6 minute read
Myth busting: best practice advice to help enhance industrial network security
CYBERSECURITY
handle. For one, it is not affordable to centrally collate information from hundreds of assets without a suitable management system (log management system). The other side of the coin is that it consists of a plethora of very small pieces of information from which it is not easy to identify an attack.
Advertisement
In addition to offering the potential to analyse huge quantities of log data, SIEM systems also allow for the automated recognition of attackers. These systems are known as intrusion detection systems (IDS). Not only do they analyse log data, but also network traffic between the assets in an industrial network.
Once an attack has been recognised, countermeasures are automated to mitigate it. These intrusion prevention systems (IPS) can interrupt partially successful attacks and prevent further malicious activity. They have a bad reputation in industrial systems because if they are used without consideration they can lead to breakdowns, downtime and functionality errors which are tricky to fix. This bad reputation means that IPS systems have, in the past, responded with overly aggressive blockades in the event of an attack. For security purposes, whole network segments or assets were separated from the network in the event of a wrongfully recognised attack. This can result in extensive functional downtime. Today, it is possible to use IDS systems more systematically, so that even in the event of an attack, a control asset can continue its tasks, while the configuration interface of interest to the attacker can be separated from the network by the IPS system. Through the isolation of such components, essential assets can continue to operate even in the event of an attack while the spread of the attack can be curtailed.
After an attack
Finally, rapid and effective responses are required in the event of a known attack. To be ready to respond to an attack, full and detailed data for analysis must be stored in the log management system and trained employees must be available. The log management and SIEM systems mentioned previously are important here as they make information available in a format that is easy and efficient to search. This is key as a central logging system will often contain gigabytes of log data, meaning that recognising an attack is not straightforward. On account of the enormous volume of data, the entire process is challenging from a technological perspective too. If you establish an effective system to handle emergencies on time, you can respond rapidly in the event of an attack. Without such precautions, in the worst-case scenario there is a risk that many of the affected systems could be separated from the network for a long period of time and that log data might have to be manually copied onto USB sticks for analysis.
In addition to technical systems, the capabilities of workers also play a decisive factor in the ability to actively fend off attacks or to restore systems afterwards. New employees should have qualifications in suitable technical fields and incident response plans must be continuously updated and properly communicated. Larger enterprises bundle their security competences into security operation centers (SOC). Additionally, advance contact should be made with specialised service providers to ensure additional support with incident response expertise in the event of an attack. Emergency drills are also essential.
Statutory provisions regarding response times argue in favour of a team that is skilled in handling cyber incidents. For incidents where customer or employee data is affected, a notification period of 72 hours applies in Europe. For companies classed as critical infrastructure, the Federal Information Security contact persons must be notified immediately. Considering these tight timelines and the working hours of employees, businesses often have no choice but to have IT security experts on site to handle emergencies.
Finally, it is essential to foster awareness and provide full training to the entire workforce in order to prevent attacks that use social engineering techniques such as phishing, deception, and baiting and it is important to provide training for less IT-oriented workers in administration and production if they have access to computer systems. plus-circle
Fig 2: The attacker is limited to a single zone.
Prof. Tobias Heer is senior architect for Network Security at Hirschmann Automation and Control/Belden. Lukas Wüsteney is an architect for industrial networking at Hirschmann Automation and Control/Belden.
NEWS
Manufacturers must focus on workforce wellbeing to help overcome the productivity crisis according to James Herbert.
Productivity in the UK is in decline. A recent report from the Office for National Statistics shows that between June and April last year productivity dropped at its fastest annual pace in five years. And the worrying part is, it’s been flatlining since the economic downturn of 2008.
What can be done to turn this situation around? By exploring some of the common barriers to productivity, businesses across the UK can identify and implement solutions that will help to reinvigorate the workforce and improve performance.
Reducing absenteeism is a key objective for HR managers. However, too much time at work and working long hours can also impact productivity in a negative way. This is known as presenteeism.
Presenteeism should be tackled with the same vigour that businesses address absenteeism. Encouraging or allowing workers to continually work longer hours, or come to work when they’re suffering from poor physical or mental health, will inevitably lead to poor productivity.
Employers need to ensure their workers are striking the right balance. But both absenteeism and presenteeism can be exacerbated by the next barrier in this article…
Financial stress
Financial wellbeing is something business leaders probably don’t think about when they think about the barriers to productivity. However, research shows financial stress is a widespread issue in UK workforces – and it directly impacts productivity.
Hastee’s Workplace Wellbeing Study 2018 found that one-fifth of workers admit to wasting working hours dealing with repayments. In 2019’s instalment of the study, respondents confirmed that financial stress impacts their work, as well as their health, sleep, social lives and relationships – all factors that can undoubtedly impact their performance at work.
The 2019 study found that only 21% of workers say they are able to budget and live within their means. It’s clear that borrowing to get by is rife within UK businesses. Not only is this distracting people at work – in some cases it has prevented them from getting to work with 39% admitting they have been unable to make it to work due to financial difficulties.
Financial stress doesn’t just affect those directly coping with it. It’s impact on behaviour can create a demotivating environment for the people around them. This brings us back full circle to absenteeism and presenteeism. A poor working environment can lead to people taking more sick days. On the other hand, if they’re dealing with a work environment that makes it difficult to concentrate, they might slow down or become increasingly distracted from the task at hand.
An ageing workforce
It’s no secret that the manufacturing sector relies on a workforce that is predominantly older. Over-40s typically make up the majority of the labour pool and this is one of the highest concerns for 75% of manufacturers according to a recent YouGov survey.
The issue isn’t just that the workforce could be growing tired, with many approaching retirement age. Manufacturers are also struggling to attract new blood to the sector. The British Chambers of Commerce (BCC) reports that more than four-fifths of manufacturers struggled to hire the right staff in the final months of 2018.
Recruiting younger workers to a sector, that is often wrongly-viewed as ‘unexciting’, requires more exposure to the opportunities the sector provides. Manufacturers also need to align themselves with destination employers that attract younger workers through the benefits and culture they offer. By implementing benefits that help workers tackle issues such as financial wellbeing, employers can attract younger workers and ensure they are living relatively stress free lives which will support their workplace producitivity. plus-circle
