DCS; Industrial control system
Product
Article
NameDescriptionContent
English 简体中文
NEW CENTER
Current Location:
Home >> journalism >> Ensuring Cyber Resiliency for OT Systems

Ensuring Cyber Resiliency for OT Systems

From:THOMAS | Author:H | Time :2024-11-27 | 304 Browse: | Share:



The partnership with Dragos has resulted in increased efficiency, productivity and cybersecurity readiness. The utility is prepared to counter evolving cyber threats and plans to expand the footprint of the Dragos Platform in the future by adding sensors at prioritized sites.


Automate—with caution

In an ISAGCA blog post, titled “The Danger of Overreliance on Automation in Cybersecurity,” Zac Amos, features editor at ReHack, and frequent contributor to the ISAGCA Blog wrote: “Automation is critical in enhancing cybersecurity efforts, and speed is one of its key benefits. Most cyberthreats spread quickly, such as ransomware or worm attacks, and automated systems can detect and respond to them much faster than humans can. AI [artificial intelligence] also ensures consistency because it can do repetitive tasks with high accuracy. However, it’s easy to rely too heavily on automation to provide cybersecurity. The volume of logs, alerts, and incidents is multiplying exponentially, and automated tools can analyze vast amounts of data without getting overwhelmed. This can be a double-edged sword, though. Companies should have a healthy balance of tech and human talent when keeping systems safe.”

Amos warns that some of dangers of being overly dependent on automation in cybersecurity include a false sense of security, false positives and/or negatives, lack of context, reduction in human expertise and reliability concerns to name a few. “Believing that automated systems will catch every threat can make organizations complacent. No system is perfect, and new, unforeseen threats are always emerging,” he said.

“Automated systems can generate false positives, which can desensitize security teams if they happen frequently,” Amos said. “Conversely, false negatives, where a genuine threat goes undetected, can have severe implications.” In addition, “automated systems lack the human intuition and context needed to evaluate the risk and importance of a particular alert. A seasoned security expert can differentiate between a benign activity that looks suspicious and a genuine threat. Over-relying on automation reduces the need for human experts, which means an organization might have fewer experts who fully understand the system. This can be dangerous if things fail or are compromised.”

Reliability is always a concern when using automation to bolster cyber resilience. “Like any technology, automated systems can fail. Overreliance without redundancy can lead to exposure when these systems experience downtimes,” Amos said.


Becoming cyber resilient: awareness

When it comes to cyber resilience, the biggest difference now from three or four years ago is awareness. “Companies understand they can’t fight off all attacks and some will get in. Depending on what kind of plan they have and how they approach it, remains up to the individual company,” said Hale.

Hale said that organizations’ approach must shift from a futile quest for absolute invulnerability to a more realistic strategy of resiliency in which they can control the impacts of failures. Resilience means organizations need to identify the most critical assets and determine what they find as an acceptable return to operations. “Today, organizations are more aware and more tuned into the idea that attacks are going to happen so they better be protected and then understand—and have a plan—as to what they should be doing and what should happen if an attack makes it in and starts to create issues. This is also where quality segmentation and micro segmentation come into play… Three years ago, they were running around putting out fires and trying to ward off attacks. Today, companies have realized attacks are going to happen, so let’s figure out what are the most important areas we need to protect and then create a plan around that.

“Industry is maturing in its understanding of cybersecurity. Gone are the days of lacking broad attention for the topic when it was viewed as a technical issue rather than a strategic one,” said Tonkin. “Today, the subject of managing cyber risks to improve operational integrity and resilience is becoming much more aligned with the overall risk management of organizations. This maturation in approach reflects a deeper understanding of the interconnectedness between cybersecurity and business continuity. Organizations are now more proactive in identifying and protecting critical assets, assessing vulnerabilities and implementing comprehensive cybersecurity measures that support resilience. This includes not just technological solutions but also organizational and procedural changes to enhance the ability to withstand and recover from cyber incidents.”


  • D20MIC10BASE-T 820-0756 Network card
  • WES13-3 5167-0001-0210 CPU/Auxiliary Control board
  • WES13-3 2508-21001 Embedded digital module
  • D20ME 526-2005-216943 control module
  • D20EME 0526-21170-1 Enhanced Master Communications Module for D20 Substation RTUs
  • 2400-21004 / 2010-3101-0442 – Redundant Power Supply Module for Mark VIe Turbine Control
  • PACSystems™ IC695CPE400 RX3i 64 MB
  • DS200DCFBG2BNC DC2000 DC Feedback Board
  • OLDI Ethernet interface module 56SAM-844
  • IS200BPPBH2CAA Mark VIe Power Supply Module
  • IS210MACCH2AEG Motor Control and Communication Module
  • IS210MACCH2AGG Mark VIe Speedtronic Turbine Control Module
  • IS200AEPAH1AFD Printed circuit board
  • IS200AEPAH1ACB Analog I/O Module
  • IS200WREAS1ADB AERO TRIP TB DBRD sub-board
  • IS200WETAH1AEC large board component made Mark VI system
  • IS200AEPAH1AHD A High-Precision Excitation Control Board for Turbine Systems
  • IS200WEMAH1AEA Control board
  • IS210MACCH1AGG processor card
  • IS230TNRLH1B Discrete Output Modular Assembly
  • Mark V Series DS200PCCAG1ACB PCB Power Connect Card
  • DS200SI0CG1AEA Instantaneous overcurrent card
  • DS200SHVMG1AGE Analog I/O board
  • DS200SI0CG1A6A Input/Output Module
  • DS200SHVMG1AFE SCR High Voltage Interface Board
  • DS200RT8AG3AHC Relay Output Terminal Board
  • DS200FSAAG1ABA PCB Field Supply Gate Amplifier Board
  • 531X307LTBAFG1 F31X307LTBA LAN I/O Terminal Board
  • ABB AFS670 19" Ruggedized Switch AFS670-EREEDDDSSEEEEEEEPZYX05.1.0
  • NI Controller for VXI VXIPC-871B
  • IS200EPMCH1GE Mark VIe Patch Cord Power Distribution Card
  • VMICPCI-7632-03310 IS215UCCAH3A 350-657362-003310J GE gas turbine system control processor board
  • WEA13-13 2508-21001 Control Module / I/O Board
  • WES5120 2340-21004 Controller Main Module
  • WES5120 2340-21006 Field Controller Master Unit Module
  • ​ WESDAC D20ME 18-MAR-13 Excitation Control Module
  • D20 EME 2400-21004 Ethernet communication and expansion module
  • GE DS3800XTFP1E1C Thyristor Fan Out Board Brand
  • GE SR745-W2-P1-G1-HI-A-L-R-E Feeder protection relay
  • GE IS230TNDSH2A Discrete Output Relay Module Brand
  • GE Fanuc IS200TDBSH2ACC Mark VI Terminal Board Brand
  • GE PMC-0247RC-282000 350-93750247-282000F Disk Drive
  • GE PMC-0247RC-282000 350-93750247-282000F Disk Drive
  • GE VMIVME-1150 Serial Communications Controller
  • GE VMIVME-5576 Fiber-Optic Reflective Memory with Interrupts
  • GE VMIC Isolated Digital Output VMIVME-2170A
  • GE MULTILIN 760 FEEDER MANAGEMENT RELAY 760-P5-G5-S5-HI-A20-R-E
  • GE IS200AEPAH1BKE IS215WEPAH2BB Printed circuit board
  • GE IS210BPPCH1A Mark VIe I/O Pack Processor Card
  • GE IS220PRTDH1A 336A4940CSP6 High-Performance RTD Input Module
  • GE IS220PDIAH1BE 336A5026ADP4 Discrete Input Module
  • GE IS420ESWBH3A IONET Switch Module
  • GE 516TX 336A4940DNP516TX 16-port Ethernet switch
  • GE EVMECNTM13 Embedded control module
  • GE EVPBDP0001 EVPBDP032 control module
  • GE Hydran M2-X Enhanced Monitoring with Extended Sensor Life
  • GE UR6CH Digital I/O Module
  • GE IC695CPU315-CD Central processing unit
  • GE 531X305NTBAMG1 DR Terminal Board
  • GE 531X305NTBALG1 NTB/3TB Terminal Board 531X Series
  • GE 531X305NTBAJG1 NTB/3TB Terminal Board.
  • GE 531X305NTBAHG1 NTB/3TB Terminal Board 531X
  • GE 531X305NTBAEG1 is a PCB that functions as a DR terminal board.
  • General Electric 531X305NTBACG1 NTB/3TB Terminal Board 531X
  • GE Digital Energy D20 Analog Input Module
  • GE 94-164136-001 main board Control board
  • GE 269 PLUS-D/O-100P-125V Digital motor relay
  • GALIL DMC-9940 High-performance motion controller
  • FUJI NP1BS-08 base plate
  • FUJI NP1Y32T09P1 Transistor drain type digital output module
  • FUJI NP1Y16R-08 Digital Output Module
  • FUJI NP1X3206-A High-speed digital input module
  • FUJI NP1AYH4I-MR current output module
  • FUJI NP1S-22 Power module redundancy
  • FUJI RPXD2150-1T servo drive module
  • FUJI FVR008E7S-2UX Ac frequency converter
  • FUJI Ac frequency converter FVR008E7S-2
  • FUJI FVR004G5B-2 Small general-purpose frequency converter
  • FUJI A50L-2001-0232 Industrial control module
  • FUJI A50L-001-0266#N High-performance servo amplifier
  • Honeywell FS7-2173-2RP Gas sensor
  • Honeywell 10106/2/1 Digital Input Module in Stock
  • FRCE SYS68K CPU-40 B/16 PLC core processor module
  • Foxboro FBM I/O cards PBCO-D8-009
  • Foxboro AD916AE Digital Control System (DCS) Module
  • GE SR750-P5-G5-S5-HI-A20-R-E Multilin Relay
  • FOXBORO H90 H90C9AA0117S Industrial Computer Workstation
  • FOXBORO RH928AW | I/A Series Relay Output Module
  • Foxboro N-2AX+DIO Multi-functional input/output module
  • Foxboro RH924WA FCP280 Fiber Optic Network Adapter
  • FOXBORO H92 Versatile Hardware Component In
  • Foxboro FBM218 P0922VW HART® Communication Redundant Output Interface Module
  • Foxboro E69F-TI2-J-R-S E69F Series Current-To-Pneumatic Signal Converter
  • Foxboro E69F-BI2-S Converter
  • Foxboro H92A049E0700 The host of the DCS control station
  • Foxboro H90C9AA0117S Industrial computer workstation
  • Foxboro RH101AA High-performance industrial control module
  • Foxboro P0922YU FPS400-24 I/A Series Power supply
  • FOXBORO P0973LN Chassis-based managed switch with independent power supply
  • FOXBORO P0926PA Input/output module
  • Fanuc A06B-6050-H402 3 AXIS ANALOG AC SERVO DRIVE
  • FOXBORO L0130AD L0130AE-0H Power module group
  • FOXBORO 0399085B 0303440C+0303458A Combination Control Module
  • FOXBORO SY-0399095E (SY-0303451D+SY-0303460E) Process control board
  • FOXBORO 0399071D 0303440C+0303443B Input/Output (I/O) Module
  • FOXBORO RH924UQ Redundant Controller module
  • FFOXBORO E69F-TI2-S current pneumatic converter
  • FOXBORO FBM219 RH916RH Discrete I/O Module
  • FOXBORO FBM227 P0927AC Module
  • FOXBORO 0399144 SY-0301059F SY-1025115C/SY-1025120E I/O module
  • FOXBORO SY-60399001R SY-60301001RB Industrial Control Module
  • FOXBORO 0399143 SY-0301060R SY-1025115C SY-1025120E Combined control board
  • FOXBORO 873EC-JIPFGZ electrodeless conductivity analyzer
  • FOXBORO P0916PH (High-density HART I/O Module)
  • FOXBORO 870ITEC-AYFNZ-7 Intelligent Electrochemical Transmitters
  • FOXBORO Compact FBM240. Redundant with Readback, Discrete
  • FOXBORO FBM208/b, Redundant with Readback, 0 to 20 mA I/O Module
  • FOXBORO FBM201e Analog Input (0 to 20 mA) Interface Modules
  • FOXBORO P0916WG Terminal cable
  • FOXBORO P0926MX 2-Port Splitter
  • FOXBORO AD908JQ High-Frequency Module
  • FOXBORO AD916CC Processor module
  • Foxboro DCS FBM206 Pulse Input Module
  • FOXBORO FBM216 HART® Communication Redundant Input Interface Module
  • Foxboro p0903nu 1×8 unit sub-component module
  • Foxboro P0911SM Industrial control module
  • Foxboro CM902WM I/O module
  • Foxboro CM902WL Power module