InTech

SEP-OCT 2017

Issue link: http://intechdigitalxp.isa.org/i/882230

Contents of this Issue

Navigation

Page 30 of 57

INTECH SEPTEMBER/OCTOBER 2017 31 SPECIAL SECTION: CYBERSECURITY S afety, reliability, and profitability within power, oil and gas, and other critical infra- structure facilities face a growing, world- wide threat from cyberattacks. These attacks exploit weaknesses in the industrial control sys- tems (ICSs) that are at the heart of every indus- trial facility. ICS attackers include nation states and ran- somware attackers, as well as internal threat actors such as disgruntled employees. All are focused on using stealth cyberweapons to take control of industrial systems to disrupt critical infrastructure. Regardless of the type of threat actor, the consequences of a successful ICS cyberattack are similar—safety risks and lost production. Although only existing in the realm of possibil- ity today, large-scale simultaneous attacks on ICSs in multiple locations would be devastating to national security and the global economy. For more than two decades, enterprise infor- mation technology (IT) organizations have rec- ognized cybersecurity as an undeniable risk to business continuity and have taken calculated measures to protect information assets. How- ever, only within the past five years have opera- tional technology (OT) organizations begun to take cybersecurity threats seriously. Unfortu - nately, in the race to protect ICSs, time is not on our side. As OT professionals, we must act swiftly and wisely. We must also connect with our chief information security officers (CISOs), who are often new to the world of OT, and part- ner actively with them to plan and implement an effective ICS cybersecurity strategy. ICS contributions Over the past 40 years, gross domestic product (GDP) in the U.S. has grown almost tenfold, and per capita GDP has grown nearly 600 per- cent (World Development Indicators Data from World Bank, 21 July 2017). The main contribu- tors to this rapid economic growth include: FAST FORWARD l ICS defense is challenging because of increasing connectivity, expanding threats, difficulty discerning between human errors and cyberattacks, and the age, complexity, and proprietary nature of industrial control systems. l The measures to secure an ICS against cybersecurity threats not only improve ICS cybersecurity, they also improve process safety and asset reliability. l Companies can protect ICSs by implementing foundational ICS cybersecurity controls and "defense in depth," fostering IT/OT partnerships, and engaging CISOs. Foundational cybersecurity best practices improve safety and production By Eddie Habibi

Articles in this issue

Archives of this issue

view archives of InTech - SEP-OCT 2017