Industrial businesses often have shortcomings where it concerns the management of one’s organizational assets. While companies continue to define availability of production as vital, they often lack the broad cybersecurity knowledge required, nor do they have extensive security controls in place. It is impossible to properly secure an organization without proper oversight of the factory’s assets. The airgap between IT and ICS/OT is closing, and organizations need to protect themselves by rethinking their security controls. However, the continued focus on efficiency and cost management often creates blind spots for organizations, leading them to completely overlook the business enabling role cybersecurity has. On February 12th 2020, this was one of the central topics discussed at the Nixu ICS event held at The Hague Security Delta in the Netherlands.
The event, co-hosted by event partners Nixu, ColorTokens, TMC, Nozomi Networks, and The Cyber Partners was primarily aimed at sharing knowledge on OT Security. The Cyber Partners’ Bert Heitink, who kicked off the event, immediately highlighted the importance of having an approach in place towards the ever-changing environment of OT and the IT systems. Closing the gap between the two can work in any organization’s favor – ‘All we need to do is see the bigger picture. Following a simple and practical approach is already of significant assistance.’
Gert Eising and Haydar Al Sawad, representatives of event partner TMC followed up with a presentation on the differences between ICS/ OT architecture in theory – and their findings in practice. ‘Ultimately, we are in a constant balancing act between required safety, availability and acceptable risk when it comes to ICS/OT security’.
After a mid-afternoon break with demo’s co-hosted by event partner ColorTokens, Nixu’s Jordan Schonagen took the floor with an in-depth (and humorous) presentation on the IT and OT monitoring business landscapes. He elaborated on the IT/OT capable SOC and highlighted best practices as well as commonly made mistakes.
Nixu Benelux’ CDC Lead, Suzanne Rijnbergen, tied-in a story on present day Threat Intel and Incident Response. Rijnbergen fiercely reiterated the importance of continuously testing knowledge, and where this knowledge is commonly lacking. ‘It is extremely important to constantly manage one’s assets, test and exercise incident response and recovery’, she said.
The day was concluded with a presentation by Deloitte’s Danilo Verhaert on the ICS Alliance Project, the one to watch ICS joint initiative of 2020 by The Dutch ministry of economic affairs, the NCSC, the Hoogheemraadschap Hollands Noorderkwartier, ASML, Siemens, Deloitte, VNG and Nixu, aimed at increasing awareness and providing maturity-level based building blocks to organizations to improve their ICS resilience and teach them how to digitally protect themselves. ‘It is the alliance’s aim to develop these building blocks to be as practical as possible and to utilize an internationally recognized framework to develop them’, Verhaert said. More on the ICS Alliance project will be announced in the second quarter of 2020.
All in all – the successful event re-emphasized the need for cybersecurity to be an essential element in defining or executing a new technology and innovation roadmap or using existing ICS technology for organizations operating within the industrial economy. Where organizations embrace digitalization, vendors strengthen their support contracts with for example the use of remote access, where new ways of intelligent working are introduced, or where Internet of Things, smart sensors and other kinds of technologies are applied: this should always be done with cybersecurity expertise in mind.
Want to keep track of what's happening in cybersecurity? Sign up for the Nixu Newsletter.