On average, 89 vendors are accessing a company’s network each week. This means the opportunities for cyberattacks against vulnerable and under-protected systems, such as industrial controls, become increasingly higher. William Culbert, Bomgar’s Director of Solutions Engineering in EMEA, explains why in his most recent Huffington Post article, “Putting Industrial Control System Operators in the Security Driving Seat.”
In the article, Culbert describes that because industrial controls manage critical infrastructure, the potential disruption and resulting consequences from any issue to these systems can have a substantial effect to national infrastructure.
How does this particular threat develop? It can result from the emergence of IoT solutions that may be unsecured, and legacy systems that can’t integrate with modern security.
Some of these legacy systems are likely to have been implemented before the internet, so they’re not able to stand up to the capabilities of IoT. The communication capabilities, monitoring, and remote IT management of these systems are outdated and meant only for communication from point-to-point over unencrypted channels. With industrial sectors eager to implement the Industrial Internet of Things to gain efficiencies and cost savings, security is often forgotten until it’s too late. As a result, companies are exposing themselves to breaches through an open backdoor.
Industrial control systems could benefit from greater visibility, Culbert states. One solution is Privileged Access Management (PAM), which can offer industrial controls a way to maintain market developments while guaranteeing visibility into which privileged users are accessing which system at any given time. In addition, modern remote access solutions can be used to manage and audit third-party vendors and suppliers that access an organization’s private network, and allow IT managers to give external and internal users different levels of authorization that suit their needs without providing unlimited network access.
Be sure to check out the full article, and let us know your thoughts on securing critical assets like industrial control systems in the comment section below.