The NIS directive and, in some countries, stricter national security legislation impose new, higher requirements on companies within critical infrastructure in terms of information security. Secure IT/OT integration is one of the areas that is a challenge for these companies. How to ensure information security while maintaining the accessibility and integrity of the systems?
ICS and SCADA – systems with important information
Operational Technology (OT) is a concept that includes all the subsystems that are needed to control and monitor a physical process, such as a power plant. OT usually consists of programmable control systems (PLCs), measurement data collection and control systems. ICS (Industrial and Control Systems) and SCADA (Supervisory and Control Data Acquisition) are terms used for such systems.
The digitalisation becomes a security challenge
Historically, OT systems have often been completely disconnected from the outside world. In pace with the digitalisation of the society, the need to connect OT systems with IT systems has increased. This integration is a major challenge from a safety point of view as there is a risk that someone will affect or change the system. Since the information in ICS and SCADA systems is extremely important for the company that uses the system, sometimes even important for the whole society, it is most important that such influence cannot take place.
Secure integration of IT and OT– this is how to do it
In order to upgrade the security to meet the new stricter requirements and at the same time maintain the access to digital information, solutions are needed that can separate and control data flows.
To safeguard ICS and SCADA systems, segmentation must be applied with high assurance solutions to guard the physical isolation yet enable completely secure communication. With this in place, logging security data is the next priority. By monitoring logins, failed login attempts, transactions, USB usage etc, effective preventive measures can be mapped out and damage control can be taken without delay. To ensure integrity and security, military-graded solutions are required.
In short, the following solutions are needed:
- Physical separation of IT and OT using zoning
- Use data diodes in the zone border for outbound data flows from OT
- Information whitelisting in the zone border
Advenica has extensive experience of solutions where networks can be physically isolated at the same time as information can be securely connected. Solutions that enable the digitalisation to be accelerated without jeopardising the accessibility and integrity of the OT systems.
If you are interested in knowing more about secure IT/OT integration, you can read our solution description “Secure IT/OT integration”.
Also read our customer case “Cyber security in critical infrastructure – a matter of national interest and business value” – a case that describes how a large energy company secures its operation with solutions from Advenica.
Do you also need help with information security? Welcome to contact us!