Wärtsilä co-founds global cyber security alliance for operational technology
The technology group Wärtsilä is among the founding members of a new alliance to provide a technical and organizational framework for safe and secure operational technology. The Operational Technology Cyber Security Alliance (OTCSA) aims to bridge dangerous gaps in security for operational technology and industrial control systems.
Operational technology (OT) encompasses the hardware and software used to control physical systems such as machinery in factories, power stations, ships or ports. The Internet of Things (IoT) and interconnectedness of production systems in smart factories means that there is a significantly and rapidly growing risk of serious security breaches in these environments.
“The compromise of operational technology used in production facilities is becoming a preferred stepping stone for cyber criminals looking to find a way into a company’s network. Wärtsilä has taken strategic actions to become an industry leader in cyber resilience to enable sustainable business success to our customers. Cyber secure operational technology is high both on our and our customers’ agenda”, says Mark Milford, Vice President, Cyber Security at Wärtsilä.
Other founding members in the OTCSA are ABB, Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence and Splunk. As cyber-attacks on OT and critical infrastructures increase rapidly year upon year, no company can fight this battle in isolation.
“We understand that a lot of our systems integrate with our partners’ systems, so we need to look at this holistically. The only way we can do that is to collaborate within our ecosystem of suppliers, customers and other partners, even competitors,” Milford states.
Preparing for the Smart Technology Hub
The OTCSA is providing tangible architectural, implementation, and process guidelines to OT operators and solution providers. These robust security guidelines will cover the entire lifecycle – procurement, development, deployment, installation, operation, maintenance and decommission – and address aspects related to people, process, and technology.
“While there are several guidelines and standards in place to make sure that the integrated technology is secure, we’re hoping to make those standards much more concise and easier for people who are using or providing operational technology,” Mark Milford notes.
For Wärtsilä, building-up secure OT environments is especially timely now during the process of creating the Smart Technology Hub, a new centre of research, product development and production, at Vaasa, Finland.
“Bringing the right cyber security solutions into the picture right from the planning stage of the hub means that security is built into the system,” Milford says.
The OTCSA mission:
- Strengthen cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity
- Guide OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs which are demonstrably compliant with regulations and international standards such as IEC 62443
- Guide OT suppliers on secure OT system architectures, relevant interfaces and security functionalities
- Support the procurement, development, installation, operation, maintenance, and implementation of a safer, more secure critical infrastructure
- Accelerate the time to adoption of safer, more secure critical infrastructures