Republicii Street, No. 9, TM, Romania +40-256-201279
Tech

The vulnerability of Industrial Control Systems (ICS) systems is a major concern both for their beneficiaries, as well as for all those involved in the development of such software solutions. While software engineers (in and beyond ICS), know that a solid software architecture and reliable coding are the only way to go to reduce cyber risks, the users sometimes neglect the best practices in the daily use of software solutions.  When steering away from code that ends up being vulnerable, or easy to control via data breaches, as well as from its faulty deployment or configuration, the ICS-based recommendation can do no harm. They are also useful when considering other types of software solutions.

We browsed a few recommended methods for developing strong and reliable ICS software solutions, on the users’ side.

The ICS system environment induces an urgent need to solve or avoid vulnerabilities. This urgency drives best practices in this line of work. By extension, any solution with implications or application in the IoT field can be approached in the same way, even if the effects of its potential vulnerabilities are sometimes more difficult to grasp. But any element in an interconnected system is essential because the system is as protected as its weakest element is.

 

A seven steps list to avoid cyber risks, from Automation World

The list comes from a supplier of industrial cybersecurity software and services. It’s meant to provide a solid grounding for all the types of professionals who are involved in building and delivering safe and secure ICS software solutions.

 

As the author mentions, the list summarizes the “core steps every industrial company should take to secure their control systems at the most basic level”

Design your network with cyber security in mind

  • The software solutions beneficiaries/users should secure their networks to avoid exposure

Monitor your deployed software

  • Make sure you notice events and any abnormal behavior before it’s too late

Keep a tight inventory of all devices connected to your network

  • “From controllers to human-machine interfaces (HMIs) to engineering workstations, all assets on your network should be accurately inventoried so there aren’t any unknown devices, thereby enabling rogue assets to be quickly identified”.

Manage your logs, to understand the behavior of all involved devices

  • You can optimize performance once you have the complete image

Manage the configurations of all involved devices

Use industrial firewalls

Institute privilege control

 

As a user of software solutions, do these recommendations sound familiar?

Avoiding cyber risks is a common effort. Good software engineers strive to build and deliver the best, most secure products. Vigilant users should join in by materializing best practices, such as those mentioned above.

0

Tech

Due to financial restraints and reluctance, as well as to economic differences, the way in which organizations worldwide implement and approach new tech (from the digitization, automation, Big Data, analytics, connectivity, IoT, etc. group) is inconsistent.

For example, we took a look at the random user intercept site survey fielded on ZDNet and TechRepublic, based on European users having voluntarily answered tech-related questions. The results in its first phase (responses in October 2018, coming from 142 qualified users) show very low active IoT initiatives and a low budget allocation for this sector.

Meanwhile, the mainstream experts note that investing in new tech is no longer a luxury, but “essential to keeping your business’s costs down, your profitability up, and your company thriving”.

 

A glimpse at the IoT-related situation in the European field

 

Back to the study mentioned above, let’s see a couple of figures:

 

*42% of the respondents say they have an interest in IoT, but have no active initiatives;

 24% of them say they have a limited number of IoT-related functions in operation;

 

*1-9% of the respondents mention that 36% of their budget is directly related to their IoT-based initiatives;

 10% say that over 50% or more of their budget is directly related to their IoT-based initiatives

 

*a maximum of 18% of the respondents list IoT as a top priority in their organization, for various lucrative purposes

*a maximum of 49% of the respondents list IoT as a top 3 priority in their organization (figures vary, depending on purpose)

*51% of the respondents list ensuring the security of IoT network/devices as the top challenge in using IoT in their company, followed by integrating IoT into their proprietary networks and by the learning curves related to the new technology

For those of us who work in B2B it should be easy to compare these with the situation in the field as we know it. Although this study so far provides only partial unrefined results, it clearly shows polarization around certain issues.

 

A few recommendations for the organizations caught in transition

For those who are interested in new tech, but still are indecisive whether to see it as a luxury or a necessity, the article we found on ReadWrite provides a schematic guidance. Such organizations should consider the following:

  • Quality software should always be the choice, and furthermore the companies should spend money to ensure they have the best technology expertise. Going for doubtful software and no experts is simply self-sabotage.
  • New tech in streamlining business processes is the way to go, since it levels the playing field with your peers, as well as your customers. Predictive maintenance and reducing errors via technology is so this age, that those who are top in their field can’t even conceive functioning without it.
  • A strong relationship with the modern customer means new tech, which makes sure the customer experience is within the modern, expected parameters in the industry.

For more details on how businesses should “integrate new tech into (their) business in a way that cuts (…) costs, increases revenue, or provides more value to (…) customers”, see the source article here.

0

Tech

Our software engineers have had the occasion to test the strengths and weaknesses of containerization platforms themselves. When considering which platform works best for a team, the project in cause fuels the decision. Different projects may require different tools and consequently a certain suitable platform. What we need to achieve with the container-building tool matters most.

We recommend an article that compares Kubernetes and Docker in a fair, balanced manner. In the author’s own words “Kubernetes vs. Docker is not an easy comparison”. However, by going through this post, you may well form an idea of which platform suits your needs.

The TechnologyAdvice article is here – take a look.  

Image credit: source article

0