Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industry
Manufacturers have an essential role with regards improving the cybersecurity in their devices. These improvements will not only affect the devices, but rather they will also involve an improvement in the cybersecurity of industrial infrastructure where the new security provisions and functions that have the manufacturers' automation and control solutions (e.g. SCADA, PLC, etc.) are introduced.
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.
In recent years, indicators of compromise have become the best way of exchanging information when it comes to managing an incident. But, do we really know how to manage an indicator of compromise? The aim of an indicator of compromise is to map the information that is received or extracted during the analysis of an incident. This is done in such a way that it can be reused by other investigators or affected people, in order to discover the same evidence in their systems and to be able to determine if they have been compromised or not.
The constant pressure from operating costs and the halt in investments due to the crisis have made it so industrial systems have had to improve the administration of their assets in order to lower product prices, thus recurring to IT solutions. The result is that industry is changing in the way its processes are managed and operated in order to integrate them in business.
The Internet of Things (IoT) has started to become part of daily life in society: intelligent homes, intelligent education, intelligent healthcare, wearable devices, the Internet of Vehicles (IoV) and other industries make great use of this technology, with it playing a key role in the digital transformation and the hyper-connection of their elements.
Tomando en consideración las amenazas y los riesgos detallados anteriormente queda de manifiesto la necesidad de desarrollar acciones o modelos de protección para mitigar las vulnerabilidades que surgen del tratamiento de los datos de los usuarios así como prácticas de seguridad en la funcionalidad y el despliegue de tecnologías IoT.
The industry is increasingly calling for experts in security, and the business world is not capable of meeting that demand due to the lack of trained professionals. This is not a problem that solely affects Spain; it also affects the whole of Europe and the U.S.A. But, what is it that is asked of industrial security experts?
The architecture of our industrial control systems is not as static as it was some years ago. The adapting of new standards, or simply trying to improve the security of our industrial networks, creates the need to introduce one or various firewalls within our network. Thinking about having to change a network's architecture, the IP of our devices, tests, etc. when introducing a new firewall often leads to the bad decision to not install it. But, do we know about transparent firewalls and how they can be installed with almost no impact in our network? These solutions have advanced a lot in the industry and may be a true plus to our security.