With the number of worldwide security incidents increasing every day, it’s no surprise that security has bubbled to the top of the executive agenda. Recent events, such as the attack on the Tigantourine gas facility in Algeria, have reiterated the need to make security a top priority. In this particular incident, about 40 terrorists used three vehicles to storm the gas facility, which supplies 10% of Algeria’s natural gas production — making it a prime target.
As the assault began at the plant’s gates, a guard activated a facility-wide alarm, warning the entire site that an attack was in progress. The terrorists intended to storm the plant’s control room and make changes to its industrial control system (ICS) — specifically, a supervisory control and data acquisition (SCADA) system — which would cause the facility to self-destruct. Enabled by the guard’s actions, quick-thinking engineers shut down some essential processes before this could happen.
The Need for Security Convergence
Modern-day incidents are often a combination of physical and cyber attacks. With the Algeria example, though the terrorists’ efforts to override the plant’s SCADA system were thwarted, had they succeeded in making configuration changes to software that would have permeated to other servers and devices in various locations throughout the plant, the results would have been catastrophic for plant operations and would have rendered the plant inoperable for a long time.
Monitoring cyber threats by IT security alone is not enough; siloed units must work together for enterprise-wide security and reliability.
Many experts believe that cybersecurity and SCADA systems are intertwined now more than ever before, as off-the-shelf IT components like servers, switches, and routers make up the bulk of distributed control system (DCS) deployments.
At one time, departments like corporate security and plant operations had little or no need to collaborate with IT. However, today’s badge access control systems for facility admission, as well as digital camera systems for surveillance and real-time plant performance analytics, operate on internet protocol-based networks. Monitoring cyber threats by IT security alone is not enough; siloed units must work together for enterprise-wide security and reliability.
Truly Prevent and Quickly Mitigate Cyber Attacks
SAP partner AlertEnterprise has designed real-time security convergence technology to meet the demanding cross-organizational, cross-system, and cross-platform needs of critical infrastructure companies. This technology includes:
Physical identity management and governance software for use with SAP NetWeaver Identity
Management (SAP NetWeaver ID Management)
Operational technology compliance management for use with SAP solutions for governance, risk, and compliance (GRC)
Near-real-time predictive risk analytics for use with the SAP HANA platform
Security incident management and informed response tools for use with SAP’s mobility solutions
AlertEnterprise’s critical infrastructure solutions, coupled with the power of SAP software, can help deliver prevention and fast mitigation of theft, sabotage, and terrorist acts. For more information, visit www.alertenterprise.com.