Schneider Electric launches Australian industrial cybersecurity practice

Schneider Electric has launched an industrial cybersecurity practice in Australia to improve protection for utility, resources and manufacturing industries from attack. The practice will offer consulting services and cybersecurity solutions to identify potential threats, create response strategies and protect critical service industries against future attacks. The practice complements Schneider Electric’s existing security-certified product offer.

Critical industries in Australia have seen an increased threat from cyber actors looking to take advantage of increasingly connected and integrated operations. According to the Ponemon Institute, cyber attacks on energy utilities are rising at 52% per year and now account for 16% of all recorded attacks.

The Industrial Cybersecurity Practice is headed by senior Schneider Electric cybersecurity consultants Peter Clissold and Adam Woodland, supported by a team of industry experts located around the country.

Clissold said the launch is responding to the increased need for cyber protection by expanding their existing worldwide security services into a local offer.

“This is an offer that is built specifically for industry. Our deep industry knowledge, specialisation in smart devices, industrial software and IT skills means we can provide a highly specific security solution for these organisations,” Clissold said. “This new practice can help industrial organisations identify and categorise their risk, as well as helping protect them from potential future vulnerabilities.”

The market estimates that more than 25 billion devices will be connected to the internet by 2020. Industrial organisations such as electricity and water utilities are increasingly using connected devices to gather data, automate processes and improve efficiency.

Clissold said the increasing adoption of IoT in key infrastructure environments has increased the exposure to increasingly sophisticated cyber attacks.

“The awareness of IoT amongst industrial organisations is very high but an understanding of the security risks is comparatively low. There is a concern that implementing these devices ahead of effective industrial security strategies poses a real operational risk,” he said.

Services to be offered by the practice include:

• Industrial cybersecurity consulting: Developing a best practice cybersecurity program based on a detailed threat analysis and organisational requirements.
• Design and implementation: Applying cybersecurity principles to the architecture and modernising existing systems to increase security.
• Training: From building awareness of cybersecurity threats through to detailed security system training.
• Maintenance: Deployment and maintenance of secure devices and software platforms that deliver improved authorisation, authentication and auditing to maintain and enhance the performance of the security system over time.

Schneider Electric also debuted its first PAC designed for the IIoT, the Modicon M580, at its Connect event in Melbourne last week. The M580 controller has embedded cybersecurity at its core, including Achilles Level 2, and is designed to meet ISASecure Certifications. Its larger memory and processing capabilities also allow for new integrated security functions to restrict data and configuration access, provide firmware integrity protection, implement encrypted communications and an enhanced security reporting facility.