top of page
  • Writer's pictureDragoon Security Group

Information Security on the Factory Floor

Information Security is typically associated with the corporate office, with its role in an industrial environment often overlooked.

In many cases, industrial systems qualify as DHS Critical Infrastructure, sectors include chemicals, communications, dams, energy, food and agriculture, manufacturing, nuclear, and water systems.

SCADA networks and Industrial Control Systems are experiencing an increasingly higher rate of attacks, with half of these environments believed to have experienced some level of disruption by malicious threat actors.

Poor security maturity is most often the result of legacy infrastructure that is no longer supported, typically equipment running on systems with an unsupported OS such as Windows XP. These systems are vulnerable to attacks if they are in anyway, directly or indirectly, connected to the Internet or by compromised removable media.

Investing in an updated software license for industrial equipment can aid in preventing at-risk system compromise and reduce larger financial impacts. Compromised industrial equipment also creates a safety risk for employees.

Secondary issues are a lack of segregation between the corporate and industrial infrastructure. An unsegmented network means malware introduced by accounting can disrupt floor operations.

Asco, Maersk, Mondelez, and Norsk Hydro are some of the larger companies who have suffered from significant attacks despite having the resources to proactively protect themselves.

As Industry 4.0 gains traction, those advantages bring increased risk of attack.

It’s time to protect both the IT and the OT side of your organization. Industrial systems should be prioritized based on their criticality to business operations.

Most executives are surprised to see the disparity between the level of protection the receptionist receives over their critical business systems.

27 views0 comments

Recent Posts

See All

Small Town But Not Too Small To Fail

After a chaotic summer of coordinated ransomware attacks against municipal governments, resulting in disruption of critical services to citizens, some refreshing news from Rhode Island of a small town

60 Minutes on Ransomware

While I’m glad this issue is gaining national attention, this piece was very defeatist. Companies wouldn’t accept a thief walking in and taking tens of thousands of dollars from the register. Yet beca


Post: Blog2_Post
bottom of page