Users, system integrators and suppliers are striking back on cybersecurity intrusions and attacks by sharing best practices, tools and services
Traffic cops keep watch
Of course, the ultimate aim of any cybersecurity effort is the same as any other plant-floor initiative from basic loop control to advanced process optimization and safety—keep the application running as efficiently and profitably as possible. However, because there’s no “set it and forget it” with cybersecurity due to constantly evolving probes and threats, a secure network and the communications traffic on it must be constantly examined for anomalous performance that could indicate unauthorized and possibly malicious activity. Earlier networking monitoring tools like IT-based simple network management protocol (SNMP) and related derivatives have given way in recent years to passive-monitoring software like SIEM that are less likely to hinder operations.
…John Cusimano, industrial cybersecurity director at aeSolutions, adds that, “Previously, people had to be convinced to address cybersecurity. Now, they want to know how to get started. The market is a lot more sophisticated now that many users already have some cybersecurity in place and are trying to improve it. However, even though many users write security policies and audit their facilities, we always discover vulnerabilities when we perform assessments in the field, such as unsecure TCP ports. Typically, we find there’s good segmentation from the business network to the process control network (PCN), but not a lot of segmentation within the PCN. I’d estimate that only about 25%…
John Cusimano, CISSP, GICSP, CFSE, is the Director of Industrial Cybersecurity for aeSolutions. John is an industrial control systems cybersecurity and functional safety expert with more than twenty years of experience. He leads the cybersecurity group for aeSolutions, a process safety consulting, engineering and automation company that provides process safety lifecycle solutions and tools. John has performed countless control system cybersecurity vulnerability and cyber risk assessments in the Oil & Gas, Chemical, Water/Wastewater, and Power industries per ISA/IEC 62443 and NERC CIP standards. He has also overseen and participated in the security testing and certification of several control and safety systems per the ISASecure™ and Achilles™ security certification programs. A leader in the development of ICS cybersecurity standards and best practices, John is Chairman of ISA 99 WG4 TG2 Zones & Conduits committee and co-chair of ISA 99 WG4 TG6 Product Development committee. He was instrumental in the development of the ISASecure certification scheme and was recently appointed as US Expert to the IEC TC65 WG10 committee. John is also the lead course developer and instructor for the ISA IC32 training course, “Using the ANSI / ISA 62443 Standards to Secure Your Industrial Control System.”