Cybersecurity Viewpoints

This week at the DistribuTECH conference, Nozomi Networks debuted its flagship industrial security and visibility solution as part of Siemens RUGGEDCOM Multi-Service Platforms. Nozomi’s SCADAguardian Advanced Container Edition provides industrial operators and cyber security teams with an embedded solution for real-time cyber security and OT network visibility.

As we’ve learned, digital transformation can be a challenging, if necessary, journey.  At each year’s Forum, we learn more about how pioneering companies are overcoming these challenges and the associated operational and business benefits.  This year, one of the key Forum takeaways was that culture, rather than technology, is often one of the major barriers to digital transformation.

Honeywell announced the latest release of Secure Media Exchange (SMX), a cybersecurity solution to protect industrial operators against new and emerging Universal Serial Bus (USB) threats.  SMX now includes patent pending capabilities to protect against a broad range of malicious USB device attacks, which disrupt operations through misuse of legitimate USB functions or unauthorized device actions.

Executive Overview

The need to improve industry response to address cybersecurity risk is well established. Each new incident report increases awareness of the risks faced.

The scope of safety and cybersecurity goes well beyond process safety systems alone.  Across the industrial and infrastructure worlds, an increasing number of end users are adopting more sophisticated strategies for risk management.  This drives closer cooperation and convergence between the safety and cybersecurity disciplines.

This article further examines how the Security Response Process and the Product Security Incident Response Team (PSIRT) processes achieve more than effective responses, they also help prevent and detect security events. Figure 1 shows an example of a typical PSIRT process. 

In addition to our cybersecurity workshop sessions on Monday, We will have cybersecurity-related sessions throughout the ARC Forum program that will examine several different issues related to industrial/OT cybersecurity. Our Tuesday afternoon session at 4 PM features discussions from key end users with boots on the ground in industrial cybersecurity, as well as leading cybersecurity suppliers that are implementing solutions and providing threat hunting services.

In addition to our upcoming ARC Forum cybersecurity workshop sessions on Monday, ARC will have cybersecurity-related sessions throughout the Forum program that will examine several different issues related to industrial/OT cybersecurity. Our Tuesday afternoon session at 2 PM features several great presenters and panelists

Previous ARC Advisory Group reports have discussed how to define and implement cybersecurity programs based on guidance and requirements available from standards, guidelines, frameworks, and other sources. However, implementation is just the beginning since responding to constantly evolving cybersecurity risks is not a project, but a process.

How can business leaders in manufacturing determine what’s really needed to safeguard their business from a cyberattack? AT&T will strive to help end users answer this question at a workshop on Monday, February 4 at 1 PM at the ARC Forum, where they will discuss the state of cybersecurity for manufacturers and how the industry is responding to the increased security threats to their data.