Supplement existing security policies
Two years back, when managers learned about ABB’s Cyber Security Fingerprint customized for the ABB Ability™ System 800xA control system, they asked ABB to perform the Fingerprint for the control system at Boliden’s plant to help them validate existing security policies, and possibly identify areas they might not have considered. Their objective was to supplement their existing effective program of mitigating the risks of computer viruses and unauthorized access that can endanger production, data, equipment and people. ABB and Boliden are in their third year of successfully deploying the ABB Ability™ Cyber Security Fingerprint services.
Supplement existing cyber security program by:
- Based on a qualified, third-party review of existing security strengths and weaknesses,
- Validating existing policies, procedures, and protections as up to date and in line with best practices
- Identifying and prioritize areas of protection and improvement; and
- Increasing Boliden personnel’s knowledge of cyber security.
The ABB Ability™ Cyber Security Fingerprint is a cost-effective, noninvasive service that provides diagnostics, key findings and recommendations that help protect control system investments from security risks.
The Fingerprint uses a multi-layer approach to increase security. ABB collects data from over 100 critical points in the system and conducts in-depth interviews with plant personnel. A proprietary software-based analysis tool analyzes the Fingerprint’s findings and compares them with industry standards and best practices.
One of the Fingerprint’s key features is that it highlights areas of opportunity for protecting against security breaches caused by company personnel who carelessly or maliciously spread malware through software or USB peripherals, as well as threats from outside hackers.
Earlier at the Boliden site, ABB had performed the Cyber Security Fingerprint to help the plant add layers of protection against System 800xA attacks and viruses and explained potential ways that security could be breached, including new tactics used by hackers, that helped bolster Boliden personnel knowledge.
As a part of the annual ABB Ability™ Cyber Security Fingerprint implementation process, all systems at the ABB installed base have now been upgraded to 800xA 6.x. ABB’s Cyber Security systematic activities for Boliden have been planned and documented for the OT environment for the whole year. This gives Boliden significant leverage to build its resilience against both external and internal threats.
Boliden managers emphasized that the constructive and productive discussions between plant staff and ABB were a significant bonus during the implementation of Cyber Security Fingerprint. ABB offered knowledgeable advice and provided key insights and validated the site’s existing robust cyber security program.
In addition, Cyber Security Fingerprint helped Boliden plan for future cyber activities based on evidence and validate the result with an improved understanding cyber security following in-depth dialog with ABB cyber security experts.
The continuous support received via ABB Cyber Security Fingerprint empowered Boliden with greater confidence in its ability to prevent cyber security breaches. The customer plans to have ABB provide Cyber Security Fingerprints at additional company sites.