Managing Cybersecurity must be of paramount concern to Corporate IT departments, increasingly in manufacturing environments. Grantek seeks to educate our clients to the prominent threat of manufacturing as a target, with dangers ranging from run-of-the mill hackers to corporate espionage to government-sponsored threats from unfriendly nation-states. The threats to the power grid, the food supply, and the water supply from malicious hacking cannot be ignored.
Each company has a large set of diverse users for whom security is not necessarily the focus of daily operations. Some of these users may not even be employees, yet require access to critical systems to perform their tasks. In response, Corporate IT departments work to safeguard the corporate/enterprise side of the network, but some Corporate IT departments do not fully understand the security needs of the network within the manufacturing environment. Grantek understands these needs and ensures our customers prevent intrusion to their manufacturing network, while maintaining the necessary access for support personnel who are both employees and vendors.
Grantek takes a Defense in Depth approach to Cybersecurity. We seek to implement more than one method of security, such as segregating production lines on their own VLANs or cells, and implementing Demilitarized Zones (DMZ) at the interface between the enterprise network and the controlled manufacturing network. We restrict access to the manufacturing network to only those users who truly need it to perform their jobs, and provide segregation within the manufacturing network based on the function and criticality of each subsystem. We recognize that in data and Cybersecurity, standardizing to best practices in ISO 27001 and 27002 are critical. A large percentage of security breaches are caused by insiders and sensitive data, when deleted, still exists and is vulnerable if disposed of improperly. Investing in secure wiping utilities or services, and properly destroying old equipment are useful practices Grantek can implement.
Grantek is heavily involved in MESA, including in their Cyber Security working group and is committed to driving consistent methodologies for implementing Cybersecurity in Industrial Controls Systems (ICS) environments.