Customer Challenges
Cybersecurity has become a significant factor in the overall risk management for industrial installations, process plants, and other critical assets. With the Industrial Internet of Things, Cloud technology, and Industry 4.0 transformation processes, cybersecurity vulnerabilities pose higher risks for safety and business continuity. In fact, OT cybersecurity is roughly a decade behind the maturity of IT security in developing security organizations, skilled resources planning, and so on.
Yokogawa’s Cybersecurity Consulting Services
Yokogawa’s comprehensive Cybersecurity Consulting Services help customers deploy proper security solutions for their plants to ensure safe operation while adapting to new technology for achieving higher efficiency and productivity. Yokogawa offers a variety of solutions for assessing the vulnerability of a system ranging from assessment to audit and help with creating security policies, recommending appropriate security countermeasures to minimize security risks, and maximize customer’s corporate value.
Yokogawa can conduct audits of customer’s security program based on International Security Standards. These services help customers to identify, evaluate, and mitigate the risks present in their systems.
Delivering Our Core Capabilities
Wealth of Knowledge for Security Standard and Regulations
Yokogawa is committed to deliver Safety & Security excellence to customers and hence, Yokogawa engineers are always upgraded and trained to meet Global Security Standards.
This attests to the high-level cybersecurity expertise of its workforce and reflects the company's longstanding commitment. Our security consultants and engineers have very wide knowledge and experience working with various security standards, frameworks, regulations and guidance: such as ISA/IEC 62443 series, ISO/IEC 27000 series, NIST CSF, NERC-CIP, GICSP, etc.
ISA/IEC 62443: International Standard for the Security of Industrial Control Systems (ICS)
IEC/ISO 27000: International Standard for Information Security Management Systems
NIST CSF: National Institute of Standards and Framework's Cybersecurity Framework
NERC CIP: North American Electric Reliability Corporation Critical Infrastructure Protection
GICSP: Global Industrial Cyber Security Professional
Security Competence Laboratory
While leveraging core OT business and domain IT knowledge for more than 100 years, we are operating our specialized Security Laboratories to investigate leading-edge technology and established a global network with offices around the world – a comprehensive knowledge pool that our experts and consultants can access at any time.
Yokogawa’s Security Competence Laboratories (Institutionalized the responsible organization for industrial cybersecurity across R&D, Engineering, and Service) play a key role in the company’s overall cybersecurity activities. Collectively, these laboratories serve as a dedicated center-of-excellence in which Yokogawa system and cybersecurity specialists can collaborate to link current security technologies to the company’s systems to help protect the company’s customers from constantly evolving and increasingly sophisticated cybersecurity threats.
(Click here to view video in new window)
Lifecycle Value: Trust & Partnership
With wide experiences in providing industrial automation and services in greenfield and brownfield, we fully understand that each industry, each plant’s security responses are very different. Same industry might share similar vulnerabilities and subject to the similar threats. However, the consequences and impact levels of each industrial plant may be very different. Therefore, choosing a lifecycle partner who
- Understands well about customer site’s situation,
- Strong knowledgeable in both IT and OT field and
- Understands security frameworks, industrial standards, government guidelines, and regulations is very important not only to observes the progress but actively works to shape the future.
- Our security experts have delivered successful project records for worldwide industrial sectors.
Resources
Yokogawa's network healthiness check service helped the customer identify what they need to protect against cyber-attacks.
By “visualizing” network traffic in control system, the customer was able to detect unauthorized communication in their system.
yi-MAC stands for YOKOGAWA Innovative Main Automation Contractor:
- Full control of scope and schedule across packages
- Realization of customer expectation
- Single point of responsibility
- Providing fully integrated solutions
Mitigation strategies for cybersecurity risks in the hydrogen ecosystem include implementing network security measures such as segmentation and isolation of ICS networks, intrusion detection and prevention systems, and access controls. Endpoint protection is crucial to secure devices connected to the network from malware and other unauthorized applications.
The agnostic approach to cybersecurity and solution integration, built around the concept of modularity, offers a scalable and flexible way to reduce the risk of cyberattacks on OT networks.
The number of incidents involving attempted unauthorised access to computer systems via the internet as reported by CERT (Computer Emergency Response Team) was 137,539 in 2003. Statistics show an exponential increase in the number of reported incidents in the last five years. Although this can be partly explained by the increase in the number of computer systems in the world that are connected to the internet, it is nevertheless an alarming fact.
Yokogawa’s industrial automation (IA) product and service offerings, industry domain knowledge, and VigilantPlant approach – which emphasizes safe, secure, and uninterrupted operations -- provide a solid foundation for an Industrial Internet of Things that specifically addresses the requirements of process automation, particularly for the OT side of the equation. To be able to provide an equally solid foundation for the IT side, Yokogawa is partnering with Cisco Systems and other industry leaders.
This white paper provides an overview of how Yokogawa believes its customers can best prepare for and position themselves to benefit from IIoT-enabled technology and solutions and digitalization in general to emerge as the successful connected industrial enterprises of the future.
Network and system security is now a necessity in process automation industry. YOKOGAWA provides a service lifecycle solution for cyber security to ensure that the security measures and deployments are continuously enhanced, monitored and inspected.
This white paper explains the details of the security design, implementation, operation and validation solutions from the technical perspective.
Discovering your Baseline with OT Security Risk Assessment
Initially when control and safety systems moved away from being hardwired and relay-based to computerized systems, vendors and asset owners were more interested in functionality than security. Typically, especially in high risk environments in refineries and off-shore oil installations, the systems were standalone with a dedicated Safety Instrumented System.
Over the last ten years more security solutions have available, and more industrial end users have implemented them to protect their businesses. Today nearly all companies use an anti-virus product installed on their industrial control system (ICS), as well as having their ICS segregated from the business network and the Internet by a firewall.
Harness the Future of Innovation
Highlights of the 2014 Yokogawa Users Conference and Exhibition
September 9 - 11, 2014, Houston, TX
By the editors of CONTROL Magazine
Downloads
Brochures
Videos
In our first episode, Tom Hardy debunks common false statements regarding Cybersecurity. Does insurance liability protect businesses against cyberattacks? Is my organization too small to be a target? Tune in to find out.
This workshop provided by industry partners Yokogawa and ThreatConnect will show you a way to strategically manage cyber risk within an industrial environment. Learn how to transition from the “break/fix” model of industrial cybersecurity to a business risk management strategy through cyber risk quantification, return on investment (ROI) for industrial cybersecurity solutions calculations, and cyber risk identification.
Looking for more information on our people, technology and solutions?
Contact Us