Physical Cybersecurity Comes of Age

By Ben Garber

The IT security industry was originally developed a few decades ago to secure enterprise IT systems and this has remained its mission for many up until today. This concept assumed that enterprise networks had perimeters and the best way to protect them was to harden the perimeter and keep the bad guys out. In today’s world, however, when malware, ransomware, DDoS attacks and a host of other threats can now enter on a USB stick, an email message, a laptop or a smart phone, it is easy to understand why the perimeter concept has become outdated.

As more and more companies go through digital transformation, enterprise IT systems are no longer considered business support systems but rather mission critical systems. The physical machines and devices that automate our businesses are becoming increasingly IP-enabled. In today’s era of the Internet of Things (IoT) there are no network perimeters.

According to IMS Research, approximately 22 billion devices overall will be internet-connected by 2020. Today’s global network infrastructure connects virtually everything from smartphones to appliances to the programmable logic controllers (PLCs) that run our assembly lines and the sensors on our utility lines. All of the IT systems that run these devices, must be interoperable and that interoperability opens the door for the spread of cyberattacks that can cripple or take down an entire organization.

All of our most critical infrastructure — from the power grid to steel manufacturers, reservoirs and transportation systems, to hospitals and airports — have unique electrical, environmental and operational requirements for their SCADA (supervisory control and data acquisition) and process control systems that can make enterprise IT-focused security solutions unsuitable or insufficient. This requires more than the traditional firewalls and anti-virus remedies offered to enterprises.

In recent headlines there have been many stories of hackers entering an organization through their IT network only to jump over to their “physical” production networks that control the robots on their assembly line, the sensors on their electric utility line, the dam that controls water flow, and their video security systems, etc. This has resulted in vast physical and reputational damage and has shut down businesses and departments for significant periods of time.

Today it is in the machine-to-machine (M2M) (networks where the threats are the most troubling. These attacks infiltrate our networks without being noticed and they can launch when we least expect it. It is now necessary to secure from the perimeter all the way through the infrastructure to every single end point.

At Ultra Electronics, 3eTI we specialize in doing just that. We help preserve operational investments through advanced security for M2M communications, secure wireless networks, and innovative sensor network applications. Our products, software, and systems leverage new and legacy networks while complying with the highest government and industry standards.

3eTI’s CyberFence CIP (critical infrastructure protection) products are designed to safeguard operational technology (OT) networks and are easily embed into industrial automation and control systems to shield critical infrastructure against cyber-attacks without interruption. We have done this in for decades.