Co- authored by: Amit Kumar Pawar
No nation on Earth has been spared the tragedy of COVID-19. With nearly 2.5 million cases and over 171,000 deaths, more than 185 countries are struggling to cope with this pandemic. It is a truly unprecedented humanitarian crisis. The consequences of which have destabilized economies and disrupted the lives of billions. However, while most people have been working overtime to cope and mitigate its harm, there are others who are actively using it as an opportunity to wreck chaos.
Since the emergence of COVID-19 as a global pandemic, the world has witnessed a rising rate of cyber-attacks. In fact, in just one month, the number of cyber-attacks against the WHO doubled, with more than 2,000 malicious websites being launched every day. Soon after, the victims of cyber-attacks began to include hospitals and vaccine research facilities. And amongst all this chaos, we also observed that malicious threat actors began targeting industrial infrastructure—a grave threat during a time of crisis.
Managing Remote Working for Industrial Operations
Just like most other organizations and businesses, the industrial sector also had to make significant adjustments to ensure the health and safety of their workers. Following the advisories issued by WHO and other agencies, these companies have adopted social distancing practices and migrated to remote working setups. Unfortunately, unlike other workforces, industrial manufacturing workers face very particular challenges when working remotely.
Industrial sector operates in a unique IT setup, mainly due to their heavy use of connected devices with Internet of Things (IoT) and Industrial Control Systems (ICS). These technologies are used in manufacturing plants to optimize operations and enhance productivity. While older network systems were unconnected from external networks such as the internet, that is no longer the case. As these systems have become exposed to external networks, they have also attracted the attention of malicious threats.
The need for workers to stay connected with manufacturing plants is a critical component of ensuring business continuity. This means that with more and more workers operating remotely during the crisis, the vulnerability landscape for manufacturing plant ICS and IoT systems has exploded. Every remote worker’s personal devices, network routers, and other technology, can now act as a doorway for outside threats to breach these facilities.
This exposure endangers the enterprise in several ways, such as risking data protection, falling prey to ransomware, phishing attacks, malware deployment, and much more. Today, more than ever, manufacturing and industrial businesses need advanced OT security to cope with the threat. But OT security is not just about firewalling systems, rather the need is far more holistic, from rapid threat detection to threat insights and from securing remote access to implementing new security protocols for IoT/ICS. These are the areas that HCL is striving to provide protection against cybersecurity attacks.
Adopting a 360-degree Cybersecurity Solution
HCL is committed to ensuring that businesses can ensure business continuity and security without compromising the protection of their customers and workers. With more than 20 years of security and engineering experience across more than 350 proven partnerships with Fortune 500 companies, we understand the unique needs of industrial operations.
HCL’s 360° SecureOT approach addresses the key concerns of a hyper connected enterprise faced with the security challenges of remote access. Our OT solutions integrates aspects unique to OT security, such as asset and vulnerability management, access and identity management, incident monitoring, patch management, third-party risk assessment, risk reporting and operational metric review, and much more.
To accomplish this in a streamlined and efficient manner, HCL has consolidated a suite of solutions and services that address the core concerns of the industrial operations within a remote work model. HCL’s expertise in OT security, combined with our proven capabilities in strategy, governance, and digital transformation, allow us to help enterprises make the changes needed for their peace of mind. Our suite of services is uniquely qualified in helping organizations make the seamless transition to remote work by easing the associated cyber security concerns. Our OT cyber security solutions and service offerings framework allow us to assist our customers with:
- Secure Remote Access Implementation and Monitoring: We offer a secure remote access solution that utilizes a zero-trust strategy. This means that enterprises can rest assured that only authorized users are given access to the applications they’re credentialed for, separated from any industrial or production network.
- Enact OT/IoT Asset Discovery: HCL also works to make sure that every potential and active threat is tracked, monitored, detected, and addressed. We offer a deep insight into the cyber visibility of all OT and IoT systems to ensure that standard OT/ ICS systems aren’t compromised.
- Deploy Application Whitelisting at your Industrial Operations: With HCL, organizations can implement resilient cyber security controls that allow them to limit and monitor access to the Internet as well as to the applications in the manufacturing plant. This also includes the ability to execute quick rollouts that address and manage the organization’s application whitelisting requirements.
- External Industrial Threat Intelligence Service: HCL also offers organizations access to a wide array of data-driven insights for proactive threat mitigation. We’re able to help organizations evaluate external threats to their Industrial Control Systems by leveraging the power of data analytics. We also share evaluated IOCs with companies that can help their OT security teams to block any potential threat vectors.
- Cybersecurity Training and Awareness Sessions for OT/ ICS Engineers: HCL’s value addition is not only focused on strengthening the systems of an organization, but also their people. Our consulting services help organizations with cybersecurity training and educate their workers on a myriad of digital risks to adopt the best practices for secure behavior when engaging with any Industrial Control Systems.
- Quick Cybersecurity Assessment and Review OT/ ICS environment: The core of our security recommendations and solutions are highly personalized to the specific needs and environment of each organization. We conduct workshops and implement simple and quick questionnaire-based assessments of the controls and operational practices for our partners. With this first-hand information, we determine each customer’s unique OT Cyber Security posture and offer them the right fit of high-level strategic and tactical recommendations.
There is no denying the fact that the COVID-19 pandemic has fundamentally altered the world in ways we are yet to fully comprehend. Perhaps, in a few months, the world will revert to some sense of normalcy. Businesses will open, supply chains resume, and workers will return to the offices, but until that happens, organizations have a responsibility to their employees and customers to ensure that they remain viable.
In fact, at this time, more than any other, organizations must excel even more to compensate for the disruption. As such, manufacturing and industrial enterprises need to seek out OT solutions that not only secure them today, but secure them for the uncertain future as well.