Maximizing Your Digital Potential: The Role of Managed Security Services in Cybersecurity Risk Mitigation

This audio was created using Microsoft Azure Speech Services

As industrial companies and supply chains digitize operations, they increasingly depend on system connectivity to gather critical data and analysis to realize cost savings, improve quality, and enhance productivity. This added machine connectivity widens the potential digital and cyberattack surface, heightening the need for cybersecurity management.

With the process and manufacturing industries reporting the highest share of cyberattacks, business owners recognize the need for innovative and resilient plant cybersecurity approaches to help minimize downtime, loss of intellectual property, and other disruptions that can be exploited through system vulnerabilities.

As the stack of cybersecurity tools in Industrial Control System (ICS) environments grows, and the pool of ICS cybersecurity and process expertise shrinks, Managed Security Services can be used to help combat this growing threat landscape in complex IT and OT environments. While there is plenty of information on types of cybersecurity management services being offered to combat the latest and greatest threat, there is little information on what a managed security service really delivers and what makes up a solid managed security program.

What are Managed Security Services?

Today’s Industrial Control System owners are reevaluating traditional information technology (IT)-based cybersecurity approaches to focus instead on a more comprehensive operations technology (OT)-based managed security solution (MSS).

An MSS takes a more proactive approach to cybersecurity.  In addition to implementing core cybersecurity controls such as firewalls and virus protection, the MSS involves active monitoring and response, identifying and mitigating potential security incidents before they impact processes and cause operational disruptions.

However, in-house MSS-based cybersecurity coverage can be difficult to administer and expensive to manage. For example, a typical Security Operations Center (SOC) requires a minimum of six to eight full-time experts to manage a 24x7x365 operation. As a result, many are turning to third-party experts like Schneider Electric who have the global coverage, skills, and expertise to assist with such cybersecurity coverage.

Plant cybersecurity experts must understand unique plant control processes

A successful OT cyberattack can result in a system failure that leads directly to production downtime – impacting partners, customers, corporate reputation, and Environmental, Health and Safety (EHS) factors. The financial impact of an OT disruption can be enormous.

Choosing the right cybersecurity partner is critical to minimizing attack risks. When selecting a third-party firm to manage an MSS, industrial companies should look for partners that understand:

• Programmable Logic Controllers (PLCs)
• Distributed Control Systems (DCS)
• Supervisory control and data acquisition (SCADA) environments and broader control systems
• The regulatory environment
• How to provide support across multiple sites simultaneously, driving a higher return on investment (ROI)

What to expect when engaging a third party for cyber protection

When launching an MSS initiative, share your key operational and business requirements with your partner to develop an aligned strategy based on six key pillars:

1. Asset and Network Management – Take an inventory of all the affected operational assets and network communications. Thorough asset documentation is critical, as only identified and accounted for assets can be cyber-protected.  
2. Vulnerability Management – Once asset inventory is established, collaborate to identify which assets are the most vulnerable to attack and which would have the most significant impact if breached. Plans are then implemented for more effective ways to protect those assets.
3. Threat Monitoring and Incident Response – Monitor the MSS environment and track the critical systems for threats and suspicious behaviors. When anomalies are identified, your third-party partner will investigate and recommend remediation steps to help mitigate the threat before it impacts processes.
4. Security Control Management – Cybersecurity controls are constantly in flux to accommodate the ever-changing threat landscape. Since most MSS implementations involve multiple sites across an enterprise, the partner can also monitor the security controls, ensuring all new system updates and patches are online (cyber-protected) and that the protection is configured correctly and working as intended.
5. Compliance Management – Regulatory compliance can often drive OT security decision-making, and organizations often struggle to monitor their adherence to compliance. A third-party partner can take on this labor-intensive task, identifying gaps and allowing industrial companies to focus more on their core business of efficient production.
6. Performance Management – As the MSS system matures, consistent and regularly scheduled reviews occur to assess the previous month’s cybersecurity-related events. The third-party partner offers ideas on how to continually improve the organization’s cybersecurity posture.

Together, these MSS elements provide a foundation of cybersecurity management for industrial companies to confidently mitigate their level of digital and cyber risk.

Global manufacturers like Schneider Electric™ are uniquely positioned to provide cyber protection to help ensure resilient operations. Our MSS experts have already applied their cybersecurity skills to over 200 internal global manufacturing plants and distribution centers.

Schneider Electric OT control systems and power infrastructure experts run best-in-class SOCs that manage MSS operations across a global customer set. Moreover, these teams are world-class experts in cybersecurity science and global/local regulatory compliance.

To connect with the team on our MSS solution email us at: cybersecurity-services@se.com