Month: May 2021

Creating and Maintaining a Cyber Resilient Organization

Creating and Maintaining a Cyber Resilient Organization
Written by David Bacque, VP of Operations and Director of OT Security


When major cyber events hit the news, we are reminded again of the best practices and continuous improvement opportunities we may, or may not, be employing to lead a cyber resilient organization. Teams responsible for operational technology and industrial control systems should be keenly aware of the risks associated with cyber events and the potential for costly production downtime, not to mention damage to people, property, or the environment.

While it is important to have procedures in place to respond to cyber incidents, preventative measures should be your first line of defense. For OT Systems, there are several critical security controls that are often overlooked or not fully implemented which can go a long way towards mitigating risk and improving an organization’s ability to respond to a cyber event. This article briefly outlines a few foundational elements which should be utilized in addition to proper incidence response planning.

Asset Management

Often, organizations have an incomplete or outdated asset inventory stored in a file which is hard to find and even harder to manage or derive value from. Modern OT Asset Discovery and Monitoring solutions, such as Forescout, can proactively and safely monitor OT systems to maintain an asset inventory as well as monitor for unplanned system changes, current patch levels, and unauthorized devices.

Portable Media and Device Management

Because OT systems are typically segmented from other enterprise systems as well as the internet, well-intentioned administrators, consultants and technicians often must get creative on how to connect, update and configure devices. This typically involves connecting a portable computer to the system or bringing data in on a portable media device, such as an external hard drive. In order to maintain the integrity of an OT system, it is critical that a process exists to limit the use of unknown portable media and computers as well as a process to scan and quarantine any device which needs to connect into the OT environment.

System Patching and Hardening

Modern operating systems are insecure by design and require a plan for patching and unnecessary features to be disabled to minimize the possibility of malicious code execution. OT system administrators often skip patching and hardening OT systems because of the false sense of security provided by network boundaries, firewalls or even “air-gaps”. The fact is that malware or other exploits can still find their way into OT systems through portable media and computers or even through poorly configured firewalls or inadvertently connected systems. Once inside a network of unpatched computers, exploits are far more likely to wreak havoc through well-known vulnerabilities. Typically, these vulnerabilities have long been addressed by system vendors.

Disaster Recovery Planning

Most people know that it is important to routinely back-up mission critical data and systems to avoid data loss in the event of a system failure. What is often overlooked, however, is utilizing a process and practicing an actual system restore from that backup to verify that systems can be recovered in an amount of time consistent with a risk-based plan. In the same way disaster preparedness is important to ensure your team is familiar with the safety protocols put into place for emergency situations, disaster recovery planning prepares your team in the event of a cyber-attack. Backup integrity needs to be regularly verified and systems should be restored onto test hardware to verify that recovery processes are accurate and reduce the impact of a cyber event or system failure.

Preventative Measures

In summary, there are a number of risks associated with industrial cybersecurity of OT systems. While it is certainly important for organizations to have procedures in place to respond to cyber events, it is also crucial to be proactive about protecting your assets. A few preventative measures that should be implemented within organizations include:

  • Asset management
  • Portable media and device management
  • System patching and hardening
  • Disaster recovery planning

Ensure your systems are protected and your assets are defensible – contact RED Group today to get a better idea of where you currently stand on your cybersecurity journey and to lay out a roadmap to better cyber resilience.

David Bacque, an experienced cybersecurity and operational technology (OT) professional, has led, advised on and delivered OT projects and ICS security initiatives with industrial clients around the world.

Stay Ahead, But Don’t Get Swept Away, by the Industrial IOT Wave

Stay Ahead, But Don’t Get Swept Away, by the Industrial IOT Wave

The advent of internet of things (IOT) technology represents a new era for industry and manufacturing.

The growth of industrial IOT (IIOT) connections is explosive; by 2025, there will be more than 36.8 billion connections, according to a 2020 report by Jupiter Research. This figure is more than double the current IOT adoption.

Although most industry decision-makers recognize the value of industrial IOT and have expressed a desire to shift, several barriers have impeded progress, especially in regard to architectural challenges, security concerns, and lack of qualified partners to help navigate the transition.

This article will briefly outline the benefits of industrial IOT, explain some of the challenges, and provide a solution for overcoming these obstacles.

IIOT: Transformational Potential

The multiplicative growth of IIOT is largely due to its efficiency benefits. The technology gives organizations access to increased amounts of data to feed analytics, AI, and cognitive learning systems which can transform operations through automation and high rate decision making. The result is boosted productivity and streamlined functions.

For example, sensors on machinery monitor performance constantly, gathering data on operations that can be used to optimize performance. Some of the data gathered can also be used for equipment maintenance and can trigger alerts when machines require attention.

There are a myriad of other uses for IIOT, such as safety. IIOT empowered environments can also keep workers safer by alerting entire facilities when accidents occur. In a split second, operations can be halted, and team members can intervene to mitigate the incident. Simultaneously, sensors will mine data to generate insight into what caused the incident and how it can be prevented from reoccurring.

IIOT Challenges Are Significant, Yet Surmountable

The industrial IOT takeover seems imminent, yet many decision-makers are still hesitant to master the new technology. The slow starters hesitate at their peril, as being early adopters to IOT technology can be a significant competitive advantage in the long run.

In general, some common obstacles holding the business back from realizing the benefits of industrial IOT follow one of these themes:

Primary Process Control System (DCS, etc.) Integration Challenges

Where primary process control systems are concerned, there are already many complexities to manage, for which sensors might create one more pain point. Decision-makers are often overly cautious to implement new technology, out of concerns for cost, cybersecurity, network challenges, and user access. If overall system architecture and safe operations are considered in implementing industrial IOT technologies, these technologies can exist within or along side existing control system architectures.

Pilot Projects Are Daunting

In 2020, IndustryWeek reported that many IOT initiatives end up stuck in “pilot purgatory,” leading to frustratingly slow progress and causing some industrial organizations to delay their migration to IOT. Some obstacles include complexity of assets, lack of willingness to participate in an IOT program, “ugly baby syndrome” or a reluctance to see that current processes are insufficient.

Critical Data and Systems Are Challenging to Access by Design

IOT projects often need additional data to view and analyze, but it can be tricky to execute control systems integrations. Often, engineering projects are required to pull in the necessary components, such as those in the DCS.

How to Overcome Challenges and Enhance Benefits: RED Alert in IIOT

Industrial IOT programs have transformational potential, but successful deployment requires both expertise and technology. With the right partner, you won’t need to worry about stalled pilot programs, primary process control system concerns, or stubborn data and systems siloes.

RED Group provides consultative management, dedicated specialists, and proprietary software that will facilitate successful IIOT initiatives. Our best-in-class control systems technology is perfect for a variety of uses and industries.

For our clients, RED Group consults on sensor and instrumentation selection and engineering. We also provide additional programming and consultation as required. There is no need to fuss over the tech stack since we provide all the hardware, software, installation, and commissioning.

The work doesn’t stop when the data is collected. Once enough raw intelligence has been generated, we activate our RED Alert SCADA. Analytics at the edge or in the cloud?  RED Alert can provide both.  Our technology allows us to forward data and integrate it into other systems as well.

Why should you trust RED Group? For one, our track record of partnership is a testament to our effectiveness. We consistently lower CapEx costs, deploy in less time than our competitors, and have superior expertise in engineering and integrating IIOT assets.

Don’t Fall Behind the IIOT Curve—Get in Touch With RED Group Today>>>