Critical infrastructure, just like other assets in the OT (operational technology) industry, is vulnerable to malware and other IT security risks. As illustrated by the Stuxnet worm, which targeted the scada and PLC systems of a major Middle Eastern nuclear programme, no equipment is immune from attacks or becoming paralysed by cyberthreats. In fact, the stakes are even higher when critical infrastructure is involved, rising to the level of national security. For this reason, today’s OT field network security and operational security must stay ahead of the game to protect critical infrastructure from new and constantly evolving threats.
Not only has the number of malware attacks and other security incidents increased in recent years, cyberthreats also affected more diverse industrial sectors including key infrastructure and the energy, water and healthcare industries. Another worrying observation is that the same types of cyberattack are being used across different industries. As such, today’s OT cybersecurity solutions must be versatile and cater to the security needs of different industries.
The ideal OT cybersecurity platform needs to be flexible
As cybersecurity threats are on the rise, IT cybersecurity professionals are hard-pressed to find an ideal cybersecurity solution for the unique demands of the OT sector. A suitable cybersecurity platform requires a high level of customisation to be able to truly protect critical OT equipment, such as scada systems. A tailor-made platform takes into account industrial protocols, application payloads, and network commands and data. This is particularly true in vertical market applications such as energy and transportation.
As the industry-specific OT fields require complex and highly customised configurations at different control points and devices, security is prone to human error, which can lead to vulnerabilities that are easily overlooked. To tackle this weakness, a central network management platform allows for easier deployment and flexibility in authority delegation. Different management privileges can be assigned to specific zones or roles, reducing any possible human errors. The central control platform also offers better access to data on network traffic for analysis.
An IPS cybersecurity platform is integral to holistic OT network defence
OT professionals all agree that applying security patches is important. However, many older software and devices do not support new patches, so they can quickly become cybersecurity liabilities in OT applications. Indeed, updating devices in the industrial field is not easy. These vulnerabilities can be addressed with industrial intrusion prevention systems (IPS). Capable of virtual patching to shield vulnerable assets, IPS also monitor the network environment, protect OT equipment and deliver security patches in a timely manner, without interrupting operations.
IPS can proactively detect suspicious activity and known attack patterns in network traffic. Once a malicious activity is detected, the IPS will discard the packet and block traffic from the attacker’s IP address, while still allowing legitimate traffic to pass through. Real-time detection stops external attacks before they can reach vulnerable systems such as scada or PLCs. Designed with the unique needs of OT in mind, an IPS cybersecurity platform offers robust and reliable features that take the guesswork and worries out of deploying and maintaining a holistic defence perimeter against cyberthreats.
The best fit for your application
Moxa’s industrial-grade EDR-G9010 Series all-in-one firewall, NAT, VPN, switch and router offers a comprehensive cybersecurity package featuring IPS, enhanced security functions and high-speed connectivity. The MXsecurity management software further simplifies cybersecurity deployments by providing centralised control over EDR-G9010 Series devices, and streamlines network security management.
| Tel: | +27 11 781 0777 |
| Email: | [email protected] |
| www: | www.rjconnect.co.za |
| Articles: | More information and articles about RJ Connect |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version