Fall 2020, No. 2, vol. 2 / Romanian Cyber Security Journal
A Brief Introduction to Cybersecurity Landscape in Industrial Control Systems; Practitioners View
Mihai RĂUȚĂ, Victor GÂNSAC, Olivia COMȘA
firstname.lastname@example.org email@example.com firstname.lastname@example.org
With the exponential growth of the Internet and the number of devices able of controlling complex industrial processes, hardware equipment that uses standard IP protocols for transporting data specific to industrial processes, there is an increased incidence of attacks targeting industrial critical infrastructures. If in the past the attackers were persons from inside the industry, often angry dismissed employees, in the last period these attacks are mainly carried out by the players in the field of industrial espionage, terrorist groups or rival nation-state.
The security technologies and measures used in the Industrial Control Systems (ICS) are in vast majority of the cases common with those used in the information technology (IT) business infrastructure, but if in the latter case this falls on the confidentiality, integrity and data availability, in the case of industrial processes governed by ICS the integrity and resilience of the industrial process itself must be ensured in the first place. Data loss is far less important than the catastrophic interruption of the mission–critical industrial process with adverse consequences on environment and life in general.
The paper will briefly review the specific terms used in industrial network systems and will detail some of security challenges and vulnerabilities associated with ICS infrastructure. In the end we will present methods and technologies used to better secure the critical infrastructure environment and some of the activities Safetech Innovations SA performs in this field for its beneficiaries. It present a practitioner point of view with deep involvement in securing important critical infrastructures, from IT to energy, oil, gas and utilities.
Cybersecurity, ICS, SCADA, Critical Infrastructures, OT/IT, CERT, Security Challenges, Resilience