COMMUNICATIONS AND SECURITY n devices. It can be placed in front of critical assets such as PLCs and HMIs to enhance network security and ensure network availability, while protecting critical assets from being manipulated by malicious actors. For instance, when a workstation is infected with malware, the malware often finds its way to as many connected devices and networks as possible. It can spread to most of the devices on a network by the time an OT engineer or network operator notices it. Two types of proactive action can mitigate the risks: one is to block malicious traffic in the first place when the network is contaminated; the other is to contain it to a manageable degree if it occurs. Virtual patching to reduce the risk of cyber-threats Frequent patching reduces a system’s exposure to cyber-threats significantly. However, patching continues to be a critical challenge in OT environments. Devices on industrial control systems are not always available for updates when vulnerabilities are identified. For instance, it may be desirable to keep a production operation running until its next scheduled maintenance. Sometimes, updates are not feasible because devices on control systems may have already passed a long lifecycle and vendors are not providing updates any more. Virtual patching can complement existing patch management processes by shielding against vulnerabilities. Virtual patching acts as an agentless emergency security tool that OT administrators and operators can use to remedy vulnerabilities on affected OT equipment quickly. To achieve operational efficiency and availability, it is vital to take cyber-security into account. The belief that OT networks are isolated and secure has been proven wrong by several major cyber-security incidents in manufacturing plants. Two different directions can be taken to enhance network security. One is to ensure that your industrial networks have a secure foundation – a network infrastructure that allows authorised traffic to flow to the correct places. Alternatively, you can identify critical assets and give them layered, proactive protection, such as using an industrial IPS and whitelisting control. n Whitelisting control is achieved by restricting access to the authorised devices, services, protocol formats and control commands on a whitelist Join us on Facebook Drives & Controls Follow us on LinkedIn @Drives & Controls Follow us on Twitter @DrivesnControls For the latest news visit the Drives & Controls website www.drivesncontrols.com Find out the latest on Drives & Controls Show www.drives-expo.com SHOW Drives&Controls Drives& Controls
RkJQdWJsaXNoZXIy MjQ0NzM=