ServiTecno has been attentive to Industrial Cyber Security issues for more than 20 years, especially as regards the Providers of Essential Services (water, power, gas, etc…).
Also on the occasion of the latest edition of H2O (Bologna – 17-19 October 2018) we were co-organizers of the conference Acqua 4.0 (Digital Water): the evolution of remote control for the efficiency of the integrated water cycle: a meeting in which the theme of IT/OT convergence it was approached with great interest, because the real challenge to enter the IoT world is to relate production (or distribution) and administration.
Click below for the full event agenda
And one of the fundamental points in view of an efficient and safe digitization is obviously Cyber Security.
La recent Italian implementation (DL 520/2018) of the European NIS directive (1148/2016 and RE 2018/151) has finally made mandatory the necessary measures to raise the common security level of the networks and systems of the Operators of Essential Services within the union.
Beyond the general and organizational aspects, it is immediately evident that the focus of the new legislation is oriented towards reduction of the impact on economic and social activities of potential cyber incidents, i.e guarantee mostly the business continuity of the Providers of Essential Services.
In developing mitigation strategies very dangerous and very expensive downtime don't underestimate the iImpact of cyber incidents on operational plants and technologies (the hardware and software dedicated to detecting or causing changes in physical processes through direct monitoring and/or control of physical devices such as valves, pumps, etc.).
It can easily be understood how these OT systems (we are talking about PLC, SCADA, RTU, DCS, etc.), given also the progressive IT-OT convergence, are fundamental elements to ensure physical security and continuity of service. Try to imagine what a cyber-accident could cause to a control system of an energy generation plant or to a railway, airport or other signaling system.
Le solutions that can be implemented to reduce operational cyber risk they use technologies already widely used in industrial plants. These technologies, essentially non-invasive, drawing largely on machine learning methods they can realize the anomalies in an absolutely preliminary way.
Here are some contributions in which we talk about the NIS Directive and Cyber Security