Zero-trust Approach to Industrial IT Security Mitigates Risk of Attack and Downtime

Zero-trust Approach to Industrial IT Security Mitigates Risk of Attack and Downtime
Zero-trust Approach to Industrial IT Security Mitigates Risk of Attack and Downtime

The onward march of smart factory and digitalization initiatives has led to a huge increase in the IT connectivity of industrial manufacturing systems. This raises important questions about how to secure them–especially heterogeneous systems. They often run for years, even decades, and many still run on obsolete operating systems–like Windows XP–that are no longer updated or patched. No wonder hackers and cybercriminals increasingly target control systems and other business-critical equipment.

Small and midsized companies in particular are faced with multiple challenges in terms of how to protect their industrial control systems (ICS) as well as their supervisory control and data acquisition (SCADA) systems against attacks, sabotage, and industrial espionage. The most frequent types of attack include ransomware, infected USB drives, phishing, and social engineering. Downtime and lost data can ruin smaller companies, so security solutions to protect ICS and SCADA systems are essential to their survival.

Never trust, always verify

Conventional security concepts assume that all services, devices, and users in a network are trustworthy. By contrast, the zero-trust model is based on the “never trust, always verify” principle in which there is no distinction between internal and external. But with scarce resources, it can be a challenge for smaller firms to implement a zero-trust approach, especially for application and device control. Updating blacklists and whitelists is extremely labor-intensive because the security parameters for each application and device must be entered manually.

Automatic whitelist and update management

This is where a cloud-based and multi-layered security solution comes in, especially if it includes AI and machine-learning features to minimize the human effort needed. The security solution scans and detects which applications and devices are in use when it is first set up, creating the initial whitelist. Using smart application control, it locks and monitors every machine to ensure that no unauthorized applications can be executed on it. This function is complemented by smart device controls that check all connected devices and block unauthorized ones–such as USB thumb drives. This eliminates the risk of insiders illegally copying machine and other critical data.

The security solution should also include self-learning agents that manage the software update process for each ICS by detecting and allowing access by an approved source such as the machine’s manufacturer. This machine-learning based management of whitelists and application updates enables companies to keep their ICS and SCADA systems secure with little (human) effort–even old equipment running under obsolete OS like Windows XP.

Smart factories need smart security

The manufacturing industry is undergoing significant transformation, but conventional security solutions aren’t keeping pace. Manufacturers realize that highly automated and networked machines increase risk as well as productivity. They are an easy target for cybercriminals–and even for employees with a grudge. As a consequence, companies need a comprehensive, affordable security solution based on zero-trust precepts. This ensures that they can leverage all the benefits of integrated production systems while minimizing threats and risk.

About The Author

Anton Kreuzer is the CEO of DriveLock SE. The German company DriveLock is one of the leading international specialists for IT and data security.

Did you enjoy this great article?

Check out our free e-newsletters to read more great articles..