Industrial automation networks differ greatly from office networks and, as such, need a different approach to safety and security, as Paul Hingley explains
Alittle known organisation called the CPNI (Centre for Protection of National Infrastructure), along with other government agencies, spends a great deal of time and effort offering practical advice to some of the businesses supporting the UK's major infrastructure requirements. Road, rail and transport industries, power generators, energy providers and water utilities are all potentially high risk in terms of threat. Any type of incident, attack or failure occurring within them would have potentially devastating consequences.
However, it isn't just this type of business that needs ongoing risk assessment and protection of SCADA networks. The same methodical preparation, thinking and implementation should also be front of mind for any manufacturing or process-driven business that could be at risk of attack or production failure. Company systems can be open to any number of threats and, once attacked, it is often too late to retrieve a situation. Think, for example, of a food manufacturer whose quality control procedures are compromised, or an industrial process targeted by environmental, political or animal rights protestors. Conversely, internal threats may appear, either accidental or intentional access violations, or virus introduction. It is my view that many businesses are at best complacent, and at worst potentially negligible, when it comes to protecting themselves and safeguarding their industrial networks' health, particularly when focusing upon automation networks.
However, it isn't just this type of business that needs ongoing risk assessment and protection of SCADA networks. The same methodical preparation, thinking and implementation should also be front of mind for any manufacturing or process-driven business that could be at risk of attack or production failure. Company systems can be open to any number of threats and, once attacked, it is often too late to retrieve a situation. Think, for example, of a food manufacturer whose quality control procedures are compromised, or an industrial process targeted by environmental, political or animal rights protestors. Conversely, internal threats may appear, either accidental or intentional access violations, or virus introduction. It is my view that many businesses are at best complacent, and at worst potentially negligible, when it comes to protecting themselves and safeguarding their industrial networks' health, particularly when focusing upon automation networks.
No comments:
Post a Comment