Representative End User Clients
Representative Automation Clients
Representative Software Clients
Because you only see a part of the problem but not the whole thing, cybersecurity threats are akin to an iceberg, said Charles Lim, Industrial Cybersecurity Evangelist, Yokogawa Engineering Asia, at the start of his presentation, OT Cybersecurity Management, at the ARC Asia Forum 2021. Companies are aware of obvious issues (visible iceberg), like known malware and vulnerabilities as well as incidents consequent to successful cyber intrusions. However, most of the time, there are deeper underlying issues (invisible iceberg) that contribute to overall vulnerabilities of the plant. For instance, there may be some unsafe operator behaviour, such as not following the correct procedures. Or, there could be inadequate integration of the operational technology deployed in the plant resulting in a plethora of devices and systems to manage.
Industrial companies are also often frustrated after investing heavily in cybersecurity technology but finding themselves still vulnerable to attack. Quite often this is because of the delay time between the announcement of a cyber vulnerability by a technology supplier and the release and then implementation of the required patch. That delay represents a window of opportunity for threats to become successful intrusions. And, in the majority of cyber incidents, systems are compromised, and data is stolen within just a few hours of the breach, and usually well before the company is even aware it has been attacked
So, it is important, advised Mr Lim, that companies react quickly to potential cyber threats. And it is here that proper cybersecurity management should be used to effectively maintain the various cybersecurity systems deployed in the plant, such as anti-virus, secure remote access, and backup and recovery.
Managed Services Approach
While industrial companies are increasingly more willing to invest in cybersecurity technology to protect OT systems, the well-known dearth of cybersecurity skills and talent can mean that the technology is not allied with the expertise to recognize and differentiate alerts and carry out the necessary follow-up action.
The value proposition of Yokogawa Managed Services, explained Charles Lim, is that clients get peace of mind knowing that they can focus on their core business through having a partner acting as a single point of service for their OT infrastructure and helping to optimize plant productivity through ensuring longevity and maximum uptime of deployed systems and devices. As well as covering OT assets, like controllers, instruments and industrial networks, Yokogawa’s Managed Service Suite (MSS) caters for cybersecurity applications through Centralized Cybersecurity Management.
With MSS Centralized Cybersecurity Management integrated in a customer environment featuring multiple plants and automation systems suppliers (not just Yokogawa), security updates from different suppliers can be more effectively managed and deployed to the appropriate systems. This helps to consolidate all the OS and antivirus patches, and also to ensure secure provision of remote access, which is a functionality that needs to be managed properly to avoid doing more harm than good. In addition, the asset info, event logs, and compliance reports are channelled to the OT Security Operations Center (SOC), so that Yokogawa has a continuous view into what is happening in relation to cybersecurity at the customer’s facility.
As Mr Lim further elaborated, Yokogawa’s aim is to simplify management of customers’ cybersecurity technology infrastructure. Keeping the whole environment up-to-date and sensitive to changes translates to much higher levels of visibility and rapid detection and response. Given that the amount of time needed to react to a cyber incident usually determines the extent of the damage, MSS Centralized Cybersecurity Management can help to limit the impact of a cyber intrusion.
Plant Security Program
While Managed Services can go a long way to boosting a company’s cybersecurity posture, it is but one aspect of Yokogawa’s Security Program for industrial plants. The other key elements are Awareness & Training, Risk Assessment, Policies & Procedures, Business Case, and Design & Implementation.
With Awareness & Training, the aim is to train every staff to know what they are supposed to know and what to do and what not to do. Ideally, this should be repeated on an annual basis, recommends Mr Lim, as people can often forget or neglect required best practices. The objective of Risk Assessment is for companies to assess their cybersecurity situation and identify any serious gaps, and you may wish to compare multiple plants across the enterprise to check their relative cybersecurity postures. Meanwhile, Policies & Procedures is an important aspect of the Security Program, because if there is no defined policy and procedure for people to follow, they will not know what to do. and most likely could do the wrong thing and endanger cybersecurity.
Many times, companies realize that there are many cybersecurity gaps they need to fill, but they lack the financing to do all that is necessary in one go. That’s where the Business Case comes in, identifying what must be done immediately, what can be done in later phases, and how to justify the investments. While there may some things a company can do it by itself, there are likely others that require help in the form of Design & Implementation, where Yokogawa comes in as a consultant to advise on areas of improvement. Maybe the network segmentation was not done correctly? In that case, you don't really need to invest in the technology, you just need to configure your firewall correctly, which alone will greatly improve the plant’s cybersecurity.
Charles Lim concluded his presentation at the ARC Asia Forum by emphasizing that choosing the right security partner means choosing someone who will not only observe the situation, but actively work to shape the future. Accordingly, Yokogawa is striving to continuously evolve by providing high-end security concepts within a service thinking approach and becoming the choice cybersecurity partner for customers.