Industrial cybersecurity is a unique animal. It brings together safety principles from the OT environment and security principles from the IT environment to protect your plant’s assets (PLCs, equipment, etc.), as well as processes, networks and data. Without cybersecurity, industrial settings are vulnerable to cyber threats on a daily basis.
But what makes industrial-grade cybersecurity different? Although the primary purpose of an enterprise cyber event is often to gain access to confidential information — whether personal or financial — the intent behind industrial cyber-attacks frequently leans toward operational disruption or physical destruction. This can result in decreased production, loss of control or damaged equipment—which ultimately leads to lost revenue, quality impacts, downed production lines and safety risks for employees.
The goal of cyber-related attacks isn’t the only difference between enterprise and industrial environments when it comes to cybersecurity. The solutions designed to protect these environments are different, too.
For many reasons, the cybersecurity solutions meant to defend enterprises against data breaches and cyberattacks don’t do well in harsh industrial plants.
The hardware supporting traditional cybersecurity solutions are meant to perform in clean, quiet, climate-controlled spaces; they have a hard time functioning in the industrial world. Unpredictable and extreme environmental factors can cause hardware failure if products aren’t built to withstand this volatility—and, if the underlying hardware of these products fail, they can’t fulfill their promise of keeping your assets, processes, networks and data safe.
In the industrial world, hardware components are subjected to many elements that aren’t present in office-like environments:
- Temperature extremes and fluctuations
- Grease, oil and chemicals
- Dust and dirt
- Water and moisture
Although these elements are rarely encountered in corporate data centers, they’re commonly found in many areas within an industrial plant.
Industrial Cybersecurity Components: Built to Endure
Think about the components you use to protect your home. If your property perimeter is lined with a fence, for example, it’s probably made of a material that withstands sunlight and UV rays, snow, rain, wind and impact (like your 170-pound St. Bernard).
Why don’t you construct your fence out of paper? Or string? Or straws? The answer is obvious, isn’t it? Because the fence wouldn’t last very long – or serve its purpose very well.
The same concept applies in cybersecurity hardware: Solutions made from materials that perform well in office environments aren’t designed to handle industrial demands. They don’t last very long in these harsh conditions or serve their purpose very well.
So how can you be sure to select cybersecurity products that won’t give out on you? Ask yourself the following questions to make sure you choose products that can endure brutal industrial conditions.
Will the System Work in Extreme Temperatures?Consider where the product will be placed and the average temperature of that space. Offices typically offer steady temperatures without bouts of extreme heat or cold. But many plants operate with temperatures as low as -40°F and as high as 158°F.
If a cybersecurity solution is going to be deployed in an environment with high or low temperatures, then it needs to be designed to survive—and thrive—in those conditions for the long term.
Are Dust and Dirt Present?Dust and dirt accumulation are an inherent product of most industrial processes. Dust and dirt can clog equipment, airways and fans, leading to overheating and failure. If your cybersecurity products will be exposed to debris like this, it’s vital that they’re rated to withstand these factors.
For example, products with an IP67 rating will protect against intrusion, dust and water. In other words: They’ll keep dirt and dust out to prevent performance problems.
Will the Product Come into Contact with Moisture or Water?In food and beverage, water/wastewater and oil, gas and chemical plants, there may be a great deal of water, moisture or liquid present. Most cybersecurity products aren’t designed to function in damp environments.
Because of this, you need products that will stand up to these conditions—meaning they’ll continue to work even if they get wet. IP ratings, mentioned above, apply here as well: Products with an IP67 rating can be completely submerged in 1 m of water for more than 30 minutes before any performance issues occur.
Does Nearby Equipment Generate Noise and Vibration?When it comes to noise range, an average office is around 40 dB; industrial plants, however, are closer to 120 dB when heavy machinery is used. Machines that cut, drill, drive and move inherently create noise and vibration—and finding an industrial environment that doesn’t pose these challenges is nearly impossible.
Noise and vibration can loosen connections, disturb electrical signals and cause unnecessary wear and tear. But there’s good news: Cybersecurity products with built-in technology to protect against the impacts of noise and vibration are available, along with connections that prevent jarring or disconnection.
Belden’s industrial cybersecurity solutions are built to last in harsh extremes. They aren’t negatively impacted by dust, moisture, temperature fluctuations or noise and vibration—which means they’ll continue to work despite what goes on within your plant. With Belden industrial cybersecurity solutions, not only are you defending against cyberattacks, but also alleviating fear of downtime or lost revenue as a result of a security failure.
Gary DiFazio is the Strategic Marketing Director for Industry Cybersecurity at Tripwire. He has been in the technology space for over 26 years, spanning experience with systems, applications, networking, and cybersecurity through a number of industry verticals including telecommunications, manufacturing, retail, federal government, financial services, electric utilities, and logistics/distribution. Gary comes to the Belden family through the acquisition of Tripwire. After Belden acquired Tripwire in January 2015, Gary was part of the team to help drive Industrial cybersecurity solutions to both Tripwire customers and Belden Industrial Networking customers. Gary holds a bachelor of science in Industrial Engineering from Clemson University.