U

Start » Why is cyber security important in critical infrastructure?

Why is cyber security important in critical infrastructure?

 

Critical infrastructure operations are vital to our society as they provide essential services such as electricity, telecommunication, transport, water etc. Therefore, dedicated work with consistent cyber security measures in this sector is of great importance.

Critical infrastructure operations are vital to our society as they provide essential services such as electricity, telecommunications, transport, water etc. These services we cannot be without or at least a disruption would make life difficult and even affect our national security. Therefore, dedicated work on consistent cyber security measures in this sector is not only interesting for the businesses as such – but also a matter of national interest.

 

Cyber security in critical infrastructure

Critical infrastructure, such as electricity distribution, water supply, transport and telecommunications, relies on IT systems for control, monitoring and operation. Industrial control systems such as ICS (Industrial Control System) or SCADA (Supervisory Control And Data Acquisition) are therefore crucial for our modern society to function. These functions can be collection, processing and storage of log messages, management of devices on IP networks, invoicing in real time, etc.

Managing support remotely means lower costs and improves efficiency. But it also leaves the business more open to information leaks and cyber attacks, which can have devastating effects. The question is how to protect information in operations within critical infrastructure? How do you protect your business from threats, while remaining efficient and able to continue to guarantee uptime?

Listen to our webinar to learn more about the threats to critical infrastructure!

Regulations for actors within critical infrastructure

There are regulations for actors within critical infrastructure. To raise the cybersecurity of critical infrastructure in general, strict segmentation of industrial control utility systems (ICS/SCADA) must be applied, combining logical separation with physical separation. This means that you should keep separate domains in the architecture isolated and only allow very specific information to flow between them. An effective way to achieve this is by using products that replace manual handling of information and connect OT to IT systems at the highest level of security.Protective security means preventative measures to protect Sweden’s security against espionage, sabotage, terrorist crimes and other crimes. The technological development in recent years means that we need to broaden the concept of security. In addition, public sector organisations and private companies should now also be included within the framework of protective security.

NIS Directive

There are directives that actors within critical infrastructure must follow. One example is the NIS directive, which aims to speed up measures and raise the EU member states’ level of protection in relation to critical infrastructure. In other words, the directive increases information security in sectors that provide services for our society and economy. This also means that actors within critical infrastructure must act to meet these security requirements.

Something you can ask yourself when starting work on complying with the NIS directive is which parts are central to the business. This of course depends on the organization in question. The stark reality is that no one has the ability to protect all parts. Assets, threats, risks and risk appetite must therefore be carefully weighed against each other in order to find a reasonable balance and effective measures. It can also be good to think about which parts are most vulnerable to cyber attacks. Generally, data transfer over networks or communication between security domains is most vulnerable. Segmentation and secure data transmission are therefore often crucial for reliable operation.

 

You should also ask yourself which information is most worth protecting – and whether you protect it well enough. The answer lies in the analysis of your assets, threats, risks and risk appetite. By understanding a potential attacker’s capabilities and resources, you get a picture of how an effective defense must be designed. What level of risk is reasonable? Start from the consequences. What can the business not afford to lose? What absolutely cannot go wrong? 

In Sweden , the law on information security prevails for suppliers of socially important and digital services. The law is Sweden’s way of adopting the NIS directive. In these regulations there are a number of points that clarify how you can adapt your business:

Systematic and risk-based information security work

The information security work carried out regarding information management in networks and information systems used for socially important services must take place with the support of the standards SS-EN ISO/IEC 27001:2017 and SS-EN ISO/IEC 27002:2017, but must also be adapted to the organization. Once the risks that exist have been identified, the organization’s responsibility for the work with information security must be made clear, ensure that all resources are available to be able to carry out the work, and ensure that the work is adapted and evaluated.

More detailed requirements for information security work

The goal of the organization’s work with information security must be stated in a policy. You must also have a documented working method for, for example, classifying information, analyzing risks and taking reasonable security measures. It is also important to train the employees and make sure they understand how the work should be done and what their role is.

Especially about networks and information systems

Of course, it is of great importance that the networks and information systems used for socially important services meet the requirements for information security. You must also have solid incident management for the information in these systems and a plan for how the incidents should be handled and how the business should proceed after an incident.

The Security Protection Act

In order to strengthen security protection, the government proposed a new security protection law in 2018. The new law, the Security Protection Act(2018:585) contains requirements for measures aimed at protecting information that is of importance to Sweden’s security or that must be protected according to an international commitment on security protection. The protection of other security-sensitive activities, such as information systems of societal importance, is also strengthened. The Security Protection Act will apply to activities that are run under both public and private auspices, and affected actors can seek support and advice from the Security Police and the Armed Forces and other supervisory authorities. What is new is that businesses with data worthy of protection are covered, without them having been officially classified as secret. It could, for example, be about critical infrastructure and their systems for operation, as these constitute a potential vulnerability.

 

Which regulations apply to you?

The Security Protection Act applies to the protection of activities or information that may be of importance to Sweden’s security. The NIS directive sets requirements linked to the networks and information systems that a business depends on to deliver socially important or digital services. The same network and information system may be covered by the Security Protection Act, which may also cover other types of activity. Many organizations can thus be affected by both regulations, but the parts covered by security protection are exempt from the NIS directive.

How to protect information in critical infrastructure

Datadiode

Data diodes are a very effective way to protect your sensitive systems and information. The diodes only allow data to pass in one direction. They protect sensitive infrastructure that can thus be kept running, even under difficult conditions.

 

Data diodes are hardware products, also called “unidirectional security gateways”, which are installed between two networks. They guarantee a simplified but secure one-way transfer of data in real time, protecting the integrity/correctness or confidentiality of the connected system. The data diode disconnects the critical part of your infrastructure from other networks while maintaining important information flows. No unauthorized people or processes can interfere with your systems either. In addition, they offer greater efficiency compared to conventional firewalls because it cannot be configured to transmit data in the wrong direction. They also do not contain any software that is susceptible to malicious code and thus can override security. The configuration is less complex, which minimizes the risk of human error.

 

Security gateways

In critical infrastructure, all connections to and from the ICS/SCADA network must be secured so that the segmentation between OT and IT cannot be attacked. For example, wind farms depend on the wind to generate energy and these energy facilities need accurate forecasts from authorities such as SMHI to optimize production. Reliable one-day-ahead forecasts are needed by grid operators to start up secondary power sources such as coal, nuclear or gas plants at low wind speeds. If, for example, this data is manipulated, it can have disastrous consequences in the long run.

What is needed is a security gateway. Advenica’s ZoneGuard technology is the fail-safe way to protect your sensitive systems. The solution allows only approved information to pass. This makes it difficult for malicious code or destructive data to infect systems and no data leakage or data manipulation can occur. ZoneGuard enables structured information to pass through the system, securing production, even under difficult conditions. ZoneGuards are bidirectional security gateways that are installed between two networks. ZoneGuard disconnects the critical part of your infrastructure from other networks while maintaining access to the critical information it needs for its functions to function optimally.

 

Hur man skyddar information inom kritisk infrastruktur

Datadioder

Datadioder är ett mycket effektivt sätt att skydda dina känsliga system och din information på. Dioderna tillåter endast data att passera i en riktning. De skyddar känslig infrastruktur som på så sätt kan hållas igång, även under svåra förhållanden.

Datadioder är hårdvaruprodukter, även kallade “unidirectional security gateways”, som installeras mellan två nätverk. De garanterar en förenklad men säker enkelriktad överföring av data i realtid, vilket skyddar det anslutna systemets integritet/riktighet eller konfidentialitet. Datadioden kopplar bort den kritiska delen av din infrastruktur från andra nätverk samtidigt som viktiga informationsflöden bibehålls. Inga obehöriga personer eller processer kan heller störa dina system. Dessutom erbjuder de större effektivitet jämfört med konventionella brandväggar eftersom den omöjligen kan konfigureras att överföra data åt fel håll. De innehåller heller ingen mjukvara som är mottaglig för skadlig kod och som på så sätt kan åsidosätta säkerheten. Konfigurationen är mindre komplex, vilket minimerar risken för mänskliga fel.

 

Security gateways

I kritisk infrastruktur måste alla anslutningar till och från ICS/SCADA-nätverket säkras så att segmenteringen mellan OT och IT inte kan attackeras. Till exempel är vindkraftsparker beroende av vinden för att generera energi och dessa energianläggningar behöver korrekta prognoser från myndigheter som SMHI för att optimera produktionen. Tillförlitliga prognoser för en dag framåt behövs av elnätsoperatörer för att starta upp sekundära kraftkällor som kol-, kärnkrafts- eller gasanläggningar vid låga vindhastigheter. Om till exempel dessa uppgifter manipuleras kan det i förlängningen få katastrofala konsekvenser.

Det som behövs är en security gateway. Advenicas ZoneGuard-teknik är det felsäkra sättet att skydda dina känsliga system. Lösningen tillåter endast godkänd information att passera. Detta försvårar för skadlig kod eller destruktiv data att smitta system och inget dataläckage eller datamanipulation kan inträffa. ZoneGuard gör det möjligt för strukturerad information att passera genom systemet, vilket säkrar produktionen, även under svåra förhållanden. ZoneGuards är dubbelriktade security gateways som installeras mellan två nätverk. ZoneGuard kopplar bort den kritiska delen av din infrastruktur från andra nätverk samtidigt som den bibehåller åtkomst till den kritiska information den behöver för att dess funktioner ska fungera på ett optimalt sätt.

Contact us

Do you have a question or want to know more about our products? Here you will find all you need to get in touch with  Advenica!

Explore more

Within our Learning Center, you will discover everything you require in relation to cybersecurity knowledge. Delve into articles, blog posts, and a plethora of resources available in our Learning Center.

[guides_post_pdf]