According to an 2018 survey by the World Economic Forum, managers from countries with a high level of industrialization consider cyber attacks the greatest risk to their companies. TI Safe News spoke with Paulo Antunes, Siemens' digital application manager to understand how maximum protection can be obtained and countermeasures adopted.
TI Safe News: The electricity sector is one with the highest exposure to cyber risk. NERC recently released a paper called Lessons Learned that presented the vulnerability at the US grid control center. In Brazil, what is the best way to diagnose vulnerabilities?
Paulo Antunes: We suggest our customers to implement 3-based Cyber Security solutions: mapping the current situation of customers' IT / TO network, solution design and implementation, and cyber maintenance over time. At the mapping stage of the current situation of the IT / TO network, we need somehow to have clear visibility of existing and connected assets in these networks. Not only rely on information that is shared by customers. There is no other way but to rely on tools that do this activity automatically. Having asset visibility, it is then necessary to check the current status of these assets. Ie firmware versions, software, etc. This gives you a clear understanding of the situation of the IT / TO network and what real risks and vulnerabilities need to be addressed in the cybersecurity project. But everything has to be fast and automatic. Therefore, we use some Siemens tools that support us in these activities, such as SiESTA (Siemens Extensible Security Testing Appliance).
TI Safe News: How does SiESTA work in the analysis of vulnerabilities of electric networks?
Paulo Antunes: SiESTA has a series of built-in routines that test existing systems against standards and implement equipment configuration best practices to detect vulnerabilities and configuration errors in solution components. The result is a “Lighthouse” report, classifying the level of problems encountered in red / yellow / green. This serves as the basis for defining security measures that should be applied to ensure cyber risk mitigation in critical energy infrastructures.
TI Safe News: Could you explain the importance of Computer Emergency Response Team and how it acts effectively?
Paulo Antunes: Siemens strongly believes in this concept and maintains an exclusive team called Siemens CERT (Computer Emergency Response Team). It is a dedicated team of security experts who manage the receipt, investigation, coordination, and public reporting of security issues related to Siemens products, solutions, or services. ProductCERT cultivates strong and trusted relationships with security partners and researchers around the world to enhance Siemens product security, enable and support the development of industry best practices, and most importantly, help Siemens customers manage security risks. safety. The team acts as a central point of contact for security researchers, industry groups, government organizations and suppliers to report potential Siemens product security vulnerabilities.
TI Safe News: How does SiESTA work in conjunction with TI Safe's risk analysis tools for grid monitoring?
Paulo Antunes: We can say that SiESTA complements the risk mapping process, which is normally conducted by TI Safe, supporting the security risk assessment process to go beyond the information provided by customers. In such an evaluation process, there is always what the customer “thinks they have” versus what the customer “really has” connected to IT and TO networks. And all in a fast and reliable way.