Learn everything about securing a power plant
Expert Maurice Snoeren talks during the Industrial Cyber Security Event
-300x150.png)
The consequences of the NIS, the importance of the IEC 62443 standard and the challenges in linking OT and IT: it is all complicated matter. You will learn all about it during the Industrial Cyber Security Event on October 10. Maurice Snoeren, OT security officer at RWE, kicks off the day with his keynote. He gives a preview.
Power plant as target
Maurice knows better than anyone why it is crucial to protect a power plant as well as possible. “As a power plant you are a military target, it's that simple,” he says. “You see that now in Ukraine. If you want to hit a country, you go after its energy supply.”
It is not only a military target, but also a target for crime. He explains: “A cyber attack can cause social problems and entail enormous costs. Then you are quickly talking about an amount with six zeros. So then you just pay such a criminal the ransom. Of course you want to prevent that.”
| Maurice Snoeren works at RWE; that company has some of the largest power stations in the United Kingdom, Germany and the Netherlands. “In addition to electricity, we also supply heat to cities and energy. Of course, we must properly protect these power plants. Physically, but certainly also digitally. Due to national legislation, we choose to appoint a security officer per country,” says Maurice. “I am responsible for the digital security of Dutch power plants.” |
Think about the connection to external networks
How do you secure a power plant? Maurice explains: “By thinking very carefully about how you connect your power stations to external networks.” This also means that you pay close attention to who you give remote access to your systems, he says. “And the use of data diodes is crucial; Simply put: they ensure that information can only go from A to B and not from B to A. That is not always easy to implement, but it is super safe and cannot be circumvented.”
Difficult to secure
You cannot keep OT safe by simply patching and updating; you work with machines that are often twenty years old. The systems were not developed with cybersecurity in mind. That makes security so difficult. Maurice: “You therefore have to be creative to ensure that they remain safe and workable.”
“What I also notice is that IT is often ahead of the curve when it comes to security. But OT cannot simply go along with that.” Maurice describes it as 'another world' and therefore has to follow its own course. “We have to think carefully about our security, take IT as a source of inspiration, but do our own thing.”
| Just freshen up. IT stands for information technology. We all use them to communicate with each other, for example via e-mail. OT stands for operational technology. This is mainly intended to automate physical processes, for example in a power plant. |
A tip of the veil
During his keynote at the Industrial Cyber Security Event, Maurice will tell you more about the importance of security. He gives a sneak peek: “I explain why we run a risk if we link IT and OT too much. And that the IT way of doing things does not always work for OT, but that you can make that connection in other ways. I will also explain exactly what a data diode is and how it works.”
What does he want to achieve with this? The realization to be careful. “Because you really want to keep those hackers out.”
| Would you like to hear more from Maurice and know more about cybersecurity in the industry? Then register now for the event on October 10 at Congrescentrum 1931 in Den Bosch. |
Nederlands