Industrial Control Systems (ICS) have traditionally been treated as closed, walled garden-type implementations, both from a physical as well as a networking perspective. In the age of big data and connected everything, it is now desirable to have connectivity to the factory floor, from a business management and process optimization perspective.
Putting anything online immediately exposes it to cyber threats, but ICS’ have their own unique risks due to the magnitude and nature of the processes. Some of these risks include:
- Production downtime: A loss of one or more devices within a process can easily disable the entire production process. Downtime directly relates to lost dollars.
- Loss of life: ICS devices behaving in a manner inconsistent with the process design can cause injury to operators, and loss of life in the worst incidents.
- Ransomware attacks: Ransomware attacks against devices and ecosystems are on the rise and there’s no indication that ICS is immune to these attacks. While some of the ransom amounts may seem trivial, an attack of this nature is bound to result in some measure of system downtime.