Yokogawa Digital Solutions

View Original

Cyber Doctors: Your Solution to the Common (and uncommon) Cold

Introduction

No matter how vigilant and health conscious we are - proper diet, sufficient exercise, and regular sleeping habits - humans will always be susceptible to catching the common cold. Some are at less risk than others, but none of us are 100% immune. 

Just like the human body, even a healthy and well-managed industrial plant is susceptible to catching a cold from time to time. When a major plant catches a cold (virus), however, it can be said that this has the potential to be much more serious than you or I catching the flu. Critical infrastructures such as energy, transportation and chemical plants can be vital to millions, affecting their national economy, public health, safety and security. 

Furthermore, no matter how hard we try, the cyber security systems that we put in place to detect viruses and security breaches are never 100% perfect; this is a cold hard fact. The key to achieving safety, security, and a high level of risk management is: constant monitoring and support from industry professionals who have experience in a wide range of areas (e.g. IT and OT). 

What follows is a summary and the key points to be learned from the video explaining how cyber threats and viruses can be detected and managed, proactively.

Your Dependable Health Care Service Provider 

A health conscious young man – let’s call him John – constantly monitors his health using his smartwatch. His watch is connected to his team of doctors who look after his conditions, and are always standing by to support him 24/7.

One day, John's smartwatch turns yellow – he seems to be coming down with a cold. John receives medicine to cure his cold immediately, before it gets any worse.

Key Point: Using sensors and dashboards, plants can be constantly monitored to see if it is in normal operation - protected from malware using Anti-Virus pattern files. Although it is still common to apply patches manually, these can also be distributed automatically and remotely, reducing time and cost in applying them to multiple sites with a large number of systems.

One day later, John is back to his regular routine and goes jogging. While jogging he runs into his friend Catherine, who is walking her dog. John says hi to Catherine and pets the dog.

That night, John's smartwatch turns red – an unknown and seemingly serious virus has been detected. His team of doctors who monitor his health immediately analyze the situation and discuss the necessary measures to be taken.

Key Point: The Security Operation Center (SOC) will support plant operations by having professionals monitor and respond to incidents from the cyber security perspective, 24/7.

Where did that virus come from? Unbeknownst to Catherine, her dog was carrying a virus, transmitting it to John unknowingly. This was completely unintentional.

Key Point: The same applies for industrial plants – it’s not always the bad guys that infect the network with malware. A single USB flash drive that's malware infected can lead to a fatal accident, even if the system is not connected to the Internet. This is why establishing security policies and awareness trainings are important to avoid risks within the organization.

The doctors looking after John conclude that the unknown virus cannot be treated with a simple remedy. A specialist visits John at his house, ensuring he doesn't leave the premises and spread the virus to anyone else. While John is being treated, the doctors identify the root cause of the virus and care for Catherine’s dog too.

Key Point: The appropriate security measures must be taken immediately. If you detect a malware infected system, isolate it from the network to avoid further infection. In order to prevent further infection, the root cause will also need to be detected and taken care of.

Lifelong Partners

No matter how health conscious we are, some of us end up catching a cold, often times coming from a friend or acquaintance with non-malicious intentions. In order to reduce risk and optimize healthy operations, industrial plants require constant monitoring, appropriate cyber security defensive measures, and last but not least, a team of Cyber Doctors to rely on for a lifetime.