In our last blog, Your Cybersecurity Vendor of Choice Shouldn’t Rock the Boat, we outlined key questions to ask a cybersecurity vendor before you jump into a partnership. Let’s continue that discussion and focus on additional evaluation criteria to help guide your search.
Regardless of the industry you’re in, your infrastructure is mission-critical to your operations and you want to be strategic — yet proactive — in order to eliminate potential vulnerabilities and protect your assets from cyberattacks. However, at the same time, you want to enable secure connectivity for anyone who needs it, without driving up costs or increasing IT involvement.
Therefore, it’s important to find a cybersecurity vendor who can help you achieve the following:
- Improve network security without significant cost, added complexity or disruption
- Manage internal and third-party threats when opening up the network to remote workers, contractors and private sector partners using untrustable devices
- Quickly and simply establish and manage secure site-to-site and remote connections
- Simultaneously protect critical assets against external and internal threats
- Cost-effectively scale to meet growing networking requirements
Here are three questions to ask any vendor to help ensure you get the protection you need, without sacrificing connectivity or driving up cost.
- Can we secure all types of connections and protocols?
A key characteristic of security in industrial and manufacturing environments, in particular, is that security devices must authenticate both to each other (machine-to-machine/M2M) and to dedicated remote users, such as vendor support and maintenance teams. This dual authentication is often lacking in cybersecurity solutions that focus solely on user authentication but is critical to securing industrial control systems (ICS). Ideally, you want to partner with a trusted provider who delivers strong mutual, mandatory authentication to both types of connectivity.
In addition, the security solution should be compatible with industrial protocols such as Modbus, OPC, Profibus, Profinet, EtherCAT, Ethernet/IP, and Sercos III and it should be capable of securing ICS integration products including Johnson Controls, ORCA, SCADAPack, Schneider Electric PowerLogic, Trane Tracer, Emerson-Liebert, and others. This allows you to use all of the standard features of the security solution without disrupting or adversely affecting your current operations. Security solutions that are not fully compatible may require additional encapsulation, adding processing overhead and inefficiencies.
- Do we need to purchase external components?
Enterprise security solutions typically require the addition of external components (hosted software or computing services) that can drive up the cost of securing your infrastructure. Public key cryptography is the gold standard for M2M authentication, but it typically requires X.509 certificates, which are costly. The associated certificate revocation checking also involves multiple servers and complexity.
To best control your organization’s costs and manage security, select a solution that has built in all the required infrastructure for authenticated connections.
- Will system availability be impacted?
You’re on the hook to maximize uptime. In many industries, such as manufacturing, system changes are not applied unless necessary, and as system components age, maintenance schedules may be adjusted, and some failures are inevitable. An overlay solution for security can add fault tolerance to system segments by sensing component failures and securely linking to backup networks. There is a growing interest in predicting maintenance requirements and monitoring system performance, but these analytic tools should be secured so that system data is protected and projected failures are not exposed to hackers.
To find out more about what cybersecurity capabilities to look for when protecting the unique mission and needs of your infrastructure, read our LinkGuard solution brief.