Cyber security for critical infrastructure [podcast]
Owl Cyber Defense discusses data diodes and other strategies
Cybersecurity devices to combat ongoing threats in the Middle East
This article originally appeared on Oil & Gas IQ
Oil & Gas IQ is proud to work with our partners for the upcoming World Digital Refineries Congress in Kuwait, Owl Cyber Defense. The team at Owl have been working with passion, diligence, and experience to develop the best in new data diode cybersecurity products.
With oil and gas production so important to the global economy, the industry often falls victim to cyber attacks — one of the most high-profile examples being the infamous Stuxnet worm discovered ten years ago. Owl Cyber Defense is committed to combating such disruption, and protecting the industry from physical and digital damage.
The Congress will bring together business leaders, consultants, directors, and heads from data management, research and technology, operations, telecommunications, and automation (amongst others) to discuss futuristic strategy in our digitally-shifting marketplace. Through working alongside the team at Oil & Gas IQ, Owl are confident that attendees will understand how committed their organization is to securing upstream assets, defending from external attacker, and enabling safe transfer of data through an understanding of malicious software.
Since 1999, Owl has supported the US intelligence, military, and government communities, critical infrastructure, and commercial enterprises, and has pushed for continual advancement to protect networks around the globe.
'In a world of cyber threats, they are able to provide valuable information to authorized users and applications on demand.'
Owl Cyber Defense is committed to embracing smart new technologies, and building solutions as part of cyber-resilient strategies in businesses across the Middle East and the rest of the world. In our podcast, we speak with a senior member of the Owl team about their latest cybersecurity device.
If you enjoy listening to this interview with Owl Cyber Security's Scott Coleman, you can find out more about the World Digital Refineries Congress, here.
Full Interview Text
The following interview with Scott Coleman, Director of Marketing and Product Management at Owl Cyber Defence, features questions posed by Richard de Silva, Managing Editor at Oil & Gas IQ.
Richard de Silva: Scott – how serious is the cyber threat to Middle Eastern infrastructure at this time? It seems the actors are becoming increasingly sophisticated.
Scott Coleman: Unfortunately, cyber breaches are in the news just about every day. This doesn’t come as a surprise since bad actors are constantly probing any facility attached to the Internet. While there are some exotic cyber attack stories, for many of those that do end up in the news, they probably haven’t fully embraced some of the basic concepts of defense in depth and segmentation.
Best practices dictate using multiple layers of defense (edge defense, intrusion detection, etc.) and physically separating or segmenting the network to prevent easy access to all digital assets after a single intrusion. By breaking up the network into different defensive zones, a breach in one area doesn’t result in a breach in another.
RDS: Generally speaking, where do these best practices originate and how effective are they?
SC: Best practices come from a number of sources but one very reliable source is the US Department of Homeland Security. They published a whitepaper on seven strategies for defending industrial control systems. These strategies include the basics, such as: whitelisting, keeping up with software patches and upgrades, limiting threat vectors, creating a defendable environment, maintaining secure remote access, network monitoring, and managing authentication of users, most of which prevent breaches from ever happening rather than detecting them after the fact.
For more information on Owl's solutions in cybersecurity, visit their website.
The DHS concluded that 98 per cent of breaches reported to them over a period of years would have been mitigated if these basic controls had been in place and followed. Many times it isn’t some hot new technology that can prevent a breach, but the basics of cyber defense.
RDS: Practices, of course, only work to a point. Owner-operators still require the right technology in place. What’s actually working these days when it comes to securing industrial control systems?
SC: Three of the DHS strategies include the deployment, where possible, of one-way only data transfers via data diodes.
'Data diodes provide a hardware-enforced cyber defense solution that allows data to be shared across network segments without the possibility of bad actors penetrating the segments they are protecting.'
You can imagine how a data diode works by thinking about data being transferred across a network boundary by passing through a single LED shining light across a fiber optic cable to a photoreceiver on the other side. The reason this acts as a defensive device is that on the side where the photoreceiver is there is no LED to shine light back through the fiber optic cable, and there is no photoreceiver to receive the light.
By design, there is absolutely no way for a bad actor to get through a data diode into the protected network.
RDS: This seems to play into the wider strategic concept of layered security. How versatile are data diodes and what should those looking to invest in them consider when making their procurement decision?
SC: Data diodes have been deployed in government networks for over two decades, and in critical infrastructure for over one decade.
'They are used in oil and gas, petrochemicals, water and wastewater including desalination plants, pipelines, transportation, power generation, transmission and distribution, financial services, renewable energy farms, and many other markets.'
Cybersecurity professionals looking to improve cybersecurity using data diodes need to consider how to segment their networks, the type of data they need to transfer (OPC, MODBUS, historians, databases, syslog files, Splunk, etc.), the transport layer (TCP, UDP, FTP), latency requirements, and the bandwidth required to move the data. This will determine the capacity a data diode solution needs to provide and any software applications needed to support the different data types.
The ability to increase bandwidth licenses over time to accommodate future growth should be considered along with the ability to support multiple protocols and multiple data streams simultaneously.
See also: Owl Cyber Defense's data diodes explained.
Finally, the number of physical hardware devices needed to support the required data streams and any redundancy/failover needs should be included when evaluating different platforms.
Optimally, a single box (1U 19” rackmount or DIN rail form factor), with the ability to increase bandwidth when needed and support multiple data flows and protocol types simultaneously, provides the most flexible and lowest total cost of ownership over the life of the product.
RDS: How can people find out more about this technology or indeed the general strategies surrounding cyber protection for CNI?
SC: On our website, we have a Resource Library which contains a number of cases, white papers, and ebooks that discuss how data diodes are used and the features they contain. You can also find the DHS's Seven Strategies white paper I referenced earlier, along with other resource materials.
We have a local regional presence providing sales, installation, training, support, and maintenance services; which can also support product evaluations, on-site demonstrations, and proof of concept trials.
'We will also be exhibiting at the show where we will be demonstrating products live and answering any questions that people may have.'
RDS: Thanks for talking with us, Scott.
If you have enjoyed reading this interview with Owl Cyber Security's Scott Coleman, why not book tickets for the World Digital Refineries Congress?