Partnership To Enhance Industrial Control Systems Security
18 March 2013
Building on Yokogawa’s track record in control systems and McAfee’s cyber- security expertise, the two companies have announced a partnership agreement to offer IT security for industrial automation
Concentrating in particular on the issue of digital threats to industrial control systems, the partners plan to collaborate to offer Yokogawa customers a seamless approach between different IT systems, across proprietary networks and expanded communication channels – such as IP, wireless, and mobile – and running common operating systems and applications.
McAfee is known for delivering proactive security services for systems, networks, and mobile devices. According to McAfee’s recent threats report, cybercrime, "hacktivism” and cyber-warfare are on the rise worldwide, and are growing ever more sophisticated. Governments, large enterprises, small business, and home users all face a wide range of digital threats. Recent prominent cases of industrial sabotage and espionage have escalated these concerns.
Today’s cyber-security threats mean that industrial control system users and suppliers must be increasingly vigilant against current and future intrusions, as human safety and environmental impacts are directly at stake. Industrialists using contemporary process control systems are keen to adopt general purpose IT to reduce costs, improve performance, enable interoperability with APC, MES and other systems, and add other important new capabilities. But these very same technologies have made them increasingly vulnerable to security intrusions - malicious or otherwise - from both within and outside the plant.
Organisations tasked with running critical infrastructure such as oil and gas pipelines, chemical plants, power stations, and water treatment facilities must look at holistic security systems across two disparate, yet interconnected zones: enterprise IT and industrial control systems.
McAfee provides resilient, efficient compliance measures, and real-time intelligence for changing threat environments, along with the power of real-time visibility and centralised management through a single platform. The combination of this expertise with Yokogawa’s domain knowledge provides a more holistic approach.
Industrial process control systems typically have a three to five times longer life cycle than typical commercial systems. Since both system technology and cyber threats are ever-changing, automation system suppliers must embrace a life-cycle approach to industrial cyber-security.
"Security measures for control systems are indispensable, starting with the development of highly secure instruments and systems and extending to the provision of operational support services,” said Nobuaki Konishi, vice president of Yokogawa’s IA Systems Business Division, which plays a vital role in a wide range of industries including oil, chemicals, natural gas, power, iron and steel, pulp and paper, pharmaceuticals, and food. "This partnership will allow us to combine our technology and plant security know-how with McAfee’s technology to enhance the security of plants across the entire lifecycle. This will include the integration of anti-virus software with industrial control systems used in the process industries.”
"Businesses are looking for integrated security solutions, moving from simply securing components to understanding and measuring the security of a business system as a whole,” said Wahab Yusoff, vice president for McAfee South Asia. "That is why we feel strongly about this opportunity to work with Yokogawa as a leading supplier of industrial control systems.”
HACTIVISM, CYBER-CRIME & CYBER-WARFARE
Hacktivism (a combination of hack and activism): Use of computers and networks as a means of political protest. Tools include website defacements, redirects, denial-of-service attacks, information theft, web site parodies, typosquatting (see below) and virtual sabotage.
Cyber-crime: Offences committed with a criminal motive using modern telecom networks such as internet (chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS). Offences may target an individual or a nation, or anything in-between.
Cyber-warfare: Internationally, both governmental and non-state organisations engage in cybercrimes. Activity crossing international borders and involving the interests of at least one nation state is sometimes referred to as cyber warfare.
Typosquatting: Exploitation of common mistakes, such as typographical errors made by internet users when inputting a website address into a web browser.
- Cyber-security threats mean industrial control system users and suppliers must be increasingly vigilant
- Holistic approach to security must cover enterprise IT and industrial control systems
- Yokogawa and McAfee agree partnership to enhance industrial control systems security
OTHER ARTICLES IN THIS SECTION