help customers control security risks and achieve business continuity throughout their plant’s entire lifecycle. The company’s lifecycle approach involves resilient cybersecurity services and solutions to reduce cyber risks in ICS environments. This includes best practices in cybersecurity architecture design and plant operations to ensure safe and secure operations.
“I would begin with a qualitative or a quantitative risk assessment,” Malone says. “From that point on we’ll be able to help the client plan their roadmap for the next five years. Every site is going to be unique.”
Yokogawa’s comprehensive security program includes six phases of cyber risk management. Since industrial environments continue to vary wildly, this process is tailored to each site’s unique needs.
“As much as those in the industrial automated manufacturing space have tried to make a move toward modularity, we still have a lot of legacy sites,” Malone says. “They might have different OEMs represented within their control systems, they may have field instrumentation devices from another vendor or they may have different units within sites using control systems from very different manufacturers.”
The awareness and training stage of Yokogawa’s process involves educating and updating employees about cybersecurity knowledge for correct decision-making. Next, Yokogawa conducts a risk assessment to help identify existing security risks in a prioritized order based on system vulnerabilities and incident impact levels. Yokogawa also helps define practical policies and procedures for avoiding any gaps between people, processes, and applied technology at the site. The company also helps organizations make the investment business case for cybersecurity and builds a security roadmap plan for the mid to long term that takes into account the organization’s budget and achievable goals.
During the design and implementation phase, Yokogawa implements defense-in-depth security countermeasures for maintaining operation availability. For ongoing risk management, Yokogawa’s managed services include implementing enterprise-wide security for timely monitoring, protection, and response at the first view.
Yokogawa also offers a range of products built with a secure-by-design methodology in mind. These solutions are tailored to the ever-evolving risks organizations are facing. For example, Yokogawa’s remote connectivity solution has seen higher demand due to the COVID-19 pandemic which forced many operations to shut down.
“The lockdown forced a lot of companies to evolve their business in order to keep producing,” Malone says. “With that, there has to be a secure way for companies to continue their business processes while operating remotely. Having a remote solution that doesn’t go hand in hand with cybersecurity is a non-starter.”
Yokogawa also provides remote performance monitoring and managed services from a Security Operations Center. The company has three global locations that offer 24/7 monitoring for clients who don’t have their own in-house SOC.
“No matter the time of day, we’ve got eyes on your system,” Malone says. “We’re looking for any type of intrusion, any type of insertion of malicious code and at a snap of a finger we’re there to help offer remediation services and support.”
For more information on Yokogawa services – here