Insta

Many critical systems in society and businesses are based on automation and information technology. Digitalization means that production environments are very rarely islands with no connections from the outside. The increased shift toward remote connections and cloud services in service and maintenance, for example, is bringing operational technology (OT) and information technology (IT) closer together. In addition, digitalization often involves increased system complexity.

From a cyber security point of view, this extends the attack surface. Attacking production systems used to require special expertise; now, however, an attack against an IT system can jeopardize the operability of production environments and the supply capacity of a factory, for example. Cyber disturbances can also cause security risks in production that may even endanger lives.

For production systems, the most important aspect to protect is the functionality of the organization or society, not necessarily the data itself. Therefore, OT systems are particularly attractive targets, especially for government actors. Cyber security has become a highly relevant topic because of the geopolitical situation as the functionality of critical infrastructure directly affects the functional capacity and well-being of individuals. Finland is very dependent on power supply and functional logistics, among other things. In a connected society, there is also strong dependency between the different sectors. This all makes cybercrime one of the biggest future threats.

The IoT, digitalization, and consolidation of the IT/OT environments are bound to cause risks regarding production systems. In order for the benefits to outweigh the risks, the cyber defence capabilities of production systems need to be improved. However, managing cyber security requires resources, such as personnel, expertise, and funding. For this reason, it often makes sense for organizations to focus on their core competence and outsource the cyber security services – at least in part.

Insta provides services that meet the needs of organizations in the areas of energy generation, water supply, and healthcare as well as in the food and defence sectors. When our cyber security specialists join forces with our experts in secure digitalization and electrical automation, the customer benefits from an exceptionally wide set of competencies for managing cyber security in an OT environment. Our services ensure, for their part, the security of organizations’ ICT systems and critical system updates.

Partnering with Insta ensures that the customer gains flexible access to experienced experts, up-to-date knowledge, and reliable partner networks. For us, observation, data collection, proactivity, and protection against attacks are everyday business. – Ensuring the security and functional reliability of critical systems enables us to support the continuity of businesses and society. We are also helping our customers to develop their business, since protected systems allow for data to be refined and safely utilized in activity management and quality improvement, for instance.

1. Manage and understand your equipment

It is difficult to organize cyber defence if you are not aware of all the devices and applications in your environment. Determine the version information for the devices in your OT environment (including switches and servers) in order to implement the necessary updates.

2. Define the operating models and assign the responsibilities related to cyber security

The principles of operations should support cyber security. This means, for example, that change management should be standardized. The organization needs operating models for responding to suspicious events. If a new device is detected in the operating environment, does this indicate controlled change or something that an attacker is doing? Who should investigate the suspicious event and how is the observation processed?

3. Consider your partners as well

Make sure that your partners are operating at a high level of information security. Take note of the equipment they are introducing into your environment (such as USB sticks, switches, and personal workstations). Ensure that any remote connections are implemented securely and that logging in to systems is carried out using personal credentials.

By Mikko Salonen, Chief Cyber Security Architect, Insta

Insta is one of the leading cyber security service providers in Finland. We offer cyber security services, from consulting to cyber defence, and from network security to secure digital identity. Our services and products are trusted by large companies and public sector organizations both domestically and worldwide. In addition to cyber security, Insta Group is an expert in industrial automation, secure digitalization and defence technologies, employing more than 1,100 experts.

https://www.insta.fi/cybersecurity