Another Halloween is upon us, and jack o’lanterns, ghosts, and diabolical clowns are springing up everywhere. October is also National Cybersecurity Month—another reminder that the world can be a frightening place, with sophisticated new attacks on a regular basis.

Source: Nationalcybersecurityinstitute.org

The 2016 Cisco Annual Security Report reports that the industrial sector has some of the lowest quality security infrastructure in use. Out on the factory floor, you may be working with a security Frankenstructure and aging industrial control systems that lack protection against modern threats. Clusters of machines can be islands of vulnerability, and opening up connections on the plant floor across more sites creates even more opportunities for something to creep in.

And the potential for problems continues to grow as more people, processes, and things get connected on the IoT. Gartner estimates that there will be over 20 billion connected things by 2020. More IoT connections mean more potential targets and vulnerabilities.

Ed Featherston’s article IoT and #Big Data – Who Owns All the Data? reminds us that it’s not easy to safeguard the massive flood of high-velocity data that passes through increasingly connected systems.

We recommend a set of approaches to keep your factory safe in the frightening world we live in:

  1. Create, educate, and enforce security policies
  2. Lock down your factory with defense-in-depth security
  3. Strengthen your first line of defense with physical security
  4. Control who is on the network with device profiling
  5. Use industry best practices, such as the ISA IEC 62443 standard, to set up zones and design schemas to segment and isolate your sub-systems
  6. Reduce Capex (and Opex) with a remote security solutions
  7. Implement strong firewall and intrusion prevention, secure remote access (RA) solutions, and email and web security

Don’t be the victim that wanders out into the woods with a failing flashlight to investigate a weird noise. Start with a strategic approach that looks beyond securing devices and focuses on end-to end-security. This buyer’s guide can help you select a vendor to keep you and your factory safe from things that go bump in the night: Buyer’s Guide: 10 Questions to Ask Your Industrial Control Cybersecurity Vendor.

Creating an agile and secure platform helps you beat the fear factor and support growth and innovation. For more information, see how one manufacturer upgraded their security to block against thousands of threats daily.



Scot Wlodarczak

No Longer with Cisco