Effective Cyber Security Management: An Interview with Iain Rennie, Operations Director at Asset Guardian Solutions Limited
29/07/2019, Livingston, Scotland.
With Malicious software on the increase at a substantial incoming rate of 250,000 threats per day, there is an increasing demand to protect Industrial Automation and Control Systems. The IACS is defined as a collection of networks, control systems, SCADA systems and associated equipment, known as Operational Technology (OT), and can have a high risk of cyber-attacks.
There is great importance placed on implementing an effective cyber security threat management system that should be designed in such a way that it protects the entire IACS.
Below is an Interview with AGSL’s Operations Director Iain Rennie, who discusses some of the most important Cyber Security management issues faced across many Industries today, and some of the solutions that can be implemented to tackle this ever increasing threat to Industrial Automation.
Q. Can you explain your role within Asset Guardian Solutions Limited?
IR. I’m the Operations Director of Asset Guardian with a remit to oversee all aspects of the business, although my background is within the technical side.
Q2. How did Asset Guardian come to be the Global Software Solution it is today?
IR. Asset Guardian has grown and developed over the last 20 years, and built up our global blue-chip customer base through providing a great product and a great service. Much of our new business now comes from recommendations from new customers’ own engineers who have used it in previous roles.
Q3. What is Asset Guardian’s Unique Selling Point?
IR. Asset Guardian was developed by control systems engineers to fit exactly the needs in the control and automation industry. It is not an IT product trying to fit into the industrial world, but a product designed, developed and supported by control systems engineers.
Q4. What are the core features of Asset Guardian?
IR. Asset Guardian’s core features are software repository and version control, change management, fault logging, hardware inventory management, password management and associated information management of documents and correspondence records. Having all this configuration information in one integrated solution then allows us to add advanced functionality around obsolescence management and cyber security management. The key point being it is an integrated solution and all the data is inter-related between the various sections.
Q5. One of Asset Guardian’s specialities is Cyber Security Management. This is a hot topic in Industrial Automation today. Why is this?
IR. Cyber Security Management has been a top priority in the IT world for many years. However, in the industrial control networks side (the Operational Technology or OT), cyber security has not had the same exposure. Many times the company’s IT department does not extend to the Operational Technology Security network, which is left to the control engineers to manage. Their main driver is safety and availability rather than security and so it has been neglected.
Recently though, there have been some high profile threats exposed specifically targeted at OT, as well as many non-targeted threats also getting through. As OT systems become more and more sophisticated, they are open to more threats. Governments and regulators (concerned about national infrastructures) have identified this, and are now putting pressure on operators to manage their cyber security threats properly, and be able to prove they are doing it.
Q6. What are the main Cyber Security Management issues faced across Industries today?
IR. The key thing about cyber threats in OT networks is that the priorities are different from Information Technology. OT systems must prioritise safety and availability over confidentiality, where in IT, it is the opposite. Also, the endpoint protection available for IT systems (virus scanners, etc.) are often not suitable to be deployed on an OT network, so other types of protection have to be employed.
Q7. How can Asset Guardian help solve problems?
IR.The first step in effectively managing your cyber security risks is to have a Cyber Security Management System (CSMS). This needs to contain your cyber inventory including all devices, network zones and connections (conduits), operating systems, firmware versions and installed applications.
Asset Guardian’s core features allows it to act as your CSMS, holding all this information and cross linking to installed software versions. The Asset Guardian Cyber Security Module then allows all this cyber inventory information to be cross referenced against known vulnerabilities, with automatic notifications and reports showing specific risks.
Mitigations can then be planned and deployed, including patch management.
All this is supported by further Asset Guardian core features of change management, secure password management, software version control and repository, allowing effective disaster recovery in case of attack and infection.
Q8. Can you give an example of how a client utilised the Asset Guardian Cyber Security Manager to solve their problems? What solutions were they provided with?
IR. We have a number of existing clients who were using Asset Guardian for a number of years and then extended its use as a CSMS. This was extremely cost-effective since much of the data was already in the system and the infrastructure for Asset Guardian was already in place.
Other customers have taken Asset Guardian on specifically to act as their cyber risk management framework, but embraced all of Asset Guardian core features, seeing the great benefits in having an integrated solution.
Recently a number of our customers are rolling Asset Guardian out as a global solution for their CSMS, where they are managing a large number of Assets across the world. When vulnerabilities are identified they can then assess the risk globally and also mitigate using the same strategy globally. This gives economy of scale and prevents each region duplicating work and coming up with divergent, less-effective strategies.
Q9. What do you see as the biggest challenges in rolling out an effective Cyber Security Management System?
IR. The biggest challenge we see is populating the data in the inventory and then maintaining that data so it stays up to date. Asset Guardian has many options for bulk importing and bulk updating data, and we also develop interfaces to other systems, such as network scanning and discovery tools, in order to keep that data current.
Asset Guardian can be used very effectively in conjunction with front line network monitoring tools (such as Claroty or Radiflow), which can passively scan and protect your OT network, identify live threats, and scan for new devices. This inventory data can then be handed off to Asset Guardian which acts as the second line CSMS providing asset inventory management, vulnerability tracking and notification, patch management, change management and software version control.
Q10. Do you have any final words to say to reach out to decision makers who might be dealing with Cyber Security Management in the Industrial Automation Sector?
IR. Don’t look at Cyber Security Management as an isolated, costly exercise that has to be done to keep regulators happy. Look at it as an opportunity for a step-change improvement in all aspects of your control systems management.
Using an integrated solution for your CSMS allows you to leverage benefits around configuration change management, software version control, obsolescence management and disaster recovery, which will deliver real risk reduction and measurably improved operations.
If you would like more information on Asset Guardian, please fill out the contact form below and a member of our team will be in touch.