Risk assessment in the manufacturing sector has significant differences from other industries. Manufacturing systems are powered by Supervisory Control Data Acquisition Systems (SCADA), which provide advanced monitoring and analysis insights to manufacturers. Such systems play a key role in workplace safety, efficiency, and monitoring. But are these systems also capable of mitigating cyber security threats?
For the manufacturing sector to protect itself from potential beaches, it needs a reliable plan for risk assessment and management. Risk assessment allows companies to fully understand the potential risks that they face and the consequences they would struggle with if their systems were to be hacked.
Understanding Risk Assessment for SCADA systems
Since the 1960s, SCADA systems have been used by manufacturers to control multiple devices, transfer data, and locate various machines in real time. They work together with Industrial Control Systems to provide real time visibility to critical business operations. SCADA systems also make it possible for manufacturers to maintain real-time visibility of plants that are located remotely. This provides a platform for timely collaboration and the efficient flow of data.
But with these systems and their advanced capabilities comes the risk of cyber security threats. Some SCADA systems may not be able to evolve as rapidly as the techniques that cybercriminals use on a daily basis. Therefore, a risk assessment for SCADA systems should involve cataloguing assets, identifying all relevant types of risk, and making decisions that reflect the reality of those risks.
Why Risk Assessment In Manufacturing Is Important
For many types of businesses, IT risks often result in financial loss, reputation damage, and business downtime. However, manufacturers have much more to lose if they fall victim to cyber-attacks. Because SCADA systems monitor many different parts of a manufacturing business, a cyber-attack can result in production losses, injuries to workers, and even loss of life. Even more concerning is that many cyber hackers understand the high stakes that manufacturers face, and thus they target SCADA systems more often.
For these reasons, keeping your SCADA system fully functional at all times is an absolute necessity. And because you will use your system over the long-term, you need a solid strategy for frequent and timely updates, along with a plan for relevant upgrades as necessary.
A Step-by-Step Method For Analyzing Risk In The Manufacturing Sector
For your manufacturing business to effectively analyze the risks posed to SCADA, you need to consider a holistic approach that includes both upstream and downstream processes. The integrated nature of SCADA systems makes it important for you to identify all vulnerable points and to secure the entire system.
You can follow this 11-step process that will allow you to assess all relevant risks, identify possible repercussions, and outline a framework for risk management.
No. 1 - Connections can be weak spots for security attacks
SCADA systems are powered by various upstream and downstream connections that keep the entire system safe. Your risk assessment plan should begin with identifying all these connections and reviewing the level of risk that they may pose to your business. These connections include public internet, wide area networks, modem connections, and supply chain connections. Any connections that pose an unnecessary risk should be reviewed for necessity.
No. 2 - Keep SCADA networks separate from other data transfer sources
External network connections that interact with your SCADA system pose a level of risk. You should create specific zones where data transfer involving your SCADA has limited access to outside sources.
Creating a separate and secure network for data transfer will reduce the level of risk from external network connections.
No. 3 - Secure the remaining connections
After isolating your SCADA network, you should take the extra step of securing other connections. This can be done by installing firewalls, endpoint controls, and intrusion detection systems.
This step creates an additional layer of security for your SCADA network, as hackers will have to pass through external connections before making their way into your SCADA network.
No. 4 - Keep SCADA boundaries secure
A vulnerable point into your SCADA network is through operating systems and other services that may be using an insecure connection. Make sure you disable these connections to prevent giving hackers a window of opportunity into your network.
No. 5 - Donβt rely on default configurations
SCADA systems rely on infrastructure provided by third party vendors to carry out many important functions. For example, third party systems may provide the platform for managing data transfer between field devices and your servers. These third-party systems are another point of risk.
Make sure all third-party systems are specifically configured to meet your level of security. Upgrade all default configurations as necessary to achieve this goal.
No. 6 - Assess the in-built security features of your system
Many newer SCADA systems have in-built security configurations designed to keep threats out. Make sure you carefully review these configurations and upgrade on any relevant patches to keep the platform as secure as possible.
No. 7 - Toughen up your authentication protocols
Authentication protocols help limit inbound access attempts to your modems and networks at any given time. With a strong authentication protocol, unauthorized attempts into your network will be limited and communication channels will be more secure.
No. 8 - Implement continuous monitoring
As with any other system, continuous monitoring helps keep everything up to date, secure, and fully functional at all times. You should implement a continuous monitoring framework through daily logs, system logging, and full network monitoring. You should also develop an incident response protocol to ensure a timely response to data breaches.
No. 9 - Audit regularly
As part of securing your SCADA system, you should implement a technical audit that reviews all active services and vulnerable points within your network. Such an audit should also identify and prioritize relevant findings so as to patch up any weak points that the audit uncovers.
No. 10 - Develop a plan for physical access
The increased sophistication level of hackers means that they can also use physical mediums such as cables, computer terminals, wireless network access points, and radio wave links. You should take steps to secure all physical access to prevent any potential tapping activity.
No. 11 - Test your system for vulnerability
Once youβve assessed and secured all risk factors, you need to ensure that the system is as safe as you think. Red teams can be used to create specific scenarios where your SCADA system may be at risk of hacking. Red teams essentially mimic a specific scenario and they test your system to see if it stacks up. Use the results obtained to implement relevant changes.
Ken Lynch is founder of Reciprocity.
