In the past two months, I’ve attended various conferences, including the Smart Grid and SCADA Cybersecurity event in London, where experts discussed the protection of critical infrastructure, more specifically, the electricity, gas and water distribution systems, as well as transportation and emerging smart city grids. Protecting these is paramount to avoid the socio-economical impact of a cyber attack on those grids.
What are some of the fundamental challenges?
One standard that emerges across all these discussions as a "must-deploy" best practice is IEC 62443 (formerly known as ISA99). This standard prescribes a clear definition of zones and conduits (what traditional enterprise IT would refer to as "network segmentation") to establish better control over access and security within ICS and SCADA networks.
Our approach to network segmentation and traffic control enables you to rapidly deploy the above standard guidelines without disruption to your day-to-day operations. Here are recommendations on how to apply Palo Alto Networks to further secure your environment:
Nos. 1-3 will drastically reduce the scope of your security challenge while providing you complete visibility into which application, user and content is on your network. No. 4 will ensure that any targeted cyber attack gets detected immediately and that its propagation within your environment is automatically stopped.
At Palo Alto Networks, we often refer to the above model as network segmentation based on a zero-trust approach.
If you’re interested in learning more about our approach to cybersecurity for SCADA systems and ICS, visit our web page dedicated to this topic.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.