The Benefits of ICS Network Monitoring Throughout the Entire Industrial Control System’s Lifecycle
By Preston Futrell, VP of Sales & Marketing, NexDefense
Critical infrastructure and industrial organizations are under constant pressure to do more for less despite mounting financial, operational and compliance restrictions. To meet these demands, facility owners and operators are increasingly looking to modern information technology (IT) as a cost-efficient way of improving efficiency and productivity, as well as upholding reliability and to maintain integrity.
Unfortunately, the majority of the automation and control systems still in use were built long before connectivity was even a thought. As such, most operators of this legacy equipment lack the network visibility and situational awareness needed to ensure reliability and availability, or to discover and stop increasingly frequent and sophisticated cybersecurity attacks.
Recognizing both the reliability and security vulnerabilities that come with converging innovative IT with traditional operational technology (OT), engineers and security professionals alike have begun to actively encourage their organization’s leadership to adopt ICS-specific solutions to alleviate these concerns. ICS network monitoring, for example, can help maintain the reliability of mission critical equipment. It does so by providing real-time visibility of misconfigurations, remote connections operating improperly and incorrect commands unintentionally introduced by simple human error. Likewise, network monitoring also provides the visibility and situational awareness needed to passively unearth attempts at unauthorized access and suspicious communications that may signify malicious reconnaissance activity or, even worse, an imminent cyber event.
While technology that supports reliability efforts remains the number one priority for most engineers, the cybersecurity benefits should not be understated in what has become an era of increasingly sophisticated and frequent attacks. In fact, just a few weeks ago, the consulting firm Booz Allen released a report on ICS cybersecurity, which concluded that “sophisticated and widespread campaigns to steal data and gain access to industrial control systems through cyber attack” were underway.
Adding network monitoring to legacy systems is essential for organizations needing to ensure reliability and minimize cybersecurity risk, yet doing so is not without challenge. Specifically, the plethora of legacy equipment’s established vulnerabilities makes it difficult to establish a baseline for network activity that should be considered ‘normal.’ Thus, false positives and the need for excessive and time-consuming equipment maintenance and systems upgrades can elongate the implementation process.
Fortunately, the fix to this challenge is simple: make network monitoring inherent to new equipment.
The Need for Network Monitoring in New Equipment
Because manufacturers are currently producing new control systems as legacy equipment is reaching end of life, the opportunity to implement ICS-specific technology into new equipment is quickly approaching – if not already here.
In an era in which connectivity and cyber attacks threaten reliability like never before, incorporating network monitoring into control systems from the very beginning is primed to become the norm. Industry has spent a lot of time addressing the need and implications of adding network monitoring to legacy systems, but has not talked enough about the benefits of network monitoring inherent to equipment.
In fact, the benefits are profound to manufacturers, systems integrators and end users alike during all four phases of the ICS lifecycle: design, install, operate and maintain.
Manufacturers: Network monitoring aids manufacturers during the physical and logical network layout by allowing them to preplan for desired visual and logging for systems, sensor connection and placements. The visibility also allows the manufacturer to identify any misconfigurations while engineering the system. This intelligence, in turn, helps establish an accurate baseline of communications.
Systems Integrator: For systems integrators, having network monitoring inherent to ICS equipment allows them to track networked assets during commissioning. It also enables them to set alarms on anomalies during network expansion, using that information to establish white, grey and black lists for known and trusted communications as a means to proactively address threats to reliability and cybersecurity concerns.
End User: Incorporating network security monitoring during the design phase provides the end user with a complete history of the system’s network operations. This means that owners and operators know everything that has been changed, patched or upgraded throughout its entire lifecycle. This capability allows for more reliable operations and maintenance – such as asset tracking, real-time analysis and network event forensics.
In all, there is high value in network monitoring for industrial control systems throughout equipment’s entire lifecycle – from design, to install, to operation and maintenance. While adding the solution to legacy ICS is undoubtedly necessary, manufacturers and systems integrators must begin recognizing the benefits of implementing security from the very beginning. Doing so can truly reduce vulnerabilities and accurately identify threats that could negatively impact reliability.
About the Author
Preston Futrell is the vice president of sales and marketing at NexDefense, a provider of cybersecurity for industrial control systems.
OPC UA - The Top 10 Considerations for Developers
By Arun Ananthampalayam, Honeywell Process Solutions
Whether you are a tool builder or an application developer – if your software needs to...
Solving Food Manufacturing Labor Shortages Through Robotic Automation
By Maria Ferrante, PMMI
PMMI had a chance to speak about new technologies and trends in automation with Don Wickstrum, president and owner of...
CIA Exploits of IoT Devices: What lessons can we learn?
By Alan Grau, Icon Labs
Recent WikiLeak documents allege that the CIA developed, or sought to develop, or even “borrowed”, cyberattack...
The IoT Impact on Business Models: What Should Manufacturers Do First?
By Bill Lydon, Editor, Automation.com
The availability of many new technologies has provided the building blocks for dramatic changes in the...
Solving the 7 Most Common Tank Gauging Problems to Improve Safety
By Ulf Johannesson, Emerson
Many terminals and tank farms struggle with tank gauging because they use outdated equipment. However, modern tank...
Industry 4.0 and Cybersecurity: Managing Risk in an Age of Connected Production
This new Deloitte study outlines the strategies that businesses must take to build cybersecurity efforts into their larger business plan and...
Insights on Digital Transformation
The reality is total adoption of IIoT is a ways off and users today need to start the digital transformation for their enterprise...
Alphabet Soup: Understanding IoT Acronyms and How to Compare Them
By Matt Smith, Cortet Engineering
This article will aim to help your decision-making process by explaining the existing technologies and...
Digitalization 101: The Means to a Successful Enterprise Outcome
By Rajiv Sivaraman, Siemens
Digitalization may find its way into the dictionary as a homonym, for all its multiple meanings, but it has already...
Tripwire Study: IT security professionals expect an increase in IIoT cybersecurity attacks
The study looked at the rise of Industrial Internet of Things (IIoT) deployment in organizations, and to what extent it is expected to cause...