Network Infrastructures are the highways of the Industrial Internet and IoT : we've heard it many times already, but what does it mean from a Cyber Security point of view?
Section dedicated to cyber security
Today we are much more focused on the quality of the asphalt or on the services that we can find along the road, but often we do not notice the lorry running against the flow, the fact that the car next to us is on fire or that instead of the toll pass lane there is a brick wall.
Translated: it's okay to worry about the performance of our network and the possibilities that the cloud makes available to us, but we should know more about our infrastructure and be interested in how we send and receive data.
"Mapping" the network is the first step absolutely. We often go to customers who present their architecture printed on a sheet of paper: that sheet at the end of the meeting is full of additions made in pen (an example here)
Are you sure you get to consider all field peripherals and all remote connections?
Almost always we focus on what is physically in the office (or on the plant) without considering that the IoT has completely redefined the concept of PERIMETER.
A friend and well-known Cyber Security IT consultant told during a speech about the time he made an assessment of the network of a large bank and when he asked if there was a branch in Russia, someone suddenly blanched.
In fact, every night a data transmission session was opened to the countries of Eastern Europe, obviously it was an unauthorized activity and indeed very harmful for the bank itself and for its customers.
So what needs to be done? We assume that there is no magic wand and therefore the concept of "security by product" should be set aside: very more sensible speak about “security by design”.
A suit, or if we want an armor, tailored ad hoc is the best possible solution: to do it, however, you have to in the first instance "take measures".
There are non-invasive software platforms capable of sniffing the network and providing us with a precise architecture, indicating all the devices and applications included in the infrastructure, from the PLCs (or other technologies) present in the field, to the distribution of data and client sessions on the network.
Once our "motorway map" has been traced down to the smallest detail, it is possible to start monitor its trafficDefining e data traffic volumes that can be translated into rules.
At this point, the detection of anomalies should be easier and, once the critical points have been identified, it will be possible to proceed by selecting and installing specific solutions.
It's a long road. But the sooner you leave and the sooner you arrive.
ServiTecno for more than 20 years he has been dealing with issues related to Cyber Security OT and is able to offer services and solutions both for the preliminary study phases and for the subsequent phases of securing systems and network architectures in general: Do you want to learn more? Continue browsing the site section dedicated to cyber security or contact us by writing to info@servitecno.it