Those responsible for the operation and safety of manufacturing facilities are inundated with questions and concerns regarding the security of these assets from board members, executives, auditors, and others. Reports and studies have been released stating that the threat to critical infrastructure is ever increasing, while the ability to identify experienced industrial control system/distributed control system (ICS/DCS) cybersecurity personnel grows more and more difficult.
It is no longer acceptable to think “my facilities are not a target” and not to implement controls that provide continuous protection. Therefore, implementing an effective industrial cybersecurity program has become standard business practice. However, doing this in a cost-effective manner against competing priorities is a significant challenge.
Instead of leaving wide open security gaps amidst skills shortages, and knowing there is more security work than current teams can support, we see ICS/DCS leaders turning to leveraged, specialized skillsets and the latest advancements in secure remote access, to further their industrial cybersecurity. By developing an intelligent outsourced cybersecurity model, industrial operators can scale to meet the increased threat that is today’s reality.
Such intelligent modeling includes identifying skillsets that are far deeper and richer than what is possible in-house, ensuring automation to improve shared information efficiency, and of course, accessing experienced teams that can help grow the internal team by providing new perspectives, data, and work completion.
In the petrochemical industry specifically, beyond baseline security, there are added layers of security requirements focused on upholding operational availability, and this is especially true for companies delivering services that drive national economies.
One such company is the Binh Son Refining and Petrochemical Company Limited (BSR). Like many such operators, BSR needed more visibility from specialized cybersecurity resources in order to communicate with their own staff, share updates with board members, and learn through knowledge transfer. The current state for many operators today when it comes to visibility is an inefficient, haphazard set of activities that must be scheduled to fit within tight operational schedules, amidst many other priorities.
Reporting data emphasizes maintenance data more than threat prevention, and what reports are developed tend to have inconsistent data, and are not always shared readily throughout the organization. As a result, if and when a threat appears, few notice it, and fewer still understand how to act on it.
In the case of BSR, recent changes in their threat landscape, from industrial espionage to terrorism, prompted a refresh to their defenses in 2016. BSR added elements such as remote engineering support, automated security updates, and policy compliance checking to streamline security operations. For many, unfortunately, it takes a breach or security incident to expedite investing in these cybersecurity efficiencies.
Fortunately for others, they properly perform risk assessments or threat landscape reviews that provide the data needed to justify defense improvements. Those like BSR, who proactively plan and then augment staff with industrial cybersecurity experts, rapidly improve their defenses.
Keeping an eye on its fast-paced business growth and the need to support national initiatives, BSR recognized the need for a managed security services approach to manage the various aspects of their process control network protection needs. Since they already knew Honeywell personnel and had a positive track record together, it was an obvious choice to tap the same provider for ongoing industrial cybersecurity management.
For BSR, they also needed an approach that could meet the requirements that many operators share, including continuous security monitoring, safe understanding of operational technologies, and application of global industrial cybersecurity standards. On their own, this would require finding and hiring new types of talent, figuring out how to apply standards to their unique environments, and training personnel on how their varied systems communicate and interoperate, to ensure any cybersecurity monitoring would not interfere with operations.
By outsourcing this work to Honeywell, BSR’s cybersecurity challenges are readily resolved, and they continue to make progress toward their goal of advancing industrial cybersecurity measures relative to industry peers around the world. Instead of gaps remaining open, or a lack of understanding across the organization regarding the moment-by-moment security status, they can simply open their interactive dashboards to view data. Alerts are triggered by experts as part of the Cyber Vantage Managed Security Services contract, and the more the teams work together, the more routine and efficient it becomes to follow up on related mitigation work.
If you find your company is in a situation where current staffing and workloads are not aligned, consider how a managed service model could streamline and simplify operations. The same efficiencies gained will positively impact your cybersecurity maturity, moving you toward a more proactive, situationally-aware security posture.
You may also find a surprising uplift in team efficiency, as workloads are shifted and completed consistently, and the team is exposed to current cybersecurity methods and best practices. Overall, the expertise, consistency, and information delivered by managed services can take the broad set of security work and ensure core elements are professionally handled.