If you’ve been paying much attention to the press, you already might realize that cybersecurity is something being talked about. In February, a Florida plant for water treatment experienced a breach, and just a few months later, there were major attacks on Irish Public Healthcare and the Colonial Pipeline.
When you look at these situations together, it brings up a crucial question. Should systems have been connected and open to abuse to begin with? No matter what your opinion is, it’s clear that cybersecurity is a huge priority right now and that should remain the same as we move forward.
The Benefits and Risks of External Connections
Nobody is denying that businesses can see benefits from external network connections. However, it’s also important to consider what can go wrong when these connections are available. Simply by having an external connection, these systems are easier to attack.
If these had been internal connections, would the same problems have occurred? Unfortunately, there’s no way to know for sure. However, external systems are certainly much more accessible to hackers who want to create problems around things that aren’t theirs.
The next question you might want to ask is where the benefits of this kind of connection are capable of outweighing the risks. With all of these hacks occurring lately, finding an answer is more difficult than you might expect. This is especially the case when the external connections are added simply to offer remote control and monitoring over certain functions.
Flexibility is important but is it so important that there should be gaps in cybersecurity just to ensure a human doesn’t have to visit a building to handle their tasks? Some people will say the answer is yes, but it is a bit more complicated than that. The reality is that just because something can be connected, that doesn’t mean it’s the right choice to do so.
Connection Considerations
If you have a business and decide that you need to connect some of the most crucial systems to an outside network, you can’t just stop there. Security and safety have to be considered and should take priority over just making sure the system is available and online.
When creating and deploying a connected platform, the underlying architecture should be constructed to do several things:
- Constantly improve the system’s immunity to attacks through supported system updates.
- Understand when the system has been compromised and can bring the system back to a former state before any issues were caused.
- Partition the system so that any attack can be easily contained to prevent damage to the system’s security, safety, and functionality while ensuring that important assets cannot be modified or accessed.
Information Technology vs. Operational Technology
One of the major challenges that have no clear solution at this time is the different perspectives between operational technology (OT) and information technology (IT). In general, those in IT are most interested in ensuring that data is kept private and confidential, while OT is focused on providing the best level of functionality.
With connected systems like the ones dealing with recent attacks, it’s clear that there’s a need to bridge the gap between the old and the new. For instance, the frameworks and commands used in IT should be designed to work with the reliable, safe, and extremely available OT world.
While there is some argument about the fact that no software can be fully safe when run on unsecured hardware, most people agree that more secure hardware needs to be available.
Thankfully, there are several efforts right now to improve the security of connected systems, such as the Platform Security Architecture initiative from Arm. If a system is running on badly written software and is compromised, many aspects of the system will be impossible to access. However, other things need to be considered, such as:
- The design cycles associated with embedded systems
- The timeline of silicon availability
- How long it takes for the PSA to be rolled out
- What amount of time the embedded systems are available before being traded out
Software architecture is needed to provide an isolated environment so threats cannot reach private information even when the endpoint is compromised. The best option is for secure systems to be created as distributed items where security is partially realized through separating physical components and the mediation of the functions done by the components.
How To Create Separation For Better Cybersecurity
Creating virtual areas through the use of virtualization can be an effective way to allow applications, operating systems, and security functions to carry out duties. The basic idea is that the resources of the machine are secured and allocated apart from the actual operating system. Thus, rather than letting the endpoint create vulnerability, it can be a source of extra protection.
Like an operating system will enforce protected memory context between various processes, a separation kernel hypervisor will do the exact same thing but between an array of different virtual machines. Thus, even though the virtual machine processes can interact with each other, they can’t interact with other virtual machines without clear authorization.
Choosing the right hypervisor technology is also essential. For instance, if an embedded option is located on the underlying operating system, failure can cause the entire system to crash. There are also variations that allow root log-ins. A hypervisor that is only minimally configured can assign resources to virtual machines but can’t make changes once the system has booted. The solution then moves out of the way, which may be the best option as we move forward.
The reality is that cyberattacks are likely to continue to rise over this year, the next, and even beyond. Everyone should be working on designing and employing solutions that keep systems secure and safe, no matter what kind of connection they utilize. Designing systems with the right infrastructure is the most important priority. This ensures that the most important networks are as impossible to break into as possible.