Defending the industrial internet from attack
Mounting cyber security threats against the reality unprotected Industrial Internet are being tackled from several directions. In late September the IIC published the Industrial Internet Security Framework for Securing Industrial IoT (here).
With the goal of enabling and accelerating the industrial Internet of Things (IIoT), the Industrial Internet Consortium (IIC) has placed security high on its must-do list. The consortium’s September 2016 Industrial Internet Security Framework (IISF) provides a common security framework that addresses security issues in IIoT systems. Trusted Platform Module (TPM), is highlighted in that document as a key technology.
The IISF is not purely a technical document. Rather, the IISF starts with the business viewpoint, considering how Industrial Internet security can help an organization achieve its goals by managing risks. By defining IIoT security risks, assessments, threats, metrics, and performance indicators, the IISF helps business managers protect their organizations. Each organization must continually assess the risk that it is facing due to IIoT security and decide how much of this risk it is willing to accept and how much to avoid or mitigate through countermeasures.
The IISF explains how trustworthy IIoT systems are built on five characteristics: safety, reliability, resilience, security, and privacy. These characteristics are interlinked, as poor security can impact the safety, reliability, resilience, and privacy of the overall system. The IISF catalogs the building blocks needed to create a trustworthy IIoT system.
Once of the key tenants of the discussions around ICS and Industrial Internet security is that each system cannot be defended in isolation, but rather an encompassing strategic approach is required to secure these environments.
Skybox Security and CyberX are two of the most recent vendors to announce a strategic solution to secure the industrial internet.
Skybox Security, today announced its integration with the CyberX industrial internet security platform. Through the integration, Skybox will power complete visibility across industrial control systems (ICS), supervisory control and data acquisition (SCADA) and IT networks. The system is designed to:
- Enhanced visibility of the attack surface in critical infrastructure deployments
- End-to-end access analysis from any source and to any destination — even between hybrid IT and operational technology (OT) environments
- Vulnerability exposure analysis in the context of existing security controls and known risks
- Increased uptime and reduced disruptions due to security improvements
“As the Industrial Internet and IT networks grow, the line between the two is disappearing fast, and attackers know it,” said CyberX CTO and Co-Founder Nir Giller. “With Skybox, we’re helping customers in industries such as energy, manufacturing, and oil and gas to ensure their security also bridges that gap. You need to be able to consolidate all your connected assets and understand how the interrelationships impact risk. This integration makes that possible — and actually pretty easy.”