Recent episodes of IT incidents generated by malicious attacks to damage critical infrastructure have made it necessary to pay critical attention to Cyber Security in the industrial sector, not only in the IT area but also in the manufacturing sector.
The main reasons for the increase in the number of attacks in this particular sector include:
- The integration of the industrial network with the IT network
- The management and maintenance of the plants with remote connections via Internet
- A much longer life cycle of industrial apparatuses than IT devices and this creates real difficulty in vulnerability management
- IT network security apparatuses which are not adequate to detect anomalous events on the ICS networks
- Communication protocols and proprietary operating systems
- Complex dialogue between the head of cyber security and the head of industrial security
The main difference between Cyber Defence in the IT area and ICS Cyber Defence resides not so much in the objectives, which can be traced back to the three main pillars of IT Security – the CIA triad (Confidentiality, Integrity and Availability) but in their different prioritization: in the industrial sector, operating continuity is particularly important. Therefore, the primary objective is Systems Availability. In addition, we must add another important principle: Safety, or more specifically Personnel Safety.