Blog written by Gary Miles, Senior Cyber Consultant at Arcanum.
In the world of Industrial Control Systems (ICS) or Operational Technology (OT), a lot of consideration is given to implementing the best technological controls available to mitigate cybersecurity risks, but in many organisations recognising and addressing the more traditional physical security aspects are often a secondary consideration.
This blog aims to discuss physical security and the importance of appropriate physical controls in tandem with technology and established, effective policies and procedures allowing you to mitigate risks to ICS/OT in a more holistic way.
Physical Security – Why is it important?
When you think of a malicious individual or group trying to access your business assets, to extort money, cause damage or disruption to a business, you most likely think of someone on the other end of an Internet connection, using complicated hacking tools and techniques. This is certainly not unrealistic; however, malicious activity can also come in the form of someone physically walking into your work facility and accessing the business-critical assets directly.
The outcome of a success in either of these scenarios is likely to be the exactly the same – Processes being disrupted, financial impact due to loss of productivity, possible regulatory impacts dependent on the rules applicable in your sector.
Defence in Depth – Outside-in Approach
The concept of this principle is to put numerous controls in a layered approach to make it as difficult as you can for attackers to get to all the way through to your most critical and valuable assets. This not only makes your business less appealing to casual attackers, but also can increase your opportunity to detect and neutralise a more serious threat before it reaches its end state and succeeds.
To be really effective defence in depth should take an “outside-in” approach, starting with the physical security perimeter, and working all the way through to your ICS/OT assets.
Each security barrier or alerting function that an attacker would have to get past should be reviewed and assessed on its effectiveness at deterring or obstructing the attacker. Does the perimeter fence have any gaps? Does your monitored CCTV/OCTV cover all access points or are there blind spots? Are all external doors to the plant floor access controlled during work hours and then securely locked and alarmed (with a response), or are they just being left open?
This whole-picture approach provides a much more comprehensive security mitigation for your system, than technical controls alone.
How Can Arcanum Help?
At Arcanum, our OT teams are experienced in implementing and assessing all aspects of security and can offer your organisation independent, vendor-agnostic advice that is tailored to your specific business needs while providing the highest level of risk reduction possible in your situation, without impacting normal business functions.
call: 02922 784452
Upcoming Webinar: What is ISA / IEC 62443?
If you’re interested in knowing more about ISA/IEC 62443 and how it contributes to Industrial Cyber Security by helping to secure OT, register your place on our upcoming webinar!
On January 16th 2024, Arcanum are running a FREE webinar that will demystify ISA/IEC 62443, the international standard for industrial control system (ICS) security.