Resource

Report/blog

18 November 2024|Cyber Security

Cybersecurity for industrial operations: it’s time to segment your network

Today’s manufacturing plants aren’t just mechanical – they’re digital. Connected to the cloud and the Internet of Things (IoT), they’ve become a top target for cybercriminals.

As a result, securing manufacturing operations has become a mission-critical priority. Especially as manufacturing firms must now comply with a growing number of regulatory obligations relating to managing cybersecurity risks and protecting their assets and data.

Clearly, cybersecurity is a must have, but when it comes to strengthening defences and safeguarding critical infrastructure and sensitive data, where do you start?

The answer is network segmentation and firewalls.

 

Why air gapping is no longer enough

When industrial control systems (ICS) were first introduced into manufacturing operations, many companies put these systems on the same network as users, servers and the internet. A move that created serious industrial cybersecurity risks and exposed important systems to attacks from both inside and outside the network.

Lessons learnt, manufacturers next turned to perimeter defences like firewalls. However, as factories increasingly digitise and the need for seamless integration with IT and cloud resources grows, this airgap approach to protecting industrial networks against cyber threats is no longer sufficient.

Operational technologies (OT) and networks have very specific threat protection needs and deploying a perimeter defence – which only accounts for traffic going in and out of the network – is no longer enough. Because once an attacker or malware penetrates the perimeter and gains a foothold, lateral movement within the network is a foregone conclusion.

Instead industrial organisations need to take a different approach. By segmenting their network, they can isolate their production systems, limit the ‘blast radius’ of a cyberattack, limit access to sensitive systems and data, and make it much harder for a threat actor to infiltrate. They will also be able to better ensure compliance with a range of regulatory standards.

 

OT network segmentation – the fast facts

As we’ve seen, when IT and OT networks are not appropriately segregated hostile actors can quickly transition from the IT network to the OT network. Then, if the OT network lacks sufficient segmentation, these threat actors can move laterally into other OT systems and disrupt operations, steal sensitive data, and even impact safe plant operations.

Network segmentation is a cybersecurity technique that improves the security of ICS systems. By dividing a network into smaller networks or subnets that act as their own networks, it becomes possible to control traffic flows between segments and limit the impact of a cyberattack.

By creating separate network segments, organisations will be able to customise security controls and policies for each OT environment, based on its risk level and function. So, the most sensitive systems