Security gets a lot of airplay these days because of the potential for mayhem - the needless and willful damage that can result from intentional acts. Anyone that is responsible for uptime of industrial systems would be wise to consider Murphy’s law– those things that can go wrong, will go wrong at the worst possible time (ever get that 2 AM call when you just fell asleep to troubleshoot a system?). So when giving a security presentation, I like to bring it back to the real threats and what can be done to illustrate why ‘defense in depth’ is important.
I like to open up my part of the session with a short YouTube video: “Allstate Mayhem Guard Dog” which does two things: 1. Wakes up the PowerPoint overloaded audience that may be starting to nod off! 2. Opens the audience’s eyes to a possible false sense of security – a guard dog can be bypassed if you know how. How does that make you feel about your industrial plant’s security – are you as protected as you need to be? I have heard some describe their security as an M&M - a hard shell but soft on the inside.
Where to start finding out just how secure your system really is? Let’s analyze the threats inside and outside your plant by breaking it down by location and motives and then suspects and the approach to remedy. This is only a subset but will get you started thinking.
- Motive – Intentional
- ‘Typical’ Suspects – 16 year old hacker; terrorist; spy; ‘Mayhem’
- Remedy – Block access
- Motive – Accidental
- ‘Typical’ Suspects – Trusted workers; contractors/guests; ‘Murphy’s Law’
- Remedy – Structured, physically secure network fabric
The threats from external that are intentional are real which is why a strong firewall and DMZ strategy is important for protecting critical manufacturing networks. The more insidious and common problem is a co-worker or guest trying to do the right thing but makes a mistake! Mistakenly unplugging a connection during troubleshooting and plugging it back into the wrong port can cause hours of downtime and troubleshooting headaches until the source problem is found. A structured physical infrastructure with well identified, segmented, color-coded cabling systems can help prevent mistakes. Use of validated building blocks for a plant-wide network zone architecture and network backbone can eliminate a lot of the guesswork and mess that lead to accidents and costs down the road.
For security, it’s best not to ‘let sleeping dogs lie’. Take the next step in identifying likely threats and to prevent Mayhem and Murphy from biting you!