Worldwide, chemical companies have emerged as high-value targets for cybercriminals. Protecting proprietary formulas, customer databases, and safety mechanisms from cyberattacks is a primary focus for the chemical industry. In the UK alone, government studies estimate that cyberattacks create up to £1.3 Billion in chemical industry losses yearly. The US mandates chemical facilities to adhere to comprehensive operations technology (OT) cybersecurity requirements that address business network and process control system protection.
Why has this happened?
Over the years, the mechanical and pneumatic infrastructures and controls within discrete and continuous process chemical operations have shifted to electrical and digitized systems. This has fueled industry growth as data can be captured and analyzed to help cut costs and drive production efficiencies and safety.
While this data has become very valuable to chemical companies, it has caught the attention of hackers and others who wish to extort ransomware payments. Since intellectual property (IP) data runs on corporate networks, these networks must be soundly protected. This is where industrial cybersecurity solutions come in.
OT cybersecurity needs for continuous process vs. discrete process operations can differ
Since continuous process chemical operations use high pressure when producing goods, disruptions leading to leakages and containment breaches can threaten the safety of workers and the outside environment.
For the discrete industries, protection and confidentiality of IP surrounding recipes and execution processes arise as a top priority.
Cyberattacks threaten both of these key critical success factors. To reduce the threat of attack-inspired disruptions, chemical companies must:
- Assess vulnerabilities
- Implement security measures to address susceptibilities
- Provide appropriate training and guidance to employees on cyber-related threats
However, chemical companies may not have the resources or expertise to implement a robust cybersecurity posture. Additionally, maintaining an internal team often exceeds the cost of bringing in a qualified third party to provide protection. This is highly specialized − particularly when controls-based OT applications are at risk – and most organizations rely on outside experts to assist.
OT expertise must supplement IT-based knowledge
Selecting the right cybersecurity solution provider is essential in achieving the goal of consistent, long-term protection. Many firms offering this service possess years of experience operating in the IT domain. However, very few have experience in the OT domain.
Why is this an important distinction?
- If IT systems are attacked, production is not impacted. Instead, email traffic can be disrupted, or isolated parts of the IT network may be compromised.
- If OT systems are attacked, production often grinds to a halt. Therefore, partnering with experts with deep knowledge of chemical processes and controls offers the lowest degree of risk and the highest chance for prolonged cybersecurity success.
Companies like Schneider Electric offer specialists with domain expertise and access to IT and OT intellectual capital to apply to each client’s unique situation.
Multi-step process assures a strong cybersecurity posture
Schneider Electric provides a comprehensive, four-phase cybersecurity commitment with each chemical industry client:
- Assessment – Examine and review existing technical controls, cybersecurity policies and procedures, and staff’s readiness to fend off and recover from an attack. The organization’s cybersecurity position is also appraised vis-à-vis the current IEC 62443 and NIST Framework.
- Design and implementation – Consultative assessment engagement is followed by a design phase where the gaps, risks, and vulnerabilities discovered during the assessment are addressed. This design includes strategies that fill the gaps, mitigate the risks, and provide layers of protection against vulnerabilities. This design includes technical controls, update of policies and procedures, and onboarding and enablement of the workforce. The design is then implemented by qualified and certified cybersecurity resources.
- Monitoring – Tools like continuous threat detection software help bolster network resilience and provide professional-level monitoring of the networks. It works by establishing a baseline for what communications over the network should look like under normal circumstances. When anomalies occur, they are flagged and sent to management within the organization, who can act to manage the situation without disrupting operations.
- Maintenance – Once the new cybersecurity approach is adopted and operational, post-solution monitoring, maintenance, and training are critical. Protection must evolve as hackers use more sophisticated methods. That’s where management services that involve security patching and updating come in. Regular software updates to cybersecurity systems and the control systems they protect are mandatory for maintaining resilient operations.