NOV-DEC 2018

Issue link:

Contents of this Issue


Page 11 of 56

Building resilient cybersecurity in a connected world Urgent call for change COVER STORY guidelines and therefore must collabo- rate to address the monumental and ever-evolving task of cybersecurity. They must work hand-in-hand with government agencies. Incorporate government With many of today's attacks being per- petrated by nation-state actors, strate- gies and protocols set by government agencies can make an impact. In 2013, the U.S. government directed the Na- tional Institute of Standards and Technol- ogy (NIST) to develop a framework that would become an authoritative source for cybersecurity best practices. Other countries have similar standards or are actively working on local versions. In some countries, like France, these stan- dards are even carrying the weight of law. These cybersecurity standards create an But governments can do much more than rely on political leaders to intro- duce legislation. The many three-letter governmental agencies in the U.S. (e.g., NSA, FBI, CIA, and DHS) have a respon- sibility to actively share knowledge. This can happen via the normalization of a trust-based relationship with the private sector, such as in Information Sharing and Analysis Centers (ISACs). Involvement between government and private-sector partners enables timely information sharing and mitigates risk across the industrial world. Governments can set the parame- ters, but it is a monumental job to try to enforce manufacturers and end users into compliance. That is why incentives can help, especially by giving guidance to regional policymakers and granting funding that is connected to national ordered, structured approach to address- ing cybersecurity challenges. They can help translate vague, fear-based concerns into common-sense risk analysis, risk tol- erance assessment, and risk avoidance. In 2018, hundreds of cybersecurity bills were introduced or considered in the U.S. The bills range from address - ing reform in consumer credit card reporting to how data is collected on connected devices. Jurisdictional legislation and regula- tion such as this can be effective, but across all governmental organizations, the key lesson is that effective and last- ing cybersecurity programs are codified via defined roles, responsibilities, au- thorities, and executive order. Such ac- tion is a clear indication of institutional support for cybersecurity efforts and helps to reduce friction and confusion. 12 INTECH NOVEMBER/DECEMBER 2018 WWW.ISA.ORG Triton was a wake-up call for collection action. As the world's first known cyberattack on an industrial safety system, the Triton malware attack on 4 August 2017 shifted the thinking of the entire industry. One year later, we examine what has changed and what is yet to do. The system operated as designed and shut down the plant properly, averting disaster, but an immediate joint investigation uncovered an attack perpetrated by a state-sponsored actor exploiting on-site security lapses. The incident led to the world- wide realization that similar attacks will likely be carried out and that they can happen at any time on any industrial safety system. Thirty-five years after safety instrumented systems were first brought to market, the attack led many plant operators and suppliers to overturn the status quo, identify risks, and address them openly and collaboratively. It is clear that no single entity can solve this global issue. Suppliers, engineers, standards bodies, government agencies, and others must collaborate to address the ongoing and ever-changing cybersecurity threats in both legacy and emerging technologies. Governments, operators, designers, engineers, and suppliers must aggressively act to address the risks to industrial control and safety sys- tems, especially those built before the notion of cyberwarfare. Industry leaders must apply cybersecurity standards for industrial control and safety systems that consider the entire threatscape, while governments encourage adherence. The industrial safety system supply chain must commit to hardening the cybersecurity of platforms, while plant operators and owners adopt (and educate on) practices to address cybersecurity risks. What now? Time for action

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - NOV-DEC 2018