One of the best parts of the Belden Industrial Ethernet Infrastructure Design Seminar, held last week in Chicago, was the lively presentation given by two of Belden and Tripwire’s top experts on industrial cybersecurity:
If you are not familiar with Tripwire, the company provides advanced threat, security and compliance solutions for more than 9,000 organizations, including nine of the top 10 utilities in the U.S. Tripwire was acquired by Belden earlier this year and is an important part of our increased focus on network security solutions.In their Design Seminar presentation David and Jeff spoke about the nature of cybersecurity incidents occurring in industrial networks today. They went on to discuss a 1-2-3 approach to securing industrial networks. Find out about this approach and how Belden and Tripwire products contribute to it.
David Meltzer of Tripwire (on the left) and Jeff Caldwell of Belden (on the right) discuss ICS Security at the 2015 Belden Design Seminar.
The vast majority of cyber incidents on industrial networks are unintentional, resulting from:
An example of this type of incident was the manual shutdown of the Browns Ferry Nuclear Power Plant in 2006. Redundant drives controlling the recirculating water system failed due to “excessive traffic” on the control network. Network traffic between two different vendors’ control products was the likely cause. The facility remained offline for 2 days, and $600K of revenue was lost.While only about 20% of incidents are intentional, those from external hackers have become more and more sophisticated. ICS-CERT estimates that 55% of such ICS attacks come from Advanced Persistent Threats (APTs). APTs are carefully crafted attacks against a focused target that are designed to be effective over an extended period of time. Classic examples of such attacks on industrial systems are Stuxnet, Flame and the Dragonfly malware campaign.
In order to protect availability, Belden has developed a 1-2-3 approach to industrial cybersecurity:
To protect against both unintentional and intentional threats to ICS security, Belden has developed a 1-2-3- approach.
At a high-level our portfolio of industrial networking solutions contributes to these three levels of protection as follows:
David and Jeff’s talk also hinted at new Belden/Tripwire cybersecurity solutions to come – and I for one am really looking forward to learning about them. Stay tuned…..
Where are you in implementing cybersecurity measures? What are your challenges? I look forward to hearing from you?