Strategies for Securing SCADA Systems in the Age of Digital Transformation
By Catherine Lee and Gimmi Filice
In today’s rapidly evolving digital world, the need for robust SCADA (Supervisory Control and Data Acquisition) cyber security has never been more critical.
In our “Consolidate SCADA Systems” webinar, we explored how a unified SCADA that consolidates automation systems can help to decrease costs, increase visibility, and enhance security.
In this blog, we delve deeper into security and the importance of enterprise visibility for rapid incident remediation.
These elements are pivotal in building operational intelligence to help mitigate risk in the face of increasingly sophisticated cyber threats.
Attention is on Manufacturing Cyber Security as Internet of Things (IoT) Device Vulnerabilities Cause Concern
As you read this blog, many manufacturers are likely grappling with security. IBM reports that in 2022, the manufacturing industry accounted for 58% of cyber incidents, the highest among seven monitored industries. The time it takes for cyberattacks to occur has accelerated dramatically, dropping from 60 days in 2019 to 3.85 days in 2021.
Cyber security is in the spotlight due to the high risk of downtime from extortion threats and the potential damage to customer reputation due to intellectual property and sensitive data theft. At the heart of this issue lies the prevalence of isolated OT environments.
In 2022, the United States released Cross-Sector Cybersecurity Performance Goals to bolster the defense of control system infrastructure.
However, as the number of devices, tools, and connections continues to surge, so does the risk. The rapid acceleration of intelligent digital viruses, robotic process automation (RPA), or web-enabled AI “bots” only adds to the complexity of the challenge.
Challenges Balancing IIoT Security Goals for IT & OT Systems –
The “CIA” Model
Digital transformation in manufacturing is in full swing, bringing with it a diverse range of components that work in concert to help achieve high-value industrial objectives including information collection, communications, quality, efficiency, and productivity.
This expansion has led to an influx of data streams and access points. As data volumes surge, businesses are faced with the critical task of monitoring, tracking, and securing critical elements such as logs, network traffic, and configuration baselines to defend against cyberattacks.
The cost savings and performance improvements of digital transformation are evident, but a challenge remains in the balance between the availability goals of OT information and the protective CIA model capacity of IT organizations. The conventional wisdom of CIA is now being reconsidered in favor of a Zero Trust model.
This is where organizations can benefit from centralized management, enabling availability of OT data only at a permissioned point of need with persona-based OT access profiles.
Defensible Cybersecurity for the Industrial Internet of Things (IIoT)
In this dynamic environment, there is no one-size-fits-all solution. GE Vernova envisions an accelerated approach to day-to-day cybersecurity to help ensure operational continuity. With the frequency, speed, and severity of attacks on manufacturing systems on the rise, embedding defensive practices into technology systems and the workforce is imperative.
Here are some ideas for action related to Proficy software:
- Watch: Stay updated on Cybersecurity Alerts and Advisories for Industrial Control Systems in your country
- Read: Secure deployment guides for CIMPLICITY and iFIX HMI/SCADA software
- Explore: Resources from the Cybersecurity Manufacturing Innovation Institute
- Organize: Designate representatives for cross-team expert alignment to enhance holistic security risk awareness, management, and training
- Plan: Develop a vulnerability management strategy and incident response plan that includes risk-based prioritization mapping and regular Shodan monitoring of SCADA communication protocol ports
- Simulate: Run incident simulation drills to prepare teams for real-time action in the event of an attack
- Minimize: Reduce the attack surface by consolidating SCADA systems
The Balancing Act of Security Solutions: Segmentation vs. Integration
Cybersecurity calls for a delicate balancing act. On one hand, a compact, easily defensible system is simpler to protect but could result in catastrophic consequences if breached.
On the other hand, a distributed, segmented approach may reduce the impact of an attack but adds complexity to protection implementation.
This balancing act is vital in the era of digitization, when integrating technology and data sharing across systems can offer immense benefits. Effective cybersecurity relies on adopting multi-layered cyber hygiene practices that seamlessly integrate defensible and proactive measures.
GE Vernova’s Zero-Trust informed approach, backed by Proficy Authentication, has options for single sign-on (SSO) and multi-factor authentication (MFA), emphasizing user experience while enhancing security. Industrial IT leaders should also consider client-allowed lists to manage permissioned SCADA connections, session time-outs on non-permanent displays, digital signature confirmations on software downloads, and updating software to utilize certificate-based protocols such as OPC UA.
Holistic Network Cyber Security in the Manufacturing Industry
The manufacturing sector is at the forefront of digital transformation, but not all plants can replace legacy infrastructure. To bridge this gap, businesses often connect various components, potentially exposing vulnerabilities. Robust security measures, including logging, password policies, firewalls, encryption, and patch management, combined with Zero Trust measures, are essential to help safeguard these systems.
Our innovative “Bring Your Own” approach helps empower organizations to implement security controls without a complete overhaul of existing systems.
The evolving landscape of SCADA cybersecurity requires a multifaceted approach and enterprise visibility to rapidly defend against security threats. Striking a balance between security and digital transformation is key to harnessing technology’s power while safeguarding critical infrastructure.
With the right strategies and tools in place, businesses can help to navigate this complex terrain, protect their operations, and thrive in a rapidly evolving digital world.
Catherine Lee is cyber security director, industrial software, and Gimmi Filice is senior manager, automation software, GE Vernova.
This content is sponsored by GE Verona.
*Featured photo image courtesy of GE Verona