In a nutshell…
Industrial cybersecurity is defined as the protection of industrial infrastructure systems.
Controlling physical installations, industrial systems must be analyzed, monitored and protected to avoid any attack or threat. These attacks can damage production, financial and human costs but also corproate identity.
Risks / threats
Increasingly unprotected industrial systems can be the target of severe attacks and disrupt the operation of installations.
According to the French National Agency for the Security of Information Systems (ANSSI), industrial cybersecurity attacks can be diverse :
- Targeted attacks: with a purpose, generated by people to reach or cause disasters in a structure.
- Challenge’s attacks: the aim is to prove the possibility of attacking an industrial system.
- Non-targeted attacks: the objective is to reach a large number of people with serious consequences: viruses, spam.
The sectors concerned by industrial cybersecurity are diverse: production units and chains, water and energy distribution units, road and rail infrastructures.
Cyber security must be seen as security. It’s special, but in the industrial world the proper functioning is the goal. For example data, which is to a large extent an essential asset to be protected in IT, is no longer in OT the purpose: they are subordinate to the proper functioning.
Furthermore, industrial cyber security is a new process in its own right, but one that follows a fairly simple work-flow on which all the reference systems converge: taking stock of the situation, analysing risks, implementing security measures in proportion to the risks, and monitoring and tracking security. Cybelius solutions present this continuity to ensure not only the initialization of the process, but also its efficiency in security throughout the life of the equipment and the evolutions of the domain.