The basis for all work with information security, for all companies, is a continuous and systematic approach. If implemented correctly, it identifies several different security functions. But which measures are the most important for achieving security in SCADA systems?
Historically, OT systems such as SCADA systems have been completely disconnected from the outside world. With digitalisation, the need to connect OT systems to IT systems has increased. This integration is a significant challenge from a security point of view as there is a risk that someone illegally will affect or change the system. This must never happen as many OT systems perform tasks critical for society.
New directives such as the NIS directive and the Swedish Protective Security Act also place new and higher demands on companies in critical infrastructure regarding information security. So, how can you achieve security in your SCADA systems?
How to achieve security in SCADA systems – 10 necessary measures
The basis for all work with information security, for all companies, is a continuous and systematic approach. If implemented correctly, it results in a number of different security functions being identified.
Our guide "10 measures for SCADA security" compiles the various security functions with which you commonly need to work.
1. Malware protection
The best protection against malware is found in antivirus software with features such as automatic updating, malware removal, browser security and detection of all types of infection.
Segmentation means that the systems are divided into different security zones. It can be done since all systems do not need the same level of protection. Giving all information the highest level of protection is neither practical nor economically defensible.
3. Monitoring & logging
Operational monitoring supervises the business's IT systems, primarily in terms of availability. Logging means that a file (usually a plain text file) stores information about an event with the time and the involved resources.
4. Identity & access control
Inappropriate permissions and old user accounts entail an increased risk of fraud and unauthorised access to sensitive information. Proper management of permissions reduce these risks, improve the user experience (shorter lead times for permissions orders) and reduce costs (for instance for licenses, help desks and administration).
5. Intrusion detection
Intrusion detection identifies illegal activity in networks and systems. The system analyses information from various sources to identify possible security breaches.
Encryption makes information impossible to read for anybody who is not approved. Decryption is required to make the information readable.
Hardening a computer ensures that only the user permissions that need to be on a given computer are there; all others are removed. You delete or deactivate functions in the computer that are not needed with the purpose of minimising the number of potential attack vectors. You also ensure that the system is updated/patched.
8. Software updates
Make sure to do the periodical security updates on computers and phones.
9. Secure remote access
Use RDP and protect the jump server with an explicit security solution for secure remote access.
10. Physical security
It does not matter if you protect your IT system "logically" with access control, segmentation, hardening, etc. if you allow free physical access to the systems or the process that the systems are intended to control.
See our guide at the top of the page to read more about each point!
Please note that besides the above, you also need to look into things such as trained security-conscious personnel, clear division of responsibilities, operational control, instructions and routines.
If you feel insecure how to proceed with any of the measures in our guide, please feel free to contact us at Advenica. We have extensive experience of information security in critical information and can offer advice, expertise, products and services that solve your challenges.