Cybersecurity Threats | Facility Subnet Equipment
Many people are surprised to hear that APT is in the CyberSecurity business. It certainly wasn’t our plan. But, after helping dozens of customers upgrade their servers, operating systems, databases, switches, gateways, and metering devices. We realized the common issues facing cybersecurity threats were obsolete products, firmware, and software.
Recently, APT upgraded firmware in hundreds of brand new PM 8000 meters recently sold( due to manufacturer-issued CyberSecurity vulnerability notice). This alerted both the customers and APT to the problem but unfortunately did not provide a solution. APT worked with our customers to prioritize a list of their affected equipment. We train their people to upgrade firmware properly, and in many cases perform the firmware upgrades on the customer’s behalf.
This problem isn’t going away – in fact, it is bigger than ever.
3 Ways to Reduce Cybersecurity Threats
1. Communications Between Operations and IT
The first and most vital tool to harden controls networks is communication (not simplex communication but full-fledged teamwork). Everyone has a vested interest in doing a good job and keeping their environment safe. The problem resides in people from two different worlds trying to bridge the gap between them.
Building controls engineers and technicians understand the devices and applications that allow them to control a system or building. They focus on maintaining that system or building, avoiding out-of-spec or downtime conditions.
Corporate Information Technology (IT) professionals focus on the corporate assets (servers/switches/wireless access points/laptops) deployed and maintain for the corporation to run their business. Moreover, rarely do they have the bandwidth to inventory and verify equipment connected to the facility’s corporate network. Instead, they trust that the operations team will handle that responsibility.
This gap between operations and IT is where APT can help.
The facility’s specialty systems rely on a cooperate network for communication and data collection. As well as, security access card readers, closed-circuit television cameras, fire and life safety alarm systems, HVAC instruments, and power monitoring devices. Our experience with these devices and systems can help you get a leg up on finding the vulnerabilities and prioritizing what problems to solve first.
Don’t become a vulnerable access point for bad actors. These groups need to collaborate to close the gap between them in order to ensure secure system and device installations. Nobody wants to be in the news for that reason.
2. Regular Security Audits by Operations
Regular security audits are the second most important tool in your toolbox to protect your network and are often the least expensive to implement. Yet most operations teams believe audits to be the corporate IT department’s responsibility. Nothing could be farther from the truth – if you installed it and operate it on the network – YOU OWN IT.
Meanwhile, operations teams just like the corporate IT department often don’t have the personnel or expertise to even begin auditing their systems.
An audit’s effectiveness depends on detailed preparation. Performing a careful review of the current threat environment is crucial in identifying the latest vulnerabilities. Additionally, a mechanism for detecting these vulnerabilities must be devised.
Subsequently, these checks then integrate with existing assessments to complete an audit plan. When these audits reveal issues, taking swift remedial action is necessary to ensure they will not reoccur.
3. Review New Devices and Software
The third tool for protecting your network is a thorough review of all new devices and software to be allowed in your environment BEFORE deployment. This process includes a formal review and approval to introduce new devices or software. For instance, this ensures you aren’t inviting a trojan horse in. Typically this is required by corporate IT departments but often bypassed for the operations equipment and software.
Modern smart devices are more capable, often running a real operating system such as Linux. In essence, desktops now are a fully capable computing resource (leaving them just as vulnerable). Moreover, these devices are a valuable part of your control network and should be assessed for potential cybersecurity threats.
Furthermore, this can be as simple as adding a section to your specifications for capital projects, requiring vendor submittal documentation for new software, firmware, and hardware connecting to your network. APT’s 25 years of experience closing the gap between operations and IT can help you get it right the first time.
APT Can Help
APT is uniquely positioned to help companies bridge the gap between the corporate IT department’s responsibility and the operations team’s equipment. Implementing the first three steps will get you off to a great start.
Don’t stop there. Contact APT to start closing the gap today. Let us make your network a safer and more secure environment. Don’t end up in the news for the wrong reasons.
Rick Deming, Systems Engineer APT