Let's Make Cybersecurity Great Again!


There Actually is Not a U.S. President-Elect Yet

In the United States, we had a big event happen in November – the presidential election. Maybe you heard about it once or twice. One thing I find interesting about our election is how unaware most U.S. citizens are about how and when our president is elected. Even though the media has been stating hundreds of times a day that we now have a president-elect in Mr. Donald Trump, they’re wrong. I bet that over 95 percent of the citizens of this country don’t realize it. 

Here are the facts. What Americans did on November 8, 2016, was vote for our respective state’s group of “presidential electors.” It is the states via the state’s presidential electors that vote for president, not the people. The electors for each state will cast their votes for president on December 19, 2016. That’s part of what makes the United States a Republic. We aren’t a pure democracy where the people vote directly for the president. It is each state’s electors that vote for president, and then the votes are counted January 6, 2017, and the president-elect announced.

 

Industrial Endpoint Awareness is a Real Problem

Let’s face it – the lack of electoral awareness does not have any real impact on people’s lives. No additional jeopardy enters our lives by not having this knowledge. A lack of awareness though in other areas of our lives does present real risk – one area in particular is industrial control system (ICS) cybersecurity. In this case, industrial facilities lack real visibility into ICS cyber assets and related vulnerabilities. This makes plants less safe and secure.


As examples, many plant personnel do not know:
  • What industrial endpoints exist in their plants. This also means they are unaware of what patches are applied (or not) on those endpoints. 
  • If insecure settings or configurations exist on endpoints across their process control network (PCN).
  • What ICS-CERT advisories might apply to these endpoints. Vulnerabilities can remain unaddressed for years.

Trying to raise awareness in the U.S. electorate is a tough challenge. After all, how do you reach more than 300 million people spread across the country? I think raising ICS cybersecurity though is much more achievable, especially if ICS cybersecurity professionals are aware of solutions available to them.
 

Increase ICS Endpoint Awareness to Reduce Risk

Most OT engineers aren’t aware that there is a solution to this awareness challenge. They mostly see vendors tout IT-centric cybersecurity solutions that address only a subset of systems. This hampers efforts to detect both external (attacks) and internal (sabotage and inadvertent engineering changes) generated cyber incidences. What they don’t communicate is that they don’t do it for the true ICS endpoints – the level 1 and level 0 controllers and instruments. 

There are many different distributed control systems, and they each comprise a complex mix of ICS endpoints that include processing boards, I/O cards, firmware, and more. There are safety instrumented systems (SISs), programmable logic controllers (PLCs), advanced process controllers (APCs), remote terminal units (RTUs), intelligent electronic devices (IEDs), relays, turbine controllers, and vibration monitors, etc. This is where you find the ICS endpoints that really matter - where we need to add more layers of protection. A lack of awareness in this area should be concerning. If these endpoints are compromised, whether intentionally or unintentionally, there can be dire consequences. 

 

Make Industrial Cybersecurity Great Again

I’ll steal a line from our soon-to-be president-elect: Let’s Make ICS Cybersecurity Great Again. Make it a priority to get greater awareness of the endpoints that matter including their settings and the advisories that could affect them.  


What endpoints matter most to you?
 


Share this post


Comments

Comments
Blog post currently doesn't have any comments.