Quantcast
Channel: Blog – Bradford Networks
Viewing all articles
Browse latest Browse all 70

How Critical Infrastructure Food Manufacturers can Boost Compliance & Protect Against Cybersecurity Threats

0
0

Securing the Food and Agriculture (FA) industry, a critical piece of the United States critical infrastructure, is a big challenge. Not only does this sector require securing the physical safety of processing, manufacturing and growing facilities, it also includes protecting the cybersecurity of these locations. Many farms, especially large operations, have increased their technology use, with networks and automated processes. With large open and often isolated farms, as well as orchards and wineries that embrace pubic tours, hackers can target both malicious physical additions to the network and cyberattacks.

As today’s farming, manufacturing and processing facilities increasingly incorporate IT technology and internet connectivity throughout the supply chain, cybersecurity now plays a pivotal role in securing the FA segment of US critical infrastructure. Almost entirely under private ownership, there are more than 200,000 registered food manufacturing, processing and storage facilities, with the FA sector accounting for roughly one-fifth of US economic activity. Securing these networks, endpoints and facilities that are rapidly adopting unsecured IoT automation technology, is crucial to the US food supply and economy.

The Increasing Risks from IoT and ICS

FA manufacturers and processors not only need to employ traditional network security practices to secure the network, but also secure the network from the new threats that are NOT covered by traditional firewall and intrusion detection systems. As IoT integration rapidly expands into the manufacturing industry and connectivity becomes an important part of planning the supply chain, cybersecurity threats continue to expand in the FA manufacturing segment.

Built for autonomous machine-to-machine connection, IoT devices change how organizations collect data, automate services and structure interdependent systems. Since most IoT devices have little or no inherent security, they present an easy target for cyber attackers. This network security gap is common knowledge and particularly concerning for critical infrastructure organizations and the U.S. government.  “The growing dependency on network-connected technologies is outpacing the means to secure them,” Jeh Johnson, secretary of Homeland Security said. “Securing the Internet of Things has become a matter of homeland security.”

But the risk to FA manufacturing and processing facilities does not end with IoT. As the facilities become increasingly connected to the internet, many traditional Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems that are already in most manufacturing and processing facilities are now vulnerable. These systems were originally designed to be secured through their obscurity – they were buried deep in the network. Now that almost every network segment is connected and internet enabled, these ICS and SCADA systems frequently lack inherent security and can now be vulnerable endpoints. While new ICS and SCADA systems are now designed for enhanced connectivity and remote access, organizations need to ensure the security of both legacy and new equipment.

The FA Cybersecurity Framework

As cybersecurity threats continue to increase, FA organizations need to continuously adapt to secure the network from these threats. In the broad overview, the FA sector-specific critical infrastructure plan emphasizes that organizations should:

  • Maintain an effective and continuously adaptive firewall
  • Use intrusion prevention and detection systems
  • Employ surveillance programs for detecting insider threats
  • Ensure continuous security training for system users
  • Require secure passwords that are resistant to hacker compromise, as well as other security practices

While there are many government committees and subcommittees that are responsible for working with FA critical infrastructure organizations and defining sector specific goals, the cybersecurity policies and procedures are all based on National Institute of Standards and Technology (NIST) Cybersecurity framework. While this blog will highlight the main points, for a detailed overview of the NIST framework, please view our blog, How to Align Enterprise Network Security with The National Institute of Standards and Technology Cybersecurity Framework. The NIST framework is based upon five key points:

  1. Identify: This includes asset management, securing the business environment, governance, risk assessment and risk management strategy.
  2. Protect: Incorporate cybersecurity technology and procedures that include access control, awareness and training, data security, information protection processes and procedures, maintenance and protective technology.
  3. Detect: Implement and maintain security solutions that address anomalies and events, continuous security monitoring and detection processes.
  4. Respond: Have a plan in place to address incidents that incorporates response planning, communications, analysis, mitigation and improvements.
  5. Recover: Design processes in advance of incidents that guide recovery planning, system improvements and Communications.

As you can see, this is a very broad framework that seeks to convey the basic best practices for network and cybersecurity in simple terms. Organizations should use this framework to build a solution.

How Fortinet & Bradford Networks help secure your network and comply with NIST recommendations

The combined technology of Fortinet and Bradford Networks, a Fortinet company, delivers powerful enterprise network security. The combined technologies extend the Fortinet Security Fabric to provide complete control, integration and easy management of security across the organization. From Fortinet’s powerful firewall and traditional network security, to securing IoT or the cloud, the new combined Network Sentry and Fortinet Security Fabric helps critical infrastructure organizations satisfy many of the NIST cybersecurity requirements.

Identify: The identification capabilities of these combined technologies are truly foundational for the NIST Cybersecurity “Identify” category. It provides visibility into all devices on the network, allowing organizations to inventory endpoints, control user and device access, and mitigate overall risk. This is crucial with the increasing risks to FA manufacturing and processing plants due to IoT, ICS and SCADA connectivity. Network Sentry also aids in NIST compliance with visibility controls by seamlessly populating any Configuration Management Database (CMDB) with up-to-date information on all endpoints and devices on your network.

Protect and Detect: These combined security technologies enable organizations to control network access for every endpoint device connected to their networks, regardless of the device, user, or location. It provides unified threat management that protects the network with powerful firewalls, antivirus, VPN services and much more, while also controlling access and serving as a compensating control for user devices and headless devices (such as IoT, many ICS and SCADA).

  • Headless devices: Most firewalls cannot classify headless devices, such as IoT, SCADA and many ICS devices because they only see the IP and MAC address. This leaves network security gaps that hackers can use to enter the network. The combined technologies provide a solution that sees and classifies every device, and can act as a compensating control that monitors these devices, detects unusual activity and immediately and automatically quarantines the endpoint, as it forwards the information to an analyst for review.
  • Users and User devices:  This threat management solution provides both pre-connect security to ensure the device is authorized and meets minimum network security standards, as well as continuous post-connect monitoring to ensure a device does not fall out of compliance. It can also stop an employee trying to access unauthorized data purposely or inadvertently, stopping the attack in its tracks if they’re acting maliciously, or if their endpoint has been infected with malware. Should a device connect to the network that isn’t compliant—or should a device fall out of compliance, or become compromised—Network Sentry quickly and automatically isolates that device or endpoint. It also can control access to information and network segments, limiting information to only those that require it to do their job – another best practice to protect access to sensitive information or systems and limit east/west malware attacks.

Respond and Recover: Network Sentry has automated threat response capabilities for comprehensive security automation and orchestration. It integrates with almost all security solutions to enhance the fidelity of alerts and increasing the accuracy of event triage. By cutting through the noise and effectively triaging the alerts, it enables quick, effective responses to potential threats—then contains them if needed—in real time.

To learn more about how these solutions work within the NIST Cybersecurity Framework to enable faster, more effective responses to threats, read our whitepaper on Reducing the Critical Time from Incident Detection to Containment or download our Network Sentry and NIST use case.

 

 

 

The post How Critical Infrastructure Food Manufacturers can Boost Compliance & Protect Against Cybersecurity Threats appeared first on Bradford Networks.


Viewing all articles
Browse latest Browse all 70

Latest Images

Trending Articles





Latest Images