The national operators responsible for the critical infrastructure and security of supply have taken the situation seriously for a long time and are now increasing their preparedness through training. Right now, it is important to be aware of what the attempts to influence are actually about and how you can defend against them, point out the cyber security experts from Insta.
Many critical systems within society and businesses are based on automation and information technology. Digitalization means that production environments are very rarely islands with no connections from the outside. The increased shift toward remote connections and cloud services in service and maintenance, for example, is bringing operational technology (OT) and information technology (IT) closer together.
– From a cyber security point of view, this increases the surface area for attacks. Attacking production systems used to require special expertise; now, however, an attack against an IT system can jeopardize the operability of production environments and the production capabilities of a factory, for example, says Chief Cyber Security Architect Mikko Salonen from Insta.
For production systems, the most important protection target is the functional capability of the organization or society, not necessarily the data itself. Therefore, OT systems are particularly attractive targets for government actors, and traditional ransomware attacks have also become more commonplace.
The functionality of critical infrastructure directly affects the functional capacity and well-being of individuals; Finland, for example, is very dependent on power supply and functional logistics, among other things. In a connected society, there is also strong dependency between the different sectors.
The price of cyber crime quickly doubled
The international situation has made cyber security a very topical subject. The European Union tells us that Russia’s military attack on Ukraine has activated cyber criminals. Even before that, the EU estimated that the price of cyber crime on the world economy had doubled between 2015 and 2020.
Managing cyber security requires resources, such as personnel, expertise, and funding. Very often, it makes sense for organizations to focus on their core competence and outsource the cyber security services – at least in part. Insta is Finland’s most reliable cyber security partner and service provider. The company broadly offers its expertise to organizations in the areas of energy generation, process industry, water supply and healthcare, public administration, and in the food, security, and defence sectors.
– Ensuring the security and functional reliability of critical systems enables us to support the continuity of businesses and society. We are also helping our customers to develop their business, since protected systems allow for data to be refined and safely utilized in activity management and quality improvement, Salonen says.
Three tips for improving cyber security in industry, for example:
1. Manage and understand your equipment. Survey the version information for the devices and applications in your OT environment in order to implement the necessary updates.
2. Define the operating models. The organization requires guidance regarding how to react to observations of suspicious events, the kind of process that they should initiate, and who is responsible for the analysis.
3. Consider your partners. Make sure that they are operating at a high level of information security. Take note of the equipment they are introducing into the environment and ensure that remote connections are implemented safely.
Insta offers a wide range of cyber security services from consulting to cyberattack prevention and from network security to the secure digital identity of persons and devices. Our services, products, and broad international partner network are trusted by corporations and public sector organizations in Finland and abroad. Our solutions combine the best products on the market, 30 years of experience, and high-level cyber security know-how.