Your network is not secure! Whether you have all the security in place that’s possible or have not even thought about security – your network is not secure! Sadly, no network can be 100% secure. The best that you can hope for is to make it very difficult to hack.
Let’s start at one of the extremes – network security, what’s that. “Plausible deniability is not a security strategy.”
Manufacturing is the most targeted category for hackers. Not banks. Not retail. Manufacturers. And within the manufacturing category the most targeted companies are small to medium-sized companies.
What can you do? What should you do? You will find both the futility of denying the problem and some steps to remediate the problem at my year-old blog post, PROFINET Network Security.
At the other extreme – we’ve implemented every possible precaution including
- Zone and conduit
- DMZ
- Data Diode
- Firewalls
- Deep Packet Inspection
- Intrusion Detection
- Filling all USB ports with epoxy
- Password rules – complexity and frequent required change
- Removed CD drives
- Installed antivirus software
- Engaged the workforce is best practices
- Physically protected important servers
It’s not enough!
A motivated hacker can breach any network. So, have a plan in place for when it happens – not if it happens, when.
The possibility of being hacked should make you nervous (plausible deniability is not a security strategy).
Recommendations for those of you anywhere on this spectrum of “What me worry” to “We did everything possible” –
- www.isssource.com
- www.SCADAhacker.com
- Eric Byres’ blog
- “Protecting ICSs from Electronic Threats”
- us-cert.gov/control_systems
- MacAfee
- PROFINET Security Guideline
–Carl Henning