InTech

JAN-FEB 2019

Issue link: http://intechdigitalxp.isa.org/i/1079769

Contents of this Issue

Navigation

Page 50 of 55

INTECH JANUARY/FEBRUARY 2019 51 Views from Automation Leaders | the final say grators, standards bodies, and governments. Even though end users have to measure and miti- gate risk, well-publicized, recent cyberattacks have shown that vendors need to work together to ad- dress ever-increasing threats. At a granular level, vendors are best equipped to measure the risk of connecting competing systems. If this risk is mea- sured collaboratively by control systems and solu- tions vendors, it can be mitigated earlier in the sup- ply chain rather than at the time of the FAT/SAT. This collaboration must cross competitive barriers and unite the experts who develop standards and have the expertise to strengthen the cyber land- scape, reflecting an understanding that cybersecu- rity goes beyond market share and the bottom line. Collaboration between vendors and other industry bodies will inevitably lead to a better understand- ing of how to reduce and mitigate cyberthreats, so vendors can ensure security is considered from con- cept to delivery. But the initiative cannot end there. It must also include IT systems and providers. For example, we must educate telecommunication and mobile device providers, so they too have a stake in helping secure the critical systems and mobile work- force that rely on communications infrastructure. The financial argument for working together is compelling. Continual, better collaboration be- tween and among end users and vendors, includ- ing IT and network providers, results in better, more secure business performance at the top and bottom line. Just think about this: In the GDPR-driven regu- latory environment, a breach could result in fines of up to 4 percent of the global revenue or €20 million, whichever is higher. There is a simple, clear business case to be made for collaboration. Continuously protecting every business function and operation from cyberattack has become a fact of life. That is not going to change. Therefore, it is time to think about new approaches that future- proof connectivity. All stakeholders must begin work - ing openly together, not only to ensure end users become and remain compliant with legislation and standards, but so they can use all the great technol - ogy available to them to run a secure and profitable operation. If we are going to effectively leverage connectivity while continuously protecting our most critical operations from cyberthreats, we must unite to reexamine, develop, and reinforce best practices, policies, and procedures. The time is now. n ABOUT THE AUTHOR Gary Williams (gary. williams@se.com) is senior director, cyber - security services of- fer management, for Schneider Electric's In - dustry business. He is responsible for cyber - security guidance and support to a variety of external and inter - nal stakeholders. Wil- liams has more than 40 years of experi - ence in designing and implementing com- munications networks for industrial, military, and law enforcement applications. Can stronger cybersecurity collaboration help us "future-proof" connectivity? By Gary Williams C ybersecurity is no longer an emerging trend or fad. It is an increasingly essential aspect of ev- ery business function and operation. This is es- pecially true in industry. There is an increased demand for stronger cybersecurity and for initiatives, includ- ing the U.S. Cybersecurity and Infrastructure Security Agency Act and European Union Network Informa- tion System Directive and GDPR regulation. We know the demand has been amplified for industrial compa- nies when legislation is coupled with mandatory re- quirements in standards like IEC62443 and ISASecure. New legislation and requirements to remain com- pliant with prevailing standards mean end users must invest in technology, which can do more than help secure the operation. Today's systems and solu- tions, especially in the age of the IIoT, can contribute additional operational value by increasing efficiency, reliability, and ultimately profitability. Obtaining and applying real-time data from connected assets, such as temperature, flow, pressure, and device status, to improve operations and business performance demonstrates the substantial value of connectivity. But with such a wide variety of vendor systems and solutions controlling the operation, and because there is not a simple plug-and-play solution that cov - ers every element of the operational technology (OT) environment, end users are fighting battles on multiple fronts: they must engage several vendors for solutions within their operations and connect and use those solutions to improve performance, all while keeping their operations safe and secure. So, while adopting modern technology has many benefits, it has a downside too. Increasing connec- tivity expands the number of entry points for would- be attackers. Every new connection, no matter the medium, increases cyberrisk. In an OT environment, those risks can have potentially catastrophic con- sequences. In a cybersecurity breach, disaster can strike on several levels: interruption to production, damage to the environment, and even loss of life. This means that as cyberthreats within the OT space increase, industry as a whole must collaborate more to future-proof all this connectivity. End users have to collaborate across their supply chains; pro- viders need to collaborate with other providers. We must acknowledge that end users alone are not re- sponsible for cybersecurity, nor can they face cyber- threats alone. Cybersecurity needs to be addressed by an array of stakeholders, including vendors, inte-

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - JAN-FEB 2019