CIA – confidentiality, integrity and availability are the watchwords for security. But in some environments, it almost seems as if AAA would be more appropriate as availability is so important. This focus on keeping the operation running is the backdrop for a case study Intel Security recently published on the Factory of the Future. Intel’s semiconductor fabrication plants are extremely sophisticated and expensive – more than $5B per factory – to build, so it’s fascinating to learn how such a sophisticated and mission critical operation evolved to embrace security technologies and best practices.
Reading through the case study with a heightened awareness of availability we were struck by the roles of IT and OT in the story. We often read about conflict or dramatically different cultures of enterprise IT vs operations staff. And clearly the domains are very different. But in the Intel factory example, part of what helped bring them together to cooperate was the paramount importance of uninterrupted factory production.
It began with acknowledgement that change introduces risk to factories and hence it was crucial that the operations team be an integral part of the process. Beginning with a risk assessment that clearly described the material and collateral damage if a factory were to be even partially compromised was a starting point. But the information security team went further by demonstrating an attack on similar equipment using tools readily available on the Internet and having the operations staff role play being black hat hackers – analyzing where there might be vulnerabilities.
That set the stage for the joint effort to evolve from crude network isolation & limited patching to layered network isolation zones and defense in depth. And over time to implement centralized vs local monitoring – all with a focus on availability and without burdening the operations staff.
Check out the complete story here. It’s a quick read complete with very useful advice.