Information systems security managers (ISSMs) are becoming increasingly common in the corporate world. In a very short space of time, this position has become strategic for a company. This is logical, as the stakes are crucial. Today, the challenges of protecting an IT system are numerous, and companies are increasingly taking up the challenge.
The ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information - French National Agency for Information Systems Security) even advises a now well-informed population of CISOs with its IT hygiene guide. Valuable information designed to support those involved.
However, one sector is lagging behind: industry. And yet, the cost of the economic impact observed by industrialists who have been the target of a cyber attack is rising sharply. Production comes to a standstill, equipment deteriorates, data is lost... the effects can vary from one attack to another, but the consequences are always harmful to the company. And no company is safe unless it has taken special precautions. Today, 30 % of virus infections of a professional operating system are due to a simple USB key (Microsoft study).
STUXNET (a computer worm developed by the USA and Israel to attack Iranian systems and spy on industrial systems, particularly SCADA systems) was a trigger, revealing that no company was immune to malicious acts. Since then, SCADA software vendors have become an ideal target for hackers. Attacks generally come from within, and industrial IT is often poorly protected. In fact, IT security rules on a control or supervision system are not respected.
Factory Systemes has been distributing supervision and control software for 25 years. SCADAwith a wide range of industrial IT and automation equipment, has developed a comprehensive product offering enabling manufacturers to correct up to 80 % of their IT security problems. "We offer our customers simple, effective technical solutions that enable them to prevent the most classic vulnerabilities now." - explains Eric Poupry, Business Development Director at Factory Systemes.
Three product solutions are available:
- SCADA Protection (Norman Shark). This product protects PCs from malware intrusion from USB sticks. Thanks to this simple, ready-to-use solution, all PCs on the network can be protected against contaminated USB sticks by the SCADA Protection security agent. The product's approach is simply to check and approve the USB key on a dedicated workstation before using it on workstations in the industrial computing network. Unlike antivirus software, SCADA Protection does not interfere with the operation of industrial applications.
- Datadiode protection designed by FOX-IT against cyber-attacks is based on a diode. This guarantees physical protection of the network, unlike conventional firewall solutions which require updates, administration, software patches, etc. This hardware therefore physically isolates the industrial network from the company's office network, allowing only unidirectional information flows. This NERC and EAL7+ certified solution meets the most demanding requirements of critical installations and infrastructures. Datadiode solves the paradox of Critical Infrastructure Security (CIS), while enabling information to be shared with the corporate network. Several sites in Europe are already equipped with this solution.
Client protection with ACP ThinManager. ACP ThinManager offers a unique platform for managing client workstations, servers, applications and associated access rights. Working with Microsoft Terminal Services, Citrix or VMware, this software enables centralized management and administration of industrial applications.
Eric Poupry points out that "These 3 solutions are just a glimpse of our range of cybersecurity solutions; new suppliers will soon be adding to our range for the industrial sector. Finally, of course, each of these products is demonstrable and applicable to the majority of industrial sites"..
Factory Systemes really insists on this approach of industrial cyber security. This is clearly a strategic challenge for IT security departments, and for the company as a whole. Today, it is essential to align a company's IT security policy with its productivity objectives.
Mark your calendars for the Industrial Cybersecurity event organized by Factory Systemes and its Partners, on October 15 in Paris (more info here).
Learn more: https://www.factorysystemes.fr/solutions-factory-systemes/solutions-techniques/cybersecurite-industrielle.html