No Cyberattack? Then Why 1 Billion to 10 Billion in Losses – Who Bears the Cost?

The Hidden Dangers of Third-Party Software: Advocating for Totally Isolated Control Systems

The recent IT outage linked to CrowdStrike, which caused widespread disruptions, serves as a stark reminder of the dangers associated with third-party software integration. This incident underscores the critical need for securing operational technology (OT) systems by not letting IT practices govern them. Instead, a dedicated and secure approach is essential for OT environments.

The Risks of Third-Party Software

When you install third-party software, you are essentially allowing external code to interact with your internal systems. This can open up several risks, including:

1. Security Vulnerabilities: Third-party software may have undiscovered bugs or flaws that can be exploited by hackers.

2. Malware and Spyware: Malicious software can be disguised as legitimate third-party applications, leading to data breaches.

3. Unpredictable Updates: Software updates can sometimes introduce new vulnerabilities or compatibility issues, disrupting business operations.

The Case for Totally Isolated Control Systems

Given these risks, one effective strategy is to implement totally isolated control systems. An isolated control system operates in a silo, separate from the main network, reducing the risk of external threats. More at Bohemia Market company.

1. Enhanced Security: By isolating control systems, you significantly reduce the attack surface available to cybercriminals.

2. Stable Operations: Isolation prevents third-party software from interfering with critical system functions, ensuring stable and reliable operations.

3. Compliance Assurance: Isolated systems are easier to monitor and audit, helping to maintain compliance with industry standards. However, it's crucial to emphasize that compliance is not security. Compliance may help in meeting regulatory requirements, but true security goes beyond compliance to protect against evolving threats. For more insights, refer to my article on why Compliance is not security.

Monitoring Without Interference

Instead of installing third-party software, we advocate for a robust monitoring-only approach. This involves using external tools to oversee system activities without directly interacting with the control systems. Here’s how it works:

1. Non-Intrusive Monitoring: Tools like network traffic analyzers and log management systems can monitor activities without installing anything on the control system itself. Monitoring should be done via an independent VLAN, with all traffic sent out via a data diode to ensure security.

2. Real-Time Alerts: Monitoring solutions can provide real-time alerts on suspicious activities, enabling swift responses to potential threats.

3. Data Diodes: These devices ensure one-way data transfer from the control system to the monitoring system, preventing any external interference. The system itself doesn't even know it's being monitored, adding an extra layer of security.

GreyCrotex: Understanding Industrial Communication Protocols

A crucial aspect of effective monitoring is a deep understanding of industrial communication protocols. Companies like GREYCORTEX excel in this area, providing robust monitoring solutions tailored for industrial environments. Their expertise ensures that monitoring systems are optimized for the unique requirements of OT, enhancing security without compromising functionality.

IT Practices Are Not Suitable for OT Systems

IT and OT systems have fundamentally different requirements and risk profiles. Applying IT practices directly to OT systems can lead to significant vulnerabilities and operational risks. OT systems often have a longer lifecycle and require more stringent control measures to ensure operational safety and reliability.

Horrible Payment Terms and Their Impact

Large corporations often impose harsh payment terms on their suppliers, which can severely affect the quality of services provided. Delayed payments can lead to financial instability for suppliers, making it difficult for them to maintain high standards. This, in turn, affects the overall quality and reliability of the services they provide. For a deeper understanding, see my discussion on large corporations payment terms.

Conclusion

In conclusion, while third-party software offers benefits, the risks it introduces can outweigh the advantages. By adopting totally isolated control systems and employing a monitoring-only strategy, businesses can enhance their cybersecurity posture, ensuring stable and secure operations. It’s time to rethink our approach to cybersecurity and prioritize the safety of our systems over convenience. Additionally, understanding and negotiating fair contractual terms is essential to protect small suppliers from undue risk and ensure a healthy, sustainable business ecosystem.

For more insights, read my articles on totally isolated control systems and why compliance is not security.

#CyberSecurity #ControlSystems #DataDiodes #NetworkSecurity #CrowdStrike #Monitoring #IsolatedSystems #ThirdPartySoftware #Compliance #OperationalStability #ContractNegotiation #SupplierProtection #TXP #T3000 #DCS #DataDiode #SafeConnect