Back

Kick-off to a series of blog posts about cyber-security

My hope is that it will serve as a resource for insights and ideas, both for you and for us

As ABB’s Chief Security Officer, I work on issues related to cyber security all day, every day. This blog is a way to get you involved in some of those important and timely conversations. My hope is that it will serve as a resource for insights and ideas, both for you (whether you are a customer, or simply interested in the topic), and for us.

I encourage you to subscribe (click on the subscribe button in the top right hand corner) to what I expect will be bi-weekly posts, punctuated with our take on breaking news issues, when needed.

Over the course of 2017, I have watched the threat landscape change as bad actors evolve and grow bolder. This has come hand-in-hand with the growth in industrial (and consumer) use of connected devices and intelligent operating systems; simply put a greater number of targets and potential impacts or payoffs spur a greater number of cyber security threats.

Hence, security has to be looked at holistically, which also includes physical security.

As a leader in the global industries we serve, ABB is deeply engaged in assessing and, when necessary, responding to such threats, while manufacturing the equipment, developing the systems (both IT and OT), and working with our clients to help them proactively ensure the integrity of their operations.

This blog is about that engagement.

I look forward to sharing with you news of our latest activities, as well as thought-provoking insights you may not find anywhere else on the web. I have asked ABB’s cyber-security organization members across all businesses to contribute their thoughts about cyber-security.

I encourage you to comment and share your thoughts, too.

Also, you may want to visit and subscribe to our quarterly technology journal; while not focused exclusively on security, you’ll see how deeply the topic is reflected across our products, services, and research.

 

8 Comments

Tags:

,

Comment this article(8)

Community guidelines
  • Rob

    The "subscribe" link in the paragraph starting "I encourage you to subscribe" is broken.

    • ghollings

      Hi Rob,

      Thanks for letting us know. The link has been fixed.

      Regards,
      Gregory

  • JT

    Link does not work.

    • ghollings

      Hi JT,

      Thanks for your comment. We'll look into at this. In the meantime, please feel free to click on the subscribe link in the top right hand corner of the post.

      Regards,
      Gregory

  • Spencer Maroukis

    Is there an RSS link for this blog?

    • ghollings

      Hi Spencer,
      Yes, you'll find the RSS link in the footer of the page.

      Regards,
      Gregory

  • Mike Radigan

    I am looking forward to joining the discussions. At the ICSJWG last week, Joe Weiss made an impassioned plea to address the blind trust we put into the feeds out of Level 0 and Level 1 devices (sensors) and lack of visibility and ability to verify the integrity of the data at this level. Has it been compromised by a bad actor? Is there simply drift in the instruments? Several of the threat vectors into this environment require physical access or proximity (wireless HART), or remote access to a serial to Ethernet converter through an RTU. The holistic view is essential, knowing the process and recognizing when a malfunction points to a potential cyber incident, and relying on physical security to prevent access to cyber assets that are easily compromised.

    • Jim Lemanowicz

      Hi Mike, Joe engaged me in a similar discussion at ISA POWID this summer. He introduced me to a vendor with a novel solution. After some review I did not see this as a realistic option for the majority of our customers however I did pass the information to ABB Group Cyber council and they essentially had a similar take as myself. The implication is to have a secondary collection of field process signals and within a separate environment determine if they appear to be consistent with known limits of the process operations. If when they are viewed together, some signal appears outside the model of expected behavior then perhaps it has been manipulated. The concept is not so different from GE Smart Signal device management with the exception of the parallel field connections. Please contact me if you want to get the background and discuss more.

Footer