Donovan Tindill is a control systems cybersecurity subject matter expert with the Honeywell Industrial Cybersecurity Marketing team having previously spent more than 17 years a control systems cybersecurity consultant in Canada and projects globally. Plant Services editor in chief Thomas Wilk caught up with him at the start of the year to find out what cyber-security issues are facing our industry in 2020. Here is an excerpt from the podcast.
PS: What kinds of tips or advice would you have regarding cyber preparedness for our maintenance and reliability audience?
DT: We’re becoming more and more dependent upon control systems and technology to function and succeed. At some point in time, there was a justification or an ROI that was made to invest in that technology in the first place. But what if it was down for cybersecurity reasons, somebody hacked in, or ransomware, or denial of service, and it was out not just hours, but potentially days? I’m not talking about plant downtime or process downtime, but the total denial of your digital systems. The networks, the computers, the firewalls, and the data on them. Do you have workarounds and recovery plans?
Cybersecurity is one of the few domains capable of having this kind of impact if it’s not addressed. It’s a mindset that you must carry through the entire life cycle of the control system, from its initial selection through to design, configuration, commissioning, and maintenance. Chances are, the control systems we have now are legacy technology. They were built or designed 10 or 20 years ago, so cybersecurity wasn’t baked into it from the beginning.
We’re working to mitigate that now, and the key takeaway is to leverage every opportunity from daily checklists: When you’re doing maintenance on the system, or procedures, leverage unplanned outages, as well as scheduled turnarounds to improve cybersecurity.
Listen to the entire interview below