BR +55 11 3069 3925 | USA +1 469 620 7643

PAM And The Standard 62443 (Industry 4.0)

by | Jul 22, 2019 | BLOG

Since 2013, the market has been promoting a new industrial revolution based on the adoption of new digital technologies, aiming at the improvement of industrial processes.

This is happening across devices connected with the Internet of Things, cloud infrastructure and Machine Learning, thus creating the concept of smart factories. Overall, the Industry 4.0 is an application oriented to the digital transformation industry, and it is applied to industries such as manufacturing, energy, utilities, oil and gas, mining, construction, transportation, logistics, and health.

In Brazil, Baumier Automation is an authorized distributor of Industrial Networks for Communication Solutions, providing high-technology products with local services and support.

As they adopt the concepts associated with Industry 4.0 to become more competitive in the market, organizations are realizing the need to improve security management of Operational Technology, or OT, to mitigate the risks of adopting these concepts in their industrial processes.

In this context, some standards and frameworks have been introduced to help organizations protect their industrial environments from attacks and malicious actions: the NIST Cybersecurity Framework, the CIS Security Controls and the ISA 62443 set of standards come from a number of best practices connected to the cybersecurity of industrial systems.

The Center for Internet Security (CIS) has defined a set of 20 critical security controls that companies should establish in their environments to ensure an effective strategy on cybersecurity. The security controls established by the CIS are as follows:

  1. Inventory and Hardware Assets Control;
  2. Inventory and Software Assets Control;
  3. Continuous Vulnerability Management;
  4. Controlled Use of Administrative Privileges;
  5. Secure settings for hardware and software on mobile devices, laptops, workstations, and servers;
  6. Maintenance, Monitoring, and Analysis of Audit Logs;
  7. Email and Web Browser Protection;
  8. Malware Defenses;
  9. Limitation and Control of Network Ports, Protocols, and Services;
  10. Data Recovery Resources;
  11. Secure settings for network devices such as firewalls, routers, and switches;
  12. Border Defense;
  13. Data Protection;
  14. Controlled access based on the need-to-know concept;
  15. Wireless access control;
  16. Account Monitoring and Management;
  17. Implementation of a security awareness and training program
  18. Application Software Security
  19. Incident Response and Management
  20. Invasion testing and response team drills

The 62443 series is, in turn, a set of specific cybersecurity standards for industrial systems, and includes standards divided into 4 categories:

  • General – covers concepts, a glossary of terms, metrics and use cases linked with IACS;
  • Policies and Procedures – deal with IACS requirements and levels of protection and implementation guides;
  • System – covers the concepts of technologies for IACS, risk assessment and security levels and requirements for systems;
  • Component – contains requirements for development life cycles and technical security of IACS components.

Thus, an organization that seeks to implement the CIS security controls and to comply with the ISA 62443 set of standards must address the issues associated with Privileged Access Management, or PAM. 

senhasegura, as a PAM solution, aims to store, manage and monitor credentials of high privilege from a number of devices and systems, including those related to IACS and Industry 4.0. The implementation of a PAM solution like senhasegura allows full control over the access to critical data related to the industrial systems. 

Baumier joins senhasegura in a strategic partnership to offer a complete solution of devices and automation systems, as well as the appropriate security of access and data from the network and those systems.

Some of the CIS security controls linked with the 62443 set of standards and that can be addressed through the senhasegura features include the following:

  • Hardware Asset Inventory and Control – senhasegura’s Discovery Scan feature allows the automatic discovery and inclusion of devices connected to the industrial environment and their credentials, allowing the full visibility and control of the equipment;
  • Controlled use of administrative privileges – senhasegura allows you to protect and control the use of impersonal and high-privilege credentials through the solution;
  • Maintenance, Monitoring, and Analysis of Audit Logs – senhasegura allows you to record the maintenance sessions of industrial organization systems, respecting approval and validation workflows of the explanations provided by the requesting user. In addition, senhasegura records and maintains audit logs of privileged account sessions, including through video recording;
  • Controlled access based on the need-to-know concept – the Access Groups allow administrators to define administrator users who will have permission to view passwords to have physical access, and the group of users that can use the remote access offered by the solution to access an industrial system;
  • Account Monitoring and Control – senhasegura provides real-time traceability of all actions performed by credentials, including impersonal ones and third parties;
  • Incident Response and Management – through the registration and safe storage of audit logs from privileged account sessions, including video recording, senhasegura reduces the time for dealing with security incidents in the environment.

Thus, in a context of change and increased threats in industrial environments, by implementing the best practices through a PAM solution’s features, one can detect and respond appropriately to any unauthorized attempt of modifying settings in the OT environment. Therefore, it is possible to address the challenges of cybersecurity and ensure adequate protection of industrial systems, as well as the continuity of operations and the production cycle in industries.

Building Digital Manufacturing Through PAM

With the evolution of technology, manufacturing sectors are increasingly digitalized through solutions that optimize the processes carried out in these environments, reducing costs, eliminating human failures, and generating more productivity.  Among the technologies...

Just-In-Time Privileged Access: Understand this Subject

In this article, we present the concept of just-in-time privileged access, its benefits, and mode of operation, among other extremely important information on the subject. To facilitate your reading, we divided our text into topics. They are: What Is Just-In-Time...

What Can I Do to Decrease Cyber Insurance Amounts?

When it comes to information security, the risks to organizations are increasing by several factors. As an example, we can mention the increase in the number of cyberattacks, especially after the Covid-19 pandemic, which accelerated the mass adoption of remote work,...

What are the actions performed during a privileged access

Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4...

Achieving Sarbanes-Oxley (SOX) Compliance Using Cybersecurity Controls

The Sarbanes-Oxley Act (SOX) is primarily associated with business transparency and the use of accounting and financial controls to protect investors from fraudulent financial reporting. However, it is always important to remember the ever-increasing pivotal role...
Copy link