The Merry-Go-Round of Cyber Security Goes on Forever

A session on cyber security at the Pacific Design & Manufacturing show in Anaheim looked at the never-ending struggle to protect connected assets.

Rob Spiegel

February 22, 2016

4 Min Read
Design News logo in a gray background | Design News

The need for continually enhanced cyber security is a constant and unrelenting challenge for system connectivity. Security threats are a perpetual reality. That’s the take-away from the Pacific Design & Manufacturing show in Anaheim earlier this month. In the conference session, “Good Fences Make Good Neighbors: Establishing a Secure Networking Infrastructure,” presenters effectively said: Better get used to it. “As the hacks improve, we will respond with protections. That will happen for a long, long time,” said Ernie Rudolph, executive vice president, Icon Labs.


(Source: fightingidentitycrimes.com)

Rudolph noted that security has moved beyond the usual fence around the company. Protection has to go down into the device itself within that fence. “The classic network protection is a secure perimeter. Yet, if you put a fence around your house, you still lock the door, and you still secure stuff within your house,” he said. “In a zone protection system, the zone becomes a single device. Our security framework is embedded, and it’s based on the threats we anticipate. We have software built into the device itself, and we have secure updates in the device, not just the perimeter.”

Security isn’t just to protect against outside enemies. Rudolph noted that most attacks are not intended. They are errors. “Our customers tell us that 70% of their attacks are internal and inadvertent. Yet they can still be catastrophic,” he said. “The internal thereat is non-malicious. People make mistakes. You keep looking for ways to block those mistakes. When you’ve done all the steps, and you still make a mistake, the results are still potentially devastating.”

He pointed to measures that can be taken to deflect potentially dangerous mistakes “You can work to stop the accidental action,” said Rudolph. “Say your temperature range is 80C to 100C. But if someone puts in 80C to 1,000C by mistake, your program may not catch it.” He noted that solutions can include programming to disallow a temperature outside the appropriate range –- as part of security.

READ MORE ARTICLES ON CYBER SECURITY:

The ultimate solution is to deploy a variety of security measures, from the perimeter to the zone, and down to the individual device. “We approach security by layering it. Everything you do for security is important. The perimeter, the firewall, the embedded security –- they all add up to protection against the bad guys,” said Rudolph. “But you also have protection from the good guys who make mistakes.”

Those working in security say it’s important to get used to the notion that security is a never-ending struggle. “Security is an impossible-to-hit goal, but we should all be striving for it. You can’t make perfect never-can-be-hacked protection, but you should make it hard enough to attack that it’s not worth the time and money,” said Josh Thomas, a founding partner at Atredis Partners, a security company. “You can also make sure they don’t get much if they do hack.”

Security comes without a Holy Grail. “Security is a continuum. There’s this notion of perfection in security. Engineers seek a perfect ideal,” said Shawn Moyer, a founding partner at Atredis Partners. “Yet the only perfect system is to bury your valuables under tons of concrete. It’s not usable, but it’s protected.”

Moyer noted that effective security requires a paradigm shift with a greater focus on how to manage inevitable intrusions. “Hacking creates unexpected functionality. When you’re hacking a system you’re making the system do something the designer didn’t expect to have happen,” he said. “Designers don’t design for failure. They design for success, and then it fails. The biggest thing people don’t do is ask, ‘What do we do when it does break?’”

Rob Spiegel has covered automation and control for 15 years, 12 of them for Design News. Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years he was owner and publisher of the food magazine Chile Pepper.

About the Author

Rob Spiegel

Rob Spiegel serves as a senior editor for Design News. He started with Design News in 2002 as a freelancer covering sustainability issues, including the transistion in electronic components to RoHS compliance. Rob was hired by Design News as senior editor in 2011 to cover automation, manufacturing, 3D printing, robotics, AI, and more.

Prior to his work with Design News, Rob worked as a senior editor for Electronic News and Ecommerce Business. He served as contributing editolr to Automation World for eight years, and he has contributed to Supply Chain Management Review, Logistics Management, Ecommerce Times, and many other trade publications. He is the author of six books on small business and internet commerce, inclluding Net Strategy: Charting the Digital Course for Your Company's Growth.

He has been published in magazines that range from Rolling Stone to True Confessions.

Rob has won a number of awards for his technolloghy coverage, including a Maggy Award for a Design News article on the Jeep Cherokee hacking, and a Launch Team award for Ecommerce Business. Rob has also won awards for his leadership postions in the American Marketing Association and SouthWest Writers.

Before covering technology, Rob spent 10 years as publisher and owner of Chile Pepper Magazine, a national consumer food publication. He has published hundreds of poems and scores of short stories in national publications.

Sign up for Design News newsletters

You May Also Like