Anyone who ever created something through hard work has had to deal with bandits coming to take, by force or by cunning, the fruits of their labor. Once, the solution was to build grander and grander castles, each broken into segments and interwoven with multiple defenses to guarantee the safety of the castle’s residents and resources. Any smart factory experiences daily life in much the same way: constantly targeted by hackers wanting to extort a hefty ransom, wreak havoc on the machines, compromise the safety of workers, or steal valuable intellectual property.
In a castle, the different sections or “segments” of the layout make invasions much easier to repel – – when raiders get across the moat, they still have to get through the outer wall, then the inner wall, and finally find their way into the keep, pushing against well-prepared defenders at every key position. Similarly, when a work site’s network is segmented, hackers breaking into a segment will be stopped at every turn. Defenses can be well-prepared and deployed at the key positions where they are most effective, halting a hacker’s movement and ability to gather information.
In today’s smart factory, what are the usual factors that slow a hacker or stop their assault? Typically, they are running a perimeter firewall and maybe an air gap. Sadly we now know that these aren’t enough to protect from newly-developed and unknown modern threats.