The positions of Information Systems Security Manager (RSSI) are flourishing in companies. This function has become, in a very short time, strategic for a company. Logic because the stakes are high. Today, the challenges of protecting a computer system are numerous and companies are increasingly taking the part to meet them.
AnsSI (National Agency for information systems security) even advises, through its computer hygiene guide, a population of RSSI now informed. Valuable information to support the stakeholders involved.
However, one sector is falling behind, that of the industrial world. However, the cost of the economic impact of cyber-attacked industrialists is greatly increasing. Production stops, equipment deteriorates, data is lost... the effects can vary from one attack to another but the consequences are in all cases harmful to the company. And none is safe if it has not provided any special protection. Today, 30% of viral infections in a professional operating system are caused by a simple USB stick (Microsoft study).
STUXNET (a computer worm developed by the United States and Israel to attack Iranian systems spies on industrial systems and especially SCADA systems) was a trigger in revealing that no company was immune from malicious acts. Since then, SCADA's software vendors have become an ideal target for hackers. Attacks usually come from within and industrial computing is often poorly protected. Indeed, the rules of computer security on a control or supervision system are not respected.
Factory Systemes, which has been distributing supervisory and SCADAsoftware for 25 years, as well as a wide range of industrial computing and automation equipment, has developed a comprehensive product offering that enables manufacturers to correct up to 80% of their IT security problems. "We offer our customers simple and effective technical solutions that enable them to prevent the most traditional vulnerabilities now." Explains Eric Poupry, Business Development Director at Factory Systemes.
Three product solutions are proposed:
- SCADA Protection (Norman Shark). This product protects computer stations from malware intrusions from USB sticks. With this simple and ready-to-use solution, all PCs in the network can be protected from contaminated USB sticks thanks to the SCADA Protection security guard. The approach of this product is simply to check and approve the USB stick on a dedicated station before using it on the industrial computer network stations. Unlike an antivirus, SCADA Protection does not interfere with the operation of industrial applications.
- Datadiode protection designed by FOX-IT against cyber attacks was developed on the basis of a diode. This provides material protection for the network, unlike traditional Firewall-type solutions that require updates, administration, software patches, etc. This equipment allows the industrial network to be physically isolated from the company's office network by allowing only one-way information flows. This solution, certified NERC and EAL7, responds to the most demanding constraints of critical installations and infrastructure. The datadiode solves the critical infrastructure security (ICS) paradox while allowing information to be shared to the company's network. To date, several sites in Europe are already equipped with this solution.
Protecting customer positions with ACP ThinManager. To better manage its customer positions, servers, applications and associated access rights, ACP ThinManager offers a unique platform on the market. Operating with Microsoft Terminal Services, Citrix or VMware, this software enables centralized management and administration of industrial applications.
Eric Poupry explains that "these 3 solutions are just an overview of our range of solutions dedicated to cybesecurity; very quickly new suppliers will further enrich our range for the industry sector. Finally, of course, each of these products is demonstrable and applicable to the majority of industrial sites."
Factory Systemes really emphasizes this approach to industrial cybersecurity. A clearly strategic issue for IT security services and more generally for the whole company. It is essential today to align the company's IT security policy with productivity objectives.
Note in the calendars the Cybersecurity Industrial event organized by Factory Systemes and its Partners, October 15 in Paris(more info here).
Read more: https://www.factorysystemes.fr/solutions-factory-systemes/solutions-techniques/cybersecurite-industrielle.html