As manufacturers and supply chains digitize operations, they increasingly depend on system connectivity to gather critical data and analysis to realize cost savings, improve quality, and enhance productivity. This added machine connectivity widens the potential digital and cyberattack surface, heightening the need for cybersecurity management.
With the manufacturing industry reporting the highest share of cyberattacks, business owners recognize the need for innovative and resilient plant cybersecurity approaches to help minimize downtime, loss of intellectual property, and other disruption that can be exploited through system vulnerabilities.
As the stack of cybersecurity tools in Industrial Control System (ICS) environments grows, and the pool of ICS cybersecurity and process expertise shrinks, Managed Security Services can be used to help combat this growing threat landscape in complex IT and OT environments. While there is plenty of information on types of cybersecurity management services being offered to combat the latest and greatest threat, there is little information on what a managed security service really delivers and what makes up a solid managed security program.
What are Managed Security Services?
Today’s Industrial Control System owners are reevaluating traditional information technology (IT)-based cybersecurity approaches to focus instead on a more comprehensive operations technology (OT)-based managed security solution (MSS).
An MSS takes a more proactive approach to cybersecurity. In addition to implementing core cybersecurity controls such as firewalls and virus protection, the MSS involves active monitoring and response, identifying and mitigating potential security incidents before they impact processes and cause operational disruptions.
However, in-house MSS-based cybersecurity coverage can be difficult to administer and expensive to manage. For example, a typical Security Operations Center (SOC) requires a minimum of six to eight full-time experts to manage a 24x7x365 operation. As a result, many are turning to third-party experts like Schneider Electric who have the global coverage, skills, and expertise to assist with such cybersecurity coverage.
Plant cybersecurity experts must understand unique plant control processes
A successful OT cyberattack can result in a system failure that leads directly to production downtime – impacting partners, customers, corporate reputation, and Environmental, Health and Safety (EHS) factors. The financial impact of an OT disruption can be enormous.
Choosing the right cybersecurity partner is critical to minimizing attack risks. When selecting a third-party firm to manage an MSS, manufacturers should look for partners that understand:
- Programmable Logic Controllers (PLCs)
- Distributed Control Systems (DCS)
- Supervisory control and data acquisition (SCADA) environments and broader control systems
- The regulatory environment
- How to provide support across multiple sites simultaneously, driving a higher return on investment (ROI).
What to expect when engaging a third party for cyber protection
When launching an MSS initiative, share your key operational and business requirements with your partner to develop an aligned strategy based on six key pillars:
- Asset and Network Management – Take an inventory of all the affected operational assets and network communications. Thorough asset documentation is critical, as only identified and accounted for assets can be cyber-protected.
- Vulnerability Management – Once asset inventory is established, collaborate to identify which assets are the most vulnerable to attack and which would have the most significant impact if breached. Plans are then implemented for more effective ways to protect those assets.
- Threat Monitoring and Incident Response – Monitor the MSS environment and track the critical systems for threats and suspicious behaviors. When anomalies are identified, your third-party partner will investigate and recommend remediation steps to help mitigate the threat before it impacts processes.
- Security Control Management – Cybersecurity controls are constantly in flux to accommodate the ever-changing threat landscape. Since most MSS implementations involve multiple sites across an enterprise, the partner can also monitor the security controls, ensuring all new system updates and patches are online (cyber-protected) and that the protection is configured correctly and working as intended.
- Compliance Management – Regulatory compliance can often drive OT security decision-making, and organizations often struggle to monitor their adherence to compliance. A third-party partner can take on this labor-intensive task, identifying gaps and allowing the manufacturer to focus more on their core business of efficient production.
- Performance Management – As the MSS system matures, consistent and regularly scheduled reviews occur to assess the previous month’s cybersecurity-related events. The third-party partner offers ideas on how to continually improve the organization’s cybersecurity posture.
Together, these MSS elements provide a foundation of cybersecurity management for businesses and manufacturers to confidently mitigate their level of digital and cyber risk.
Global manufacturers like Schneider Electric™ are uniquely positioned to provide cyber protection to help ensure resilient operations. Our MSS experts have already applied their cybersecurity skills to over 200 internal global manufacturing plants and distribution centers.
Schneider Electric OT control systems and power infrastructure experts run best-in-class SOCs that manage MSS operations across a global customer set. Moreover, these teams are world-class experts in cybersecurity science and global/local regulatory compliance.
To connect with the team on our MSS solution email us at: firstname.lastname@example.org
About the author
Quest Taylor, Cybersecurity Offer Manager
Quest Taylor is a highly skilled high-tech professional with a passion for leveraging technology to solve global challenges. With expertise in XaaS, Cloud, IoT, and cybersecurity, Quest is experienced in creating digital solutions that drive business growth and promote sustainability. As a Global Cybersecurity Offer Manager, he leverages his expertise in emerging technologies and data-driven decision-making to drive product and business direction. Quest holds a Bachelor of Science degree in Mechanical Engineering from North Carolina State University.