Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

4 years ago Joe Pettit
What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid to rest, as administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship. Even the capabilities of technology professionals have been enhanced to include full certification paths towards demonstrating cloud proficiency.

In the past, part of an organization’s startup costs included a large line item for servers and other computing equipment. Now, entire companies have been created, enabled through the reduced cost of cloud computing. It would seem that cloud has taken over every company. However, this is not true. Many organizations that relied on security through air-gapped systems are now starting to become internet-connected. This is particularly true in industrial organizations. 

While these industries start to use the internet to engage in remote abilities, they are doing so in a way that is reminiscent of earlier computing methods. It would seem that they may be missing a great opportunity to enhance their capabilities by adopting cloud technologies. We asked a group of experts their thoughts about industrial organizations adopting the cloud while also considering cybersecurity. Their responses are shared below.

Lane Thames, PhD, Principal Security Researcher at Tripwire

Industry 4.0 is emerging and has started to drastically change the way industrial organizations operate. Industry 4.0 has several definitions, but I view it as a new industrial paradigm based on digital transformation and Internet-based technological ecosystems such as the internet of things (IoT), the industrial internet of things (IIoT), cloud computing, fog computing, big data, machine learning (ML), deep learning, and artificial intelligence (AI).

In order for an industrial organization to begin the journey towards and enjoy the benefits of Industry 4.0, they must adopt digital transformation and Internet-based technological ecosystems. One such ecosystem is cloud computing. Cloud computing is required for an organization to make this broad leap forward, and the adoption of cloud computing by industrial organizations comes with many benefits. Over the previous years, data have been captured on a small scale with respect to the total amount of available data within OT/ICS networks. In particular, most of the data we currently collect is based on what is required by a system to be collected such as signals coming from monitoring real-world processes or data related to safety control and safety instrumented systems. However, there are many signals and data within OT/ICS networks that can be captured that are not necessarily a requirement but could be used to enable more secure and smarter industrial environments, i.e., smart factories.

This requires large-scale data collection, storage, processing, analytics, and visualizations, however. This is where the cloud comes into the game. The cloud can offer the resources for this increased scale. The result is innovation such as predictive process modelling, predictive maintenance, and process optimizations.

There are cybersecurity implications for this adoption, as well, with both positive and negative results. On the positive side, the massive amount of big data and predictive techniques could be used to enhance our current capabilities to observe malicious activities within an OT/ICS network. The cloud and industry 4.0 can enable innovations that allow visibility and detection of attacks at larger scale and higher dimensions than non-Industry 4.0 organizations. For example, if a malicious user has gained access to an ICS network and is trying to spoof signals sent to a human-machine interface (HMI) in order to achieve some goal, real-time data processing and ML-based predictive modelling in the cloud could be used to alert on suspicious activity. This is a positive benefit, as the cloud and all the data processed is being used to increase the organization’s cybersecurity posture. A negative impact could be the introduction of new devices such as IIoT-based data collection systems into OT/ICS networks as part of an industrial organization’s digital transformation. A solution to this problem is having cybersecurity technology that provides both device visibility into the OT/ICS networks and capabilities that aid with device integrity such as security configuration and vulnerability assessment.

It is a brave new industrial world, and I cannot wait to see how Industry 4.0 continues to evolve and make our world a better place.

Gabe Authier, Director of Product Management at Belden

A primary benefit of OT/ICS adopting the cloud is being able to scale their industrial cybersecurity program across multiple factories/plants and across regions. The first step in OT cybersecurity is understanding what you have on your network. This is often referred to as “visibility of the OT network.” Having visibility into one plant is a good start, but being able to achieve similar data visibility and use a standard risk scoring system from multiple plants into one centralized location is key to gaining a complete overview of your cybersecurity posture across you organization. The cloud makes it much easier to aggregate the data and ultimately take action to reduce risk across an organization with industrial assets. Furthermore, you can start scoring your overall risk from a centralized platform and use that information to focus on plants or regions that have the most risk, aiming towards a universal risk reduction approach for your industrial networks.

Jim Laurita, Sales Engineer at Tripwire

Is the cloud right for your ICS environment? Unfortunately, there does not appear to be a clear, concise answer to this question, as each industry has its own set of challenges and goals. While cloud computing can offer substantial advantages for smart manufacturing technologies, there is always uncertainty surrounding opening a portal into mission-critical or sensitive networks. Any discussion of cloud computing within the ICS or OT world should start with two questions. First, what advantages does cloud computing provide versus on premise solutions. Second, what pitfalls or vulnerabilities exist?

Some of the advantages that cloud can bring to an environment are flexibility, scalability, and remote vendor support. For example, your infrastructure is running into performance issues, and your application is suffering. With cloud-based solutions, we can add some RAM or increase CPU allotment rather than have to add hardware. Of course, alongside advantages come risks. Spotty internet connections could lead to timing issues and unreliable processes, not to mention outages and production loss.

Perhaps the biggest risk with cloud computing is security. While we can debate the reality of the air gap and whether or not it even exists, what is not up for debate is the increased attack surface created by connecting local assets to the internet. Regardless of traditional security measures such as intrusion detection systems and anti-virus software, any system with an internet connection is more vulnerable than a system without one. Threat hunting with an asset discovery and vulnerability management tool such as Tripwire’s Industrial Visibility or Industrial Sentinel can vastly mitigate the inherent risks of cloud computing.

Greg Hale, Editor at ISSSource

OT has been operating in the cloud for some time but on a limited basis and for certain uses. It is clear that adopting the cloud from an OT perspective does bring benefits like ease of use, rapid provisioning, and increased scalability, but like the ongoing digitization movement, there are security issues. As we get closer to adopting more cloud capabilities, there will have to be unified and holistic visibility across IT and OT to understand what is going on. Also, cloud providers have been saying for a long time that their security is unparalleled. With everything I hear from security professionals and from my own observations, however, I just don’t believe that.

As it stands now, manufacturers of all types are struggling to develop OT security at a pace comparable to the speed with which attackers are developing their own skill sets. On top of that, the OT landscape is becoming more complex due to IT/OT convergence, IIoT devices, virtualization, and cloud computing. The overall sense I am getting now is that everyone has to take a deep breath and understand the business benefits and then build in security from the start.

As we move toward more cloud adoption, the idea of OT security will have to change to a more holistic approach across the entire manufacturing company’s enterprise. Not only that, but “Zero Trust Architecture” will have to come into play. I truly believe OT/ICS is a long way away from total cloud adoption, but the level of digitization has changed so rapidly since the pandemic that you never know how quickly things may change.

Divij Agarwal, Technical Director, Edge at Belden

We are seeing digitization of factories at a pace never seen before. While digitization helps improve overall productivity and efficiency, it poses a big challenge in the form of data management and governance. Connected devices generate data that can be harnessed for meaningful business insights which was not possible in the traditional air-gapped systems. Cloud plays a crucial role in enabling this digital transformation through tools such as data analytics, visualization, and storage. Industrial networks can now utilize the benefits of almost limitless compute and storage capabilities of cloud to store their data, process it, and analyze it for improving their operational efficiency. Additionally, most cloud providers today offer ready-to-use tools and services that have rich interfaces to consume this data and generate actionable insights using AI, machine learning, and interactive visualization technologies. Care must be taken to ensure this data migration to cloud does not pose unforeseen risks to the factory and its operations. Sending huge volumes of high-variety data to the cloud can strain resources such as network infrastructure. It can also introduce unwanted latency to mission-critical, time-sensitive operational data.

Organizations should also consider data as an asset. As such, they need to ensure its security and governance while it’s being sent to the cloud as well as once it is stored there. Edge has a pivotal role in being an extension of cloud, but it works closer to the actual plant network. It can ensure end-to-end secure transmission of data between plant floor and cloud while ensuring only relevant, compressed, and useful data is sent for reduced bandwidth consumption and latency.

Dr. Thomas Duffey, Director of Cybersecurity and Compliance at Itegriti

Scalable cloud computing, which includes previously unavailable resources (i.e., advanced memory, compute, and analytics), facilitates cost reduction and decreased implementation time. Cloud facilities from the largest providers are equipped with the latest advances and cybersecurity features, allowing customers to expand and shrink capabilities “ondemand.” Organizations of all sizes can now shift their IT expenditures from CAPEX to OPEX, leveraging modern technologies such as machine learning and data science without requiring in-house competencies.

A significant paradigm shift is occurring, with the total number of internet-connected devices expected to exceed one trillion over the next three years. OT-IT convergence, accompanied by cloud-based options, is creating additional complications. OT and IoT (ranging from large industrial systems to much smaller devices like hospital infusion pumps) previously used “air-gapped” connections and proprietary protocols, but they now include standard network connectivity, blurring the proverbial lines. Unlike traditional IT, which emphasizes the well-known CIA triad, safety and reliability are paramount to OT environments. As evidenced by recent international security incidents, we must remember that compliance differs from cybersecurity, and regulatory requirements range from robust to non-existent depending on the industry. NERC CIP focuses on the industrial control system reliability, but HIPAA emphasizes privacy over robust security, and there are currently no mandatory criteria for healthcare IoT.

Some organizations may embrace digital technologies, including the cloud, without considering the OT risks involved. Unsanctioned “shadow IT” increases the available attack surface. Without an adequately segmented architecture (e.g., Purdue model), cybercriminals may leverage readily available tools and techniques, enabling them access to the IT side of the house, as well as compromise OT and IoT systems with lesser or non-existent protections. Adequate security begins with solid governance, and together, people, processes, and technology play an essential part in creating a resilient business strategy.

Ronen Rabinovich, Senior Product Manager Firewall and Security at Belden

Industrial companies are looking for better ways to connect their workforce to decision tools and digitally enhance or augment work and business processes. Companies are increasing the use of anywhere, anytime access to systems, applications, data, and people to drive higher productivity, better quality, and lower their costs. Connected workers are driving higher performance in every industrial activity. Workers with remote access to systems and assets are reducing facility downtimes and travel costs. Site personnel with instant access to project information are reducing construction delays and costly errors. Instant access to cloud resources and subject matter experts (SMEs) is improving the productivity of factory workers. Remote operation of equipment in distant and hazardous areas is reducing safety risks and travel costs.

Connectivity is also enabling broader use of productivity-enhancing technologies like cloud analytics, smart glasses, and augmented reality. While these benefits are large, they come with increased cyber risks. Every interaction opens a new attack pathway. Devices used outside facilities also increase opportunities for malware infection and data loss. Current industrial cybersecurity programs were not designed to manage these threats. To securely reap the full benefits of connectivity, companies need to implement a “zero trust” security approach such as:

  1. Asset management and visibility – The ability to define authorized users, their roles, and their privileges as well as set and manage asset communication policies.
  2. Secure Remote Access – This involves maning the end-to-end security of remote connections into protected systems, devices, applications, and data. These solutions protect assets from compromise and exfiltration of confidential information. This function involves securing external communications, securing connections with protected networks and assets, and securing management of connections and activities throughout the session.
  3. Intrusion Protection System (IPS) Capability – This network security tool (which can be a hardware or software device) continuously monitors a network for malicious activity and takes action to prevent it such as by including reporting, blocking, or dropping it when such an event does occur.
  4. Intrusion Detection System (IDS) capability – Usually working in tandem with an IPS, this system monitors the network for malicious activity or policy violations. Any intrusion activity or violation would be reported either to an administrator or collected centrally using a Security Information and Event Management (SIEM) system.

Max Gilg, Industrial Executive at Tripwire

There are a lot of opportunities for cloud solutions in OT/ICS environments. The ubiquitous nature of cloud compute power and limitless storage capacity presents a lot of use cases where a production environment could use this fast, always available resource. It starts with simulations, machine learning over many sensors, or interconnected production load-sharing. There are also use cases that are even related to the hyper connection of multiple anonymous information streams in a service. For example, shared threat information and intelligence can prepare your system against attacks seen in other companies in the same vertical. Routing secure remote access or outgoing traffic over a public cloud can protect an organization against distributed denial of service (DDoS) attacks by simply not publishing IPs that lead to the local internet address. Although there are many advantages to cloud adoption in OT/ICS environments, there are also risks. The main risk is the increased complexity that is introduced through a distributed environment. However, even for these challenges, cloud benefits outweigh these concerns.

The post ” What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?” appeared first on TripWire

Source:TripWire – Joe Pettit

Tags: Cloud, Critical Severity, High Severity, Malware, Privacy, TripWire

Continue Reading

Previous RCE Bugs in Hugely Popular VoIP Apps: Patch Now!
Next Creating Your Disaster Recovery Action Plan

More Stories

  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

1 hour ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

3 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

18 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

23 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

1 day ago [email protected] (The Hacker News)

Recent Posts

  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
  • Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT