External threats remain a major component of cyber security vulnerabilities in industrial control systems, with unpatched systems and obsolete anti-virus solutions being one of the biggest vulnerability concerns. The recent WannaCry ransomware incident proves how important it is to keep software and operating systems up to date.
Patch management is a recognized tactic in cyber security programs, designed to keep your operator and maintenance stations operating at peak performance by providing software updates. But validation of those patches is an important step that is not found in all patch management programs, and without it, your operations could be at risk.
The near constant flow of updates to your industrial control system and HMIs, including software updates, anti-virus signatures, or other security patches, can be overwhelming. Plus, how do you know if these updates even apply to your equipment? And what could happen if the implementation is unsuccessful? Not every update from the software OEM is necessary or right for you, and could create problems for your facility, costing you time and money.
A successful patch management program takes into account the applicability of the patches available to you, identifying and implementing only the most necessary updates you receive from the software vendor. In addition, understanding the time it would take to implement the patches, whether a restart of the equipment is needed, and if a system back-up is required are all important elements to look for from a patch management program.
The next step is making sure the patches have been validated to ensure no interruption to operations. Simulation of the same control systems, operation systems, and software from your plant in a validation lab can help to ensure you won’t lose productivity or visibility at your facility. With validation, you’ll understand if any patches will cause risks to your systems and allow for modifications to be made before implementation.
Finally, a successful patch management program should provide you with the information you need for compliance or reporting processes.
As the developer of your equipment’s operator interface, GE can provide you with our proven patch management program, Cyber Asset Protection. We partner with you to help ensure your operations run smoothly, giving you peace of mind.
Watch this video to learn more about GE’S Cyber Asset Protection services.