One of the best parts of the Belden Industrial Ethernet Infrastructure Design Seminar, held last week in Chicago, was the lively presentation given by two of Belden and Tripwire’s top experts on industrial cybersecurity:

  • David Meltzer, Chief Research Officer of Tripwire
  • Jeff Caldwell, Chief Architect-Security at Belden

If you are not familiar with Tripwire, the company provides advanced threat, security and compliance solutions for more than 9,000 organizations, including nine of the top 10 utilities in the U.S. Tripwire was acquired by Belden earlier this year and is an important part of our increased focus on network security solutions.

In their Design Seminar presentation David and Jeff spoke about the nature of cybersecurity incidents occurring in industrial networks today. They went on to discuss a 1-2-3 approach to securing industrial networks. Find out about this approach and how Belden and Tripwire products contribute to it.

ICS-Security-Belden-TripwireDavid Meltzer of Tripwire (on the left) and Jeff Caldwell of Belden (on the right) discuss ICS Security at the 2015 Belden Design Seminar.

Most Industrial Cyber Incidents are Unintentional 

The vast majority of cyber incidents on industrial networks are unintentional, resulting from:

  • Human error, for example device configuration errors
  • Software or device flaws, such as legacy equipment that fails when overloaded with multicast traffic
  • The accidental introduction of malware, for example via a USB stick or a vendor laptop

An example of this type of incident was the manual shutdown of the Browns Ferry Nuclear Power Plant in 2006. Redundant drives controlling the recirculating water system failed due to “excessive traffic” on the control network. Network traffic between two different vendors’ control products was the likely cause. The facility remained offline for 2 days, and $600K of revenue was lost.

While only about 20% of incidents are intentional, those from external hackers have become more and more sophisticated. ICS-CERT estimates that 55% of such ICS attacks come from Advanced Persistent Threats (APTs). APTs are carefully crafted attacks against a focused target that are designed to be effective over an extended period of time. Classic examples of such attacks on industrial systems are Stuxnet, Flame and the Dragonfly malware campaign.


Belden’s 1-2-3 Approach to Industrial Cybersecurity

In order to protect availability, Belden has developed a 1-2-3 approach to industrial cybersecurity:    

ICS-Security-Belden-1-2-3-ApproachTo protect against both unintentional and intentional threats to ICS security, Belden has developed a 1-2-3- approach.

At a high-level our portfolio of industrial networking solutions contributes to these three levels of protection as follows:

Industrial-Cybersecurity-Protection-AreasAll together Belden and Tripwire’s solutions are being engineered to work together to deliver the “Belden Safe Network Architecture.”

David and Jeff’s talk also hinted at new Belden/Tripwire cybersecurity solutions to come – and I for one am really looking forward to learning about them. Stay tuned…..

Where are you in implementing cybersecurity measures? What are your challenges? I look forward to hearing from you?

Related Links

Blog: What Advanced Persistent Threats (APTs) Can Teach the ICS and SCADA Security Practitioner – Part 1
Blog: Industrial Ethernet Switches Enhance Cyber Security at No Cost

Webpage: Cyber Security Solutions by Belden
Webpage: Security Capabilities
Webpage: Managed Industrial Ethernet Switches
Webpage: Tripwire Enterprise
Webpage: Tripwire NERC Solution Site
Webpage: Tripwire Configuration Compliance Manager
Webpage: Tripwire Log Center
Webpage: Tripwire Vulnerability Management

Download out "Cyber Security For Dummies" White paper