Technical installations of SMEs susceptible to cybercrime

Organizations that supply water, electricity or energy, for example, usually have their cyber security in order. They increasingly demand from their suppliers that the delivered systems or instrumentation are cyber secure. Not only the systems, but also the organizations themselves must be well secured. ‘This is not always the case with SMEs’, says Marcel Jutte, managing director of Hudson Cybertec, specialized in cyber security for technical environments.

High degree of automation

technische-installatie-mkb

‘The complexity and degree of automation in technical installations increases constantly, which results in organizations that are increasingly dependent on their technical systems. Developments such as Internet of Things and LoRa increase the exposure to cyber threats. More and more large organizations – for example from the oil and gas sector – are aware of cyber security and the complexity of Internet of Things. Because of this, they not only ensure their own organization is properly secured but also start to impose demands on their suppliers. The organizations screen their suppliers by means of a scan or assessment. They can then determine whether the instrumentation or systems they implement in their assets are sufficiently protected against cybercrime ‘, says Marcel Jutte. With such a security scan, the cyber resilience according to IEC 62443, the globally accepted standard for IACS cyber security, is reviewed. ‘We examine to what extent the three pillars of cyber security – people, process and technology – are on par with the IEC 62443. Are employees aware of the issues and potential risks? What level of education do the employees have? (people) Are all technical installations cyber secure? What else needs to be done to mitigate the risks as much as possible? (technology) Which procedures, protocols and policy measures have been created and are they complied with? (process)? Based on a questionnaire and its answers, it is possible to estimate the potential risk and offer tailor-made training courses.’ The rising trend that organizations expect a certain level of cyber security from their suppliers is evident in the tenders available on the market. In these tenders cyber security is increasingly concretely named. ‘Purchasing departments increasingly clearly specify which requirements need to be met in the fields of OT (operational technology) and IT. This will also gradually involve SMEs. Perhaps not immediately, but it will happen.’

Source: ‘PT Industrieel Management (edition 7/8), September 2018’

In the spotlight

Monitoring your OT environment is essential. You know what is happening on your network and see to what extent you are compliant with various cyber security standards and laws and regulations.

IEC 62443 Standard

The IEC 62443 standard offers your organization tools to improve the digital security and safety of your IACS environment. Implementation of the standard improves the cybersecurity level of your organization's OT / ICS / SCADA environment.

The IEC 62443 is the international cybersecurity standards framework for operational technology (OT). The framework consists of a collection of standards, technical reports and related information for securing Industrial Automation and Control Systems (IACS).

read more

Hudson Cybertec’s IEC 62443 Competence Center has extensive experience with this standard. We play an active role in the development of the standard, actively promote it internationally and have developed a training program around the IEC 62443.

read more

It is becoming increasingly important for organizations to be able to demonstrate that the digital security of the OT environment is in accordance with standards frameworks. It is therefore possible to certify (parts of) your IACS environment according to IEC 62443.

read more

If you want to know more about this standard and need training on how to apply it within your own organization or at your clients, Hudson Cybertec has a number of very interesting training courses for you.

read more

The IEC 62443 standard provides organizations with tools to improve the digital security and safety of OT / ICS / SCADA environments.

read more

How digitally safe is your organization?

Curious about the possibilities? Please contact us!

Contact us

Newsletter

Sign up for our newsletter. We will keep you posted on the latest developments in our cybersecurity services.

  • This field is for validation purposes and should be left unchanged.