HUG: Proactive Security

Wednesday, November 6, 2013 @ 05:11 AM gHale

By Gregory Hale
It is very easy to take a fatalistic approach to security because it seems attackers have the upper hand, but it doesn’t have to be that way.

“The bottom line is the bad guys are winning and we must take action,” Jeff Zindel, cyber security business leader at Honeywell Process Solutions said Wednesday during his keynote address at the 2013 Honeywell User Group (HUG) EMEA conference in Nice, France. “We must take a proactive approach to cyber security.”

RELATED STORIES
HUG: Safety, Security are One
HUG: Take Security Seriously
HUG: Security, Safety Tech Talk
HUG: Security, Safety Front and Center

With all the successful attacks and intrusions that have covered all or parts of the industry over the past three years or so, it could be easy to get lost in the hype and hysteria.

The big name attacks were Stuxnet, Shamoon, Flame, Duqu, Night Dragon, Operation Aurora, Red October and Gauss to name a few.

Industrial control systems (ICS) attacks have had a compounded annual growth rate of 54 percent, Zindel said.

Some of the drivers behind attacks are technology costs have decreased; network connections are multiplying, information sharing has grown and people are learning they can make money with attacks. While the better known cyber bad guys — like nation states, hacktivists, and cyber spies – make up a strong list of perpetrators, there is also the inside threat that provides a twist on the attack scenario.

“Inside threats represent a tremendous threat,” Zindel said. “I call them the Snowden affect. They are very hard to catch and detect.” In addition, Zindel talked about the insider risks, where trusted resources suffered a compromise where malware may have landed in a home computer and these people download that virus and unwittingly introduce it into the workplace.

With threats coming from the inside and from the outside, manufacturers have to build a solid security program.

“Building a fortress is not enough,” Zindel said. “A hard shell is not enough; air gapped islands are not enough. We need to protect from the inside out as well as from the outside in.”

“We have a path to fight the problems, a dedicated services program, a program to run just as you would run your safety program. Cyber security must be treated as a dedicated continuous program, not an event.”

There needs to be more than just one aspect of security. “Embedded security is good, but it is not enough,” Zindel said. There has to be more with ongoing solutions, systems, tools and services. No solution fits everyone’s needs, so an integrator and end user need to work together to find the right answers, he said.

Whether getting started with a security program or after you have one installed, there are some questions you need to ask to ensure you have the right focus:
• Do you know your current security risk?
• Have you identified your high value targets in systems and operations?
• What measures are you taking to protect those targets?
• Assume you have been attacked and are you aware?

“The final question you have to ask is are you ready because the attackers are coming,” Zindel said.



Leave a Reply

You must be logged in to post a comment.