Cybersecurity in the connected enterprise
How new generation IIoT-ready controllers deliver the benefits of open computing while minimizing the risk of cyber intrusion
Using open technologies and interconnecting more and more assets plant-wide (and worldwide) creates many benefits. But this also points to a possible downside of IIoT: mounting cybersecurity concerns.
Studies show that manufacturers now have a 32 per cent chance of experiencing a hostile cyber-event or cyberattack every year. So an average plant will likely experience some type of successful attack at least once every three years. On average each data breach costs more than $3.7 million (USD)1, which means an annual risk of at least $1.2 million for the typical organization2. And that risk is only increasing.
Nowadays manufacturers have a 32% chance of experiencing
a hostile cyber-event or cyberattack every year
Adversaries constantly probe for weak points. The notorious Stuxnet worm, for example, reportedly infected PLCs when introduced via USB flash drives. Now IIoT interconnectivity opens up the possibility of attack via the internet. However, they are created, cybersecurity breaches can degrade or shut down machine performance, causing unexpected downtime and lost productivity; threaten the safety of plant personnel or the community; or even trigger catastrophic environmental disasters. High-profile cyberattacks have led to such serious consequences as a pipeline explosion in Turkey, an energy grid blackout in Ukraine, and even disruption of a nuclear plant at an undisclosed location.
The good news? IIoT can actually facilitate new levels of cybersecurity and safety Advanced cybersecurity can now be designed into each controller, right from the start. Cyber-equipped controllers block communications from unauthorized devices; they digitally sign firmware to prevent counterfeiting; they protect application programs to prevent tampering via unauthorized malware; and they can be set up to disable USB ports, require passwords, and so on. If intrusions or mistakes occur, cybersecurity-equipped controllers can refuse action and send alarms.
For comprehensive protection, some suppliers combine all this with advanced services such as cybersecurity assessment, remediation, and maintenance so plants can take secure advantage of the IIoT to safely improve productivity.
Using IIoT-ready programmable automation controllers [PACs] in key roles within comprehensive plant-wide cybersecurity strategies can drastically reduce the likelihood of cyberattacks. This can save an average discrete or hybrid plant more than $1.2 million annually, and help prevent harmful consequences for production, safety, and the environment.
The Modicon M580 Ethernet-enabled
programmable automation controller (ePAC)
platform from Schneider Electric possesses
industry-leading processing and memory,
as well as stronger embedded cybersecurity.
1. “The State of Security in Control Systems Today: A SANS Survey,” by Derek Harp and Bengt Gregory-Brown, page 1, June 2015, at https://www.sans.org/reading-room/whitepapers/analyst/state-security-control-systems-today-360422. “2015 Cost of Data Breach Study: Global Analysis,” page 1, Ponemon Institute LLC, May 2015, at http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=SEW03053WWEN&attachment=SEW03053WWEN.PDF
• [White paper series] Preparing for the IIoT, exploring the impact..
• M580 ePAC, the IIoT ready, Ethernet enabled Programmable Automation Controller
• Lesson Learned: IT-OT Convergence
• Industrial Cybersecurity Services
• Marathon of Security - Securing Device-by-Device Will Elevate Cyber Profile