Most assume that safety and security go together and are basically synonymous concepts. However, over the years experts in the ICS industry have continuously emphasized the physical safety in organizations and put less focus on the security aspect. IT professionals in these environments are now being confronted with real consequences due to a lack of security measures. Stuxnet is a perfect example of what happens when security precautions are ignored. Operators, IT managers and directors must now make special arrangements to protect from these types of attacks.
Walt Sikora, vice president of security solutions of Industrial Defender recently shared his thoughts with Control Magazine editor, Walt Boyes, about the differences between safety and security. Walt explained:
“From my perspective, safety is taken seriously, openly communicated and a high priority. Most utilities and plants have a 'safety moment' before every meeting to stress the point. Even before someone is allowed to visit a plant, they usually go through a safety training video. Very few, if any, companies do the same with cybersecurity. Have you ever visited a process plant and seen a big sign showing how many days since their last cyber incident?”
Security needs to be a focus for all companies, not just the ones in the automation industry. Executing steadfast safety measures is crucial, but it’s only one piece of the puzzle. In order for any organization to feel secure, owners and operators must become experts in and implement both safety and security.
To learn more about why safety and security are so vastly different and equally important, please read the full Control Magazine article here: CyberSecurity in Your Safety DNA.