Surprise: Your Control Network is Connected to the Internet

That Awkward Moment

It happens daily.

A company is investigating a cyber security breach. Word of the breach gets out and suddenly their brand, reputation and trade secrets are all at stake.

It’s a really awkward moment and a PR nightmare. I read the quotes and calming explanations from communications executives that despite the breach often say — don’t worry — our systems are not connected to the Internet or any external network. Are they sure? How sure?

When we test cyber vulnerabilities at some of the biggest manufacturing and energy companies and water utilities, it’s surprising how many internet and external connections exist that top security leaders didn’t know about. We start the assessment and within seconds the room is silent.

Surprise, your control network is connected to the Internet.

Getting on the Same Operational Page

Part of the solution is making sure all members of your team are on the same page.

In many cases all your cyber security planning has secured the information technology (IT) side, while at the same time your oper­ational technology (OT) is left wide open and it’s a dangerous gap.

According to the HIS technology report, “Industrial IoT 2014,” less than half of Internet-connected devices are above the firewall. More than half are actually below it– in the operation­al technology (OT) underbelly.

Imagine a house with a bolted front door and a state-of-the-art home security system out front. It may seem secure, but the back window is wide open.

Your cyber security plan is no different. Ignoring operational technology cyber security is like leaving the back window or door wide open.

Corporate IT is significant and needs to be protected. It’s your emails, financials, documents and passwords. Protecting this sensitive information is imperative.

OT is a whole different level.

Operational technology is the hardware and software used to control all your industrial processes. These are the critical systems that clean water, make food and produce energy. If they’re attacked, the results can be dangerous and lead to power outages, environmental damage and even loss of life.

While spending for IT protection has increased, OT spending is often secondary, creating huge vulnerabilities.control network connected internet

In the past, OT systems were separate from IT but as interconnectivity spreads they’re becoming increasingly integrated.

OT can now be reached through IT and it’s becoming more susceptible to network attacks.

Not long ago, hackers caused major damage at a steel mill in Germany. They came in through the IT side, but after stealing logins through email were able to access the mill’s control systems. Now that hackers were on the operational technology (OT) side, the IT protection in place was no longer helping.

This led to parts of the plant failing, causing a furnace blast and significant damage.

Specialized software created by the hackers was used to oversee and administer the plant.

In the aftermath, software developers and digital analysts said they “didn’t expect a nuclear power plant or steel plant to be connected to the Internet.”

Depending on who you’ve hired to run security, they may fall on the IT side, OT side or somewhere in between. It’s imperative they know the operational technology side as well.

Knowing the tools and systems on the operational side takes a very special skillset.

The nature of devices on the OT network are different than those commonly found on IT networks. We’re talking about PLCs, RTUs, SCADA servers, Historian servers, data concentrators, etc.

Some legacy PLCs are equipped with built-in webservers. As a result, it’s important for us to understand not just what is on your OT network, but also how it’s behaving. Using “active” monitoring devices on an OT network can not only disrupt communication timing, but can lock up OT devices like PLCs.

In some cases, you may want to organize the OT network so that only a select set of devices can communicate to other sets of devices.

A key takeaway from a recent Department of Homeland Security conference on cyber security for op­erational technology ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) was to first take inventory of all your connected devices digitally (or manually) to trace every connection.control network connected internet

This directive is for public/government utilities, private manufacturing and energy companies. Home­land Security advises mapping all the devices to determine where you currently have undocumented connections and to understand your overall risk.

A digital inventory is recommended as long as it is passive and does not actively ping or ask the OT devices for information.

Big Things are at Stake

The rapid growth of the Industrial Internet of Things (IIoT) is changing the game on all of this. As billions of sensors are being shipped that incorporate IIoT technology, knowing what is on your OT network is critically important.

Given the high likelihood that your OT network will grow, you might want to ask your team:

Are you truly confident that you know everything that’s plugged in or connected wirelessly to everything else on the network? How often have you or someone on your team traced every run from switch to device either manually or digitally?

Big things are at stake, so it’s important to be honest as you answer those questions.

Take The Cyber Challenge

Nobody has all the answers, but you can gain valuable insight into your own operations and strategies.

The cyber challenge is designed to pose important, valuable questions to your cyber strategy. You’ll find out just how much you currently know and don’t know about your own system.

Take our new Industrial Internet Cyber Security quiz and share the results with your team. Who had the best scores?

Take the Challenge

 

Gray Matter Systems’ Brian Courtney Right at Home on Innovation Drive

When someone new arrives at a company, they often take a few months to settle in, meet the team members and adjust to the new environment. But not in Brian Courtney’s case.

The MIT graduate jumped right in and started building and working with his hands at Gray Matter’s headquarters on Innovation Drive just outside of Pittsburgh. Brian has been sawing, gluing and piecing pipes together for an innovative, exclusive Gray Matter project since Day One.

Brian is the new Vice President of Development and Managed Services at Gray Matter Systems and he’s a true innovator. It shows in every conversation you have with him.

I believe there are many different styles of innovation. One of them happens to be a tinkerer,” said Brian. “I get excited about learning– a little here and a little there until it suddenly comes together in your head.

The new leadership position is a key part of Gray Matter’s recent growth. Brian will focus on building software solutions to reduce cost and increase efficiencies in manufacturing, water and energy.

Brian will help companies use analytics to determine early signs of failure before they have major equipment problems.

“Unfortunately, failures happen during the worst possible times. Machine learning helps us identify failure before something majorly goes wrong,” said Brian. “Part of my role at Gray Matter is helping companies get ahead with predictive analytics.”

Developing and building are in his blood. Brian comes from GE where he held many roles including leading a data visualization team. His team won several awards for innovation and filed for 26 patents.

“My job was to drive the team to ideate and think innovatively,” said Brian.

Brian also attributes his deep technology background and business acumen with giving him a good sense of solutions that will work the best for customers. He graduated with a computer science degree from the University of Massachusetts Lowell and got his MBA from MIT.

Brian said that the Industrial Internet of Things is already flipping the way the business world works. With massive amounts of data to maintain and analyze, customers expect connectivity and information on everything they’re running. This is turning more businesses into customer-facing operations than in the past when information was just an internal focus.

Small and medium-sized companies alike are giving the biggest ones ideas on how to journey through the transition.

A self-professed tinkering jack-of-all-trades, Brian likes to break things. He’d rather learn from failure to figure out what went wrong and how knowing about it sooner would have prevented that failure.

I think Edison said it best when he said he simply found 10,000 ways to not make a light bulb,” said Brian. “I believe people learn from their mistakes instead of their successes.

Look for Brian Courtney’s next innovation in the coming months at Gray Matter Systems. For now—here’s a behind-the-scenes look as Brian tests a water system he just built on Innovation Drive:

Brian Courtney on Innovation Drive from Gray Matter Systems on Vimeo.

CIO Survey Reveals Challenges, Opportunities and Potential of Industrial Big Data

Guest post by Jeremiah Stone, GM of Asset Performance Management at GE Digital. 

Bit Stew Systems recently commissioned a survey by IDG Research of senior IT executives to better understand how organizations are being impacted by the Industrial Internet of Things (IIoT) – the steps being taken to prepare for it, the potential benefits the IIoT offers, and the challenges encountered along the way.

Jeremiah Stone, General Manager of Asset Performance Management, at GE Digital, shares his insights on how the research findings match up with his experience at GE.

Industrial companies are in the midst of an exciting and transformational digital journey. At the heart of this transformation is the power of real-time and predictive data analytics to unlock new sources of value. However, challenges of big data, unique to the Industrial world, and the threat of digital disruption and changing workforce dynamics are real.

In order to maximize the fast-moving technology wave of the Industrial Internet, companies need to think strategically about the foundational elements of their data architecture, starting with industrial data management.

Abundant Data by Itself Solves Nothing
Despite the promise of big data, industrial enterprises are struggling to maximize its value. Why? Abundant data by itself solves nothing. Its unstructured nature, sheer volume, and variety exceed human capacity and traditional tools to organize it efficiently and at a cost which supports return on investment requirements. Inherent challenges tied to evolution and integration of industrial information and operational technology, make it difficult to glean intelligence from operational data, compromising projects underway and promise for further investment and value.

Research Confirms Data Integration is Slowing IIoT Adoption
We have seen first-hand, how data integration has challenged IT and OT teams for decades. The advent of IIoT adoption is compounding the problem. The insights from the IDG survey match up well with our experience. Senior IT executives are echoing the sentiment that data integration is the #1 barrier inhibiting IIoT adoption in their organizations. 64% of senior IT executives surveyed said that integrating data from disparate sources/formats and extracting business value from that data is the single biggest challenge of big data. As we go forward, driving technology advances and best practices to integrate disparate data sets is critical.

Lack of Preparedness will Cost your Business
According to the survey, senior IT executives are saying the biggest risk of not having an IIoT strategy in place is losing valuable data insights which can significantly cost their business. 87% state the most concerning risks of not have a data management strategy is they will be overwhelmed by the volume and veracity of data being generated, and they will lose valuable business insights as a result. In addition, 33% say they are afraid that businesses that don’t adopt a data management strategy will become marginalized, obsolete or disappear.

Finding a Better Way: Maximizing Value from Machines and Enterprise Data
At GE, we are experiencing first-hand a better way—a better way to manage industrial big data that triggers insights. We are in the early stages of a long journey
of discovery and invention, taking a longer-term view to strategic data management and its technologies that translate to business advantage. Our businesses, customers, and partners are committing their business success by transforming to become data-driven businesses. At GE Digital, we are investing in our capabilities and the ecosystem to deliver the right solution to help them get there.

To extract meaning and value from industrial data, new systems are required to handle the challenges posed by the volume, velocity and variety of these data sets. Many industrial companies have already started their digital journeys towards Industrial Internet maturity. Technologies including automated integration and empirical data model management, machine learning and physics-based analytics, that we have been deploying for our customers, are
now seeing double-digit performance gains across the following sectors: power generation, oil and gas, transportation and mining.

Learn More About This Topic

IDG Research White Paper | Download the in-depth report here.

This blog post originally appeared on Bit Stew Systems’ blog page, Bit View. 

Solving the Data Integration Problem with Bit Stew Systems

This guest blog post by Mike Varney originally appeared on Bit Stew Systems’ blog page, Bit View. 

Data integration is proving to be the Achilles heel of the Industrial Internet of Things (IIoT) and is blocking progress on
the transformations and ROI that industrial enterprises had originally envisioned.

Typical Big Data analytics projects that employ traditional ETL or Business Intelligence tools often falter under the complexity and scale of industrial environments. The rigid architecture and manual process associated with these solutions make them less than ideal for an industrial customer.

So why are so many industrial customers still using these clunky, brittle, and slow solutions?

ETL: Compounding Your Data Problem?
ETL or Extract, Transform, and Load is a traditional IT methodology whereby data systems architects tasked with Machine Intelligenceproviding data intelligence from multiple systems will first extract the data and place it all into a common location, then apply transformations to normalize or cleanse the data and then place it back in this common container for analysis. It may not seem laborious to the untrained eye but ask any data wrangler, enterprise architect, or IT manager and they will tell you that ETL can take several professionals months.

So why do it? ETL is attractive to IT departments because it usually leverages existing software investments and does not require teams to come up to speed on any new technology. In fact, it has been a tried and true method for decades.

IIoT Amplifies the Data Integration Challenge
Those who opt for traditional ETL are forgetting that the Industrial IoT is set to connect billions of more devices to the Internet by 2020. That explosion of data will most certainly be too rapid, and too large of a change for traditional systems to handle.

The risk for those who lag behind the curve on Industrial IoT is that they will cease to be competitive in the global industrial markets. Almost all industries will be affected by this change, from oil and gas to manufacturing and all those in between.

The technologies behind IIoT have brought significant advancements to industries such as Manufacturing, Transportation, Oil & Gas, Aviation, Energy, Automotive and others.  These technologies have allowed industry to remotely monitor and control assets to optimize production and improve yields.

However, these same technologies have exacerbated a long standing data integration problem by massively increasing the volume, velocity and diversity of data required by the business.

A New Way of ThinkingMachine Intelligence
Solving the data integration challenge requires a new way of thinking and traditional data architectures must be reimagined to support the rapid proliferation of data from an exponentially expanding set of data types. So what’s the solution? The key to solving the data integration challenge is semantics.

Bit Stew’s integration technology is designed to rapidly ingest and integrate data to provide a semantic understanding of information across disparate systems. Deeper analytics can then be applied intelligently through analysis methods and workbenches.

Download the infographic to get a deeper understanding of the steps required to create a semantic model.

Download the White Paper

Contact Gray Matter Systems

Get in touch with us!