Its been reported that the US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result. The idea is to use “retro” technology to isolate the grid’s most important control systems, to limit the reach of a catastrophic outage. “This approach seeks to thwart even the most sophisticated cyber-adversaries who, if they are intent on accessing the grid, would have to actually physically touch the equipment, thereby making cyber-attacks much more difficult,” they said in a press release , after the bill, named the Securing Energy Infrastructure Act (SEIA), passed the Senate floor.
Andrea Carcano, CPO and Co-Founder at Nozomi Networks:
“While, to some extent, such an approach may be effective against reducing cyber risk the associated operational impact should be carefully assessed. Operational risk, safety, process excellence and cyber risk cannot be decoupled. Furthermore, the forces of industrial modernisation cannot be stopped or stalled. Organisations and governments should be taking steps to prudently enable digital transformation rather than thwart it.
In the context of critical national infrastructure, the increased operating costs and inefficiencies could be tolerated if it reduces perceived cyber risk, but the approach needs to be carefully balanced. This is not the case within manufacturing and industrial processes where inefficiencies cannot be tolerated as they could result in the reduction of an organisation’s competitive positioning in the market place.
ICS network monitoring solutions can help organisations achieve cyber resilience within a highly automated and intelligent operational environment without compromising efficiency. These solutions enable organisations to move confidently forward in digitisation with the knowledge that they can effectively manage the associated cyber risks.”
Dave Weinstein, CSO at Claroty:
If the goal is to achieve maximum security of our critical infrastructure at all costs, even if it means depriving asset owners and operators of real-time performance analytics and the ability to conduct remote maintenance under routine and exigent circumstances, then so be it. However, this strategy is unlikely to receive much support outside of security circles and could prove to be cost prohibitive for most organisations.
We must accept and embrace connectivity while, at the same time, improving security. This means balancing the risks of interconnectivity to our industrial control systems with gaining greater visibility into who and what are on these networks. Interconnectivity alone is not the problem; rather, it is this interconnectivity paired with opacity that produces the greatest risk to the country’s critical infrastructure.
Government, industry, and the critical infrastructure community must come together to raise what are currently far too low barriers to entry for hackers.