Cyber risks are increasingly posing a threat to industrial control systems and critical infrastructures. Securing these networks is a challenge for the industry as a whole. DFI CLub offers four steps solution.
 Cyber-crime attacks cause hundreds of billions of dollars worth of damage worldwide every year.
The fact that tax systems and critical infrastructures are exposed to ever-increasing cyber risks is due, on the one hand, to the changed threat landscape with state-sponsored attackers and increasing spill-over effects and, on the other hand, to the system-inherent factors, such as long lifecycles, often 20 to 30 years Complicate protection. The assurance of these networks is a challenge for the entire industry and will certainly deal the next decade. We have been aware of the vulnerabilities for a long time, but have done little but lip service to close them.
As is well known, every journey, no matter how long and arduous, begins with a first step. Companies that have been reluctant to take action to improve the security of their Operational Technology (OT) environment can take the following four steps to help them get started.
1. Identify the threat and communicate it forcefully in your business
Some time ago, the dangers were still abstract and it would probably have been difficult to convince senior management of the risks involved. Today, given the Russian infiltration of US power plants and the highly visible effects of the ransomware campaigns WannaCry and NotPetya, this should be much easier. NotPetya alone caused hundreds of millions of dollars worth of damage and caused world-renowned companies to disrupt their production.
2. Start a project to improve the security of your ICS network
One can assume that the threats to OT environments will continue to increase. It follows that the longer you wait, the risk increases further. As we approach the fourth quarter of 2019, the time has now come to plan and reserve the budget for projects that will deliver rapid results in 2020, increasing motivation for further engagement. So first, focus on practical, effective, and short-term solutions that increase your preparedness .
3. Talk to your partners, suppliers and analysts
Meanwhile, many ICS equipment suppliers are working together with cybersecurity companies. The manufacturers of the equipment you use can help you and give you valuable information on what to focus on. Talk to colleagues, including competitors, and benefit from their experience. The time has come for a cross-company exchange, especially in view of the threat which ultimately affects everyone and which can only be countered together.
4. First, tackle the biggest challenges
The crucial basis for all further actions is to first find out which assets are actually in use. That sounds banal, and most of those responsible will say that they know exactly what devices are in their networks. However, our experience of hundreds of ICS scans speaks a different language. Ultimately, you can only protect what you know. Accurate capturing of all assets, including insights into how they communicate with each other, is therefore of paramount importance. Only those who know the normal state are able to quickly identify abnormal, conspicuous behavior, to respond accordingly and to stop the accompanying threat.
Conclusion:
These four measures should help all operators of production facilities and critical infrastructures to become more secure. Of course, they can and should be supplemented by their own requirements. Above all, it is important to put them into action. We should stop discussing whether the threat is real and finally address it before it’s too late.