<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1033252670099820&amp;ev=PageView&amp;noscript=1">
New Call-to-action

Industrial Control Systems Security: An Interview with WALLIX

› › › BACK TO THE BLOG

[fa icon="calendar"] Mar 23, 2017 2:54:14 PM / by WALLIX

Industrial Control Systems (ICS) are used to remotely control and monitor a variety of industrial enterprises like manufacturing, electricity, water, oil, and gas. The systems operate mostly on remote commands that are pushed to physical stations and devices. These systems are crucial in controlling and monitoring operations to ensure ongoing operations and safety for the surrounding community.

 

ICS.jpeg

 

This interview with Dominique Meurisse, WALLIX's COO, addresses some of the challenges and threats that ICS need to be wary of.

 

 

 

Background

Throughout the world, there are over 10,000 registered industrial control systems, and in the last few years, the number of attacks on these systems has increased by 490%. Attacks can block access to resources and have dangerous consequences. This is why industrial control systems security has become so important.

 

Why ICS is Vulnerable

The top priorities of ICS have traditionally been availability (providing resources 24/7), and safety (working conditions for employees and the safety of the resources they provide). ICS used to be isolated from outside networks so security was a secondary consideration. This has changed as all networks are now tied together. ICS are no longer isolated, but rather are part of the interconnected Internet. As a result, the ICS is vulnerable to attacks from that public Internet… and the corporate networks are now vulnerable to attacks from their own ICS. What is worse is that the bad guys have figured out that not only are ICS quite vulnerable, but a successful attack can provide a really high profile result. The impact of a successful attack on ICS can easily hit billions of dollars.

 

 

You Can’t Go Home Again

You can’t just cut the cord and go back to isolating ICS. Remote access is necessary to operate the systems they control. Remote access is needed for monitoring, maintenance, and operations. It would be prohibitively more expensive to rely on on-site teams to operate all ICS rather than by remote. Plus, the engineering systems and corporate networks need to regularly exchange data for optimal productivity. This means interconnectivity is needed. Unfortunately, this interconnectivity provides hackers with multiple access points, leaving systems vulnerable.

 

Challenges

Organizations are increasingly coming to understand the potential impact from lax ICS security. Increasingly, local, national, and international regulations are dictating minimal ICS security standards to ensure that all the actions of privileged users are monitored, tracked, and controlled to prevent a catastrophic negative event. However, it can be a challenge to meet security and compliance standards for ICS security without undermining system performance.  That’s where Privileged Access Management (PAM) solutions like WALLIX's Bastion come into play.

 

The WALLIX Solution

The WALLIX solution provides all the information and controls that organizations need to comply with ICS security regulations and standards. Our transparent monitoring will not impact system operations and performance. Instead, it will help prevent threats by providing one-point access to monitor and control all activity within your ICS.

 

WALLIX helps you:

  • Control internal access
  • Control third party access
  • Monitor activity
  • Track all actions
  • Prevent insider threat
  • Mitigate external threats

 

Want to try WALLIX? Sign up for a 30-day trial or contact us for more information.

 

 Get our FREE DEMO to manage and monitor privileged access

 

Topics: Controlling Third Party Access, Mitigating External Attacks

WALLIX

Written by WALLIX

SIGN UP
to receive our best articles!

Get Access to our white paper : The Insider Threats Comic Book

Get Access to our White paper : Major misconceptions about IT security