As business embraces the digital revolution through new technologies, such as cloud computing and the Internet of Things (IoT), barriers are broken down, allowing for rapid growth and advancement. However, this opening up of platforms and increase in interconnected systems also allows cyber criminals to enter and attack systems.
The necessity for a comprehensive security strategy is acknowledged by more sectors as an integral part of standard operational risk management, particularly in such industries as oil & gas, electrical power plants, water plants and other key sectors. The disruption of operational systems can have a far-reaching and potentially catastrophic impact. Special skills are needed to fortify defences, while keeping plants running smoothly.
A 2015 survey by Ernst & Young revealed that 88% of respondents do not believe their information security fully meets the organisation’s needs and that 57% say the lack of skilled resources is challenging information security’s contribution and value to the organisation.
As a global technology solutions leader, Schneider Electric has vast industrial experience working with both Information Technology (IT) and Operational Technology (OT). This experience enables it to collaborate with IT departments and third-party security solutions providers to develop precise and effective cyber security solutions that secure systems without hampering operational efficiency.
Managing cyber security requires experts to be well versed with foundational knowledge of the systems they are working to protect. Having worked closely with clients to help plan and set up many of these control systems, its cyber security team has gained deep knowledge and insight into what it takes to protect the safety, reliability and confidentiality of these OT systems.
Their familiarity with the system architecture enables quicker identification of security risks and implementation of more targeted solutions, thus preventing wastage and plant downtime. Schneider Electric’s cyber security professionals are among the best the industry has to offer.
It combines cyber security expertise, technical expertise and consulting expertise in a ‘defence in depth’ strategy to prevent or minimise cyber attacks. This multi-pronged defence system adheres to IEC 62443 standards, and involves the creation of a multi-layered and multi-technology strategy to safeguard critical systems. This strategy is an implementation tool and a holistic security approach, which safeguards but also assesses, manages and monitors systems, with the help of Schneider Electric’s Portfolio Life Cycle Methodology.
The cyber security team will assess, design, implement, monitor and maintain cybersecurity systems and train customers’ teams about security practices and introduce a security culture that leads to quick threat response and business continuity.
- A dynamic ecosystem of partnerships and platforms, including governments, universities and suppliers that help drive research, policy and collaborative projects to produce a holistic, security-conscious offering
- An ISO conformant vulnerability management process that is activated upon external notification, vulnerability disclosure or customer report
- An advanced Global Threat Intelligence Center that actively monitors cyberspace for threats to Schneider Electric products and customers
- 150+ products that are cyber security standards certified for electrical and process installations
- A team of cyber security experts who understand process requirements, enterprise needs and business environments
Schneider Electric has earned the industry’s first ISA Secure Security Development Lifecycle Assurance conformance certificate. Industry references from Qatargas and Hellenic Petroleum speak to the competence of the team’s performance at critical plants requiring high-level security and its ability to provide end-to-end consulting, integration, maintenance and managed services worldwide.