We are accustomed to thinking about enterprise networks and systems as methods for sharing information across the sometimes vast and diverse areas of an organization. Often, these communications networks are needed not solely for employees, but for the systems and machinery that can remain operational almost all the time.
Enterprises use supervisory control and data acquisition (SCADA) to monitor and control sites in a centralized system. These systems are becoming increasingly smarter, with the ability to collect and analyze more and more data.
From the “industrial internet of things” (IIoT) to utility Smart Grids, implementing SCADA in your business offers several benefits, but like other tech solutions, cybersecurity remains a top concern.
All about SCADA
SCADA is a centralized monitoring and automation control system designed for monitoring real-time data. It originally was used mostly in utility industries as a system for monitoring large-scale sites, such as power plants.
Their application is not limited to the utility industry, but these sites often have the most need for the benefits that SCADA provides. However, advances in abilities to create and analyze data have made remote monitoring of a host of systems commonplace.
SCADA systems usually include central monitoring and control point, which host a SCADA server and a human-machine interface (HMI.) At the physical plant location, programmable logic controllers (PLCs) interface with equipment.
These PLCs are networked with the SCADA system and other information gathering devices, such as sensors and remote transmission units (RTUs). While the concept of remote monitoring and control may seem simple at first, it is easy to see how implementing SCADA can be highly complex.
The cybersecurity challenge
It is the complexity of these systems that increase vulnerability. Cybersecurity issues are now prevalent in industries that utilize SCADA. A recent report by Forrester, commissioned by Fortinet, stated that up to 60 percent of organizations that use SCADA experienced cybersecurity threats in 2017.
Like many enterprises, IT budgets continue to rise but seemingly little is accomplished to stem cybersecurity threats. With SCADA industries, however, an additional element is driving new vulnerabilities. IIoT devices are being managed and controlled now in addition to their old systems.
These older SCADA systems were routinely walled off from other networks when perimeter security was the standard operating practice. Increased need for connecting outside of the organization, such as cloud use, required the adoption of a less fortified approach.
The transition was not always done with information security as a leading driver. This leaves many SCADA enterprises exposed to cyber threats.
Common security issues
The lack of concern about security in some organizations is one of the main vulnerabilities. In today’s world, businesses of all shapes and sizes are embracing digital transformation. IT is no longer a specialty department, siloed away from operations.
Network technology, platforms and connected software make cybersecurity an organization-wide concern. Crucially, prioritizing security often requires a change from the top down to resonate.
Another security challenge is the tendency for organizations to rely on the obscurity of their SCADA systems. By thinking that they are immune to attack because of a system’s uniqueness underestimates hacker ability. Some organizations further believe that they are physically secure since these systems traditionally were disconnected from the internet.
Today, it’s increasingly difficult to keep operation technology disconnected. To be able to analyze data in real-time, you must, of course, be connected. A stronger approach involves change. Rather than fighting against technologies and innovations that can help achieve business goals, develop standards and policies for IT security.
This policy can then drive decisions that balance objectives with security.
Modern SCADA solutions
Since connectivity is essential in modern businesses that use SCADA systems, many of these systems have evolved. Today modern IT standards and SCADA systems have greatly improved security, as well as efficiency, productivity and reliability.
Networked SCADA systems have been available for almost two decades, and while some organizations try to cling to their old distributed or monolithic systems, the technology continues to evolve. Web-enabled SCADA helps facilitate remote access and monitoring.
Security issues in connected SCADA systems can be addressed with segmented networks, intrusion detection, security protocols and prioritization of threat defense, detection and response. Often, a hybrid response is appropriate.
Restricting access to the SCADA systems is one way to directly control security, but it is not always the most effective or practical. This is where smart network design becomes crucial. Firewalls are necessary on all gateways.
Mobility also plays a role in designing effective, secure networks. A VPN can help enable remote access, and data can be encrypted. Application security is an additional avenue for protecting your SCADA network, while user logs provide a tracking and monitoring tool.
Lastly, intrusion detection practices, systems and services help monitor network activity. Through the use of machine learning, these applications monitor logs and alert administrators of potential breaches.
A central source for guidelines
In addition to specific tactics, organizations can find assistance and resources from the Department of Homeland Security. The Cyber Security Evaluation Tool (CSET) from the Department of Homeland Security helps to raise awareness about cybersecurity and contributes to risk management.
Some believe that focusing on a legal or regulatory framework for SCADA-specific security may be in order. Often, risk management merely results in a business-led exercise of talking around threats, which might not produce the best results when critical operations such as those in utility companies are at risk.
CSET functions as a knowledge base and an assessment tool aimed at risk management for various industries. As a government organization, the DHS has a vested interest in ensuring that SCADA organizations have secure facilities.
With best practices, assessment-based recommendations and broad acceptance, CSET is an indispensable cybersecurity tool.
SCADA systems are important ways in which operational technology can benefit business. Evolving practices make connectivity a business necessity. This can invite numerous risks from bad actors seeking to cause financial or other damage to these organizations.
With several controls, tools and use of CSET assessments, these systems can cautiously evolve along with technology.