Vulnerability Management in Operational Technology
Toniolli, Marta (2021-05-28)
Vulnerability Management in Operational Technology
Toniolli, Marta
(28.05.2021)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
suljettu
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe2021060132663
https://urn.fi/URN:NBN:fi-fe2021060132663
Tiivistelmä
The importance of cyber protection is increasing, and as reported by the Global Risks Report 2020, cyber attacks are considered one of the most severe risks worldwide. Indeed, cyber attacks have been ranked as one of the top five increasing global risks. The high score of cyber threats is due to the fact that attackers do not only target, with a surprisingly increasing number, information technology systems, but nowadays they also aim to affect operational technology systems within critical infrastructures.
The progressive connectivity of industrial environments, combined with the convergence and integration of operational technology and information technology systems, has emphasized the importance of protecting also the critical systems and networks, with a stress on operational technology components. The lack of knowledge, flexible tools, technological products, and solutions are forcing companies and businesses to face these risks every day, in order to sustain their productivity. Moreover, in most cases, the security by design principle cannot be applied, since these critical infrastructures include deprecated softwares and old systems that have been running for years, without any interruption. As a result, security must be included somehow in the loop, even if the systems are already in production.
For these reasons, a proper proactive measure that aims to reduce the likelihood of a successful attack, is to carry out a continuous process of vulnerability management within the critical industrial environment. A vulnerability management process implies the identification of assets, the discovery of vulnerabilities, and the subsequent fix, through patches or compensation control measures. This process will boost the company production security, and it will help the business to survive and be more resilient in case of cyber attacks.
The aim of this thesis is to discuss in detail the vulnerability management process and its related topics, and subsequently analyze the best tools to perform a successful analysis. It provides an overview of the challenges, risks, and best practices to reach a proper cybersecurity baseline within the critical infrastructure. It then focuses on how the vulnerability management process is conducted within Wärtsilä Corporation. This is done through the analysis of a set of vulnerabilities detected within Wärtsilä internal network, followed by a discussion on how they have been fixed.
The progressive connectivity of industrial environments, combined with the convergence and integration of operational technology and information technology systems, has emphasized the importance of protecting also the critical systems and networks, with a stress on operational technology components. The lack of knowledge, flexible tools, technological products, and solutions are forcing companies and businesses to face these risks every day, in order to sustain their productivity. Moreover, in most cases, the security by design principle cannot be applied, since these critical infrastructures include deprecated softwares and old systems that have been running for years, without any interruption. As a result, security must be included somehow in the loop, even if the systems are already in production.
For these reasons, a proper proactive measure that aims to reduce the likelihood of a successful attack, is to carry out a continuous process of vulnerability management within the critical industrial environment. A vulnerability management process implies the identification of assets, the discovery of vulnerabilities, and the subsequent fix, through patches or compensation control measures. This process will boost the company production security, and it will help the business to survive and be more resilient in case of cyber attacks.
The aim of this thesis is to discuss in detail the vulnerability management process and its related topics, and subsequently analyze the best tools to perform a successful analysis. It provides an overview of the challenges, risks, and best practices to reach a proper cybersecurity baseline within the critical infrastructure. It then focuses on how the vulnerability management process is conducted within Wärtsilä Corporation. This is done through the analysis of a set of vulnerabilities detected within Wärtsilä internal network, followed by a discussion on how they have been fixed.