Why cyber security is no longer just a CEO concern?
Cyber security threats can be a nightmare for executives. Special-purpose test systems can control key actions today. Cyber security threats to these test systems can have a significant impact on an organization’s reputation and revenue, so it is reasonable to take steps to reduce that business risk. But it is very important to account for the ways that test systems differ from traditional IT systems.
Test Systems Getting Cyber-Security Features
Test equipment used to be exempt from most IT protocol, but executive leadership changed this policy as they could no longer tolerate the cyber security risks of unmonitored network devices.
The trend of applying cyber security practices to test systems makes sense for several reasons, most notably the increased cyber-security incidents that exploit unmonitored network devices. The second reason this trend makes sense is that security practices and technology for general-purpose IT systems are more mature. However, this trend does not make sense categorically for at least two reasons. Primarily, IT-enabled test systems are less tolerant of even small configuration changes. Users of IT systems can tolerate downtime and may not even perceive application performance differences, but special-purpose test systems (especially those used in production) often cannot tolerate them. Second, test systems often have security needs that are unique. They typically run specialized test software not used on other organization computers, and they are equipped with special-purpose peripherals unaddressed by standard IT security technologies.
What You Can Do
The preferred approach for security test equipment involves two key components. First, use data to inform what IT security measures you adopt for your test system and how extensively you apply them. Second, supplement those IT security measures with test-system-specific security features so that you address unique risks. This fills in the remaining gaps that standard IT security practices can’t address. You can reference the annual Verizon Data Breach Investigations Report (DBIR) as a source of data. Verizon analyzes the data collected about the prior calendar year’s disclosed cyber-security breaches in this report. The second key component involves making use of vendor-specific security features. For example, given how crucial calibration data, test parameters, and test sequences are to maintaining test quality, you can use technologies such as file integrity monitoring and calibration integrity features that are specifically configured for your test system and its components.
Growing Attention to the Insider Threat
The Edward Snowden leak of volumes of classified surveillance data from the National Security Agency is the most likely cause of increased attention to the insider threat. His actions have resulted in an estimated $22 to $35 billion in economic losses to the US technology industry because of the resulting distrust in US technology. But it isn’t the first case of insider threat.
The key issues in this area are multifaceted and are still a significant research topic. The issues include attentiveness to anyone who has access to critical test systems, regardless of their status as employees or contractors. Solutions typically involve a significant degree of behavioral monitoring, which can negatively affect the interpersonal trust needed for operational efficiency.
What You Can Do
Except for high-criticality systems, addressing the insider threat is best done after you have tackled the basics described in the previous trends. Those other trends speak to the most probable ways that your test systems can be compromised.
For high-criticality systems, however, address the insider threat as early in the design process as possible. After you have identified the most sensitive or mission-critical aspects of the system, design a privelege management solution that separates the duties into at least two roles that no single individual can hold, and prevent any attempts to assign both duties to a single role.
Supply Chain Compromise
News of malicious software (malware) that targeted industrial control systems came with a surprise in 2014. This was not the work of hackers remotely penetrating the defenses of a particular factory or of covert operatives installing malware at a refinery. Instead, the malware had been installed through vendor software that contained a trojan.
No aspect of a product is immune to a supply-chain compromise. Any installer, even for seemingly insignificant plugins or add-ons, can be compromised. You must understand the trade-offs between supplier diversity and standardization in addressing cyber-security risk. Diversification has the advantage of reducing the risk of system-wide compromise because of the compromise of one supplier’s component, but this advantage is often outweighed by the sustainability costs for training staff on multiple types of equipment and managing all the supplier relationships.
What You Can Do
Standardization has so many cost benefits that it is difficult to justify supplier diversity except in high-risk scenarios. The most feasible approach involves supplier standardization where an evaluation of the supplier’s supply-chain security is a significant part of the decision criteria.
Most already have suppliers on which they have standardized. In this case, both you and the supplier have a vested interest in maintaining the relationship. The most important thing you can do to address supply-chain security is talk with your suppliers. Ask them about their supply chain and what they do to protect the integrity of their products throughout their development, manufacturing, and order fulfillment processes. Your insights into any weaknesses in their processes can help to reduce your risk of supply-chain compromise and help your suppliers shore up their security. Without that dialog, both sides are subject to making uninformed decisions.
Addressing the cyber-security needs of a test system is complex. It can either get bogged down in an infinite number of potential security risks or never get started because it seems overwhelming. Realistically, perfect security is unachievable because every solution can theoretically be compromised given enough resources and time. Instead of either extreme, start by prioritizing issues based on realistic scenarios and address the most import issues first, applying commonsense along the way.