Cybersecurity
Secure your physical and digital worlds against cyber attacks with Cybersecurity for Industry.
The threat of cyber attacks against industrial plants is real and their frequency is constantly increasing. The comprehensive protection of industrial plants against cyber attacks requires an approach that covers all levels simultaneously – from the operational to the field level and from the protection of data to secure communication.
Find out more about our Cyber Security solutions and how we can help, speak with our experts.
The Challenge
Industries harnessing the potential of digitalisation become open to the risk of cyber threats.
One of the industries' greatest challenges of digitalisation is optimally and securely handling data at all times.
The growing connection between production networks and office networks as part of IT/OT integration and the utilisation of the Internet of Things have many benefits for industrial companies, including digitalised processes and cross-company collaboration in ecosystems. At the same time, they also increase the risk of cyber threats. With our industrial cyber security solutions, we enable the comprehensive protection of systems and plants.
Megatrends bring a lot of challenges to industries
Digitalisation
The increasing cyber security attacks coming from the increasing amount of data and connected devices driven by digitalisation, and the higher security risk caused by a growing complexity of data usage and open networks remains a challenge to many industries.
Lack of skilled workforce
Despite the significant advancement in technology today, the industry is still missing relevant knowledge on how to deal with cybersecurity challenges in addition to the lack of skilled workforce on the market due to the many specific skills needed for the topic.
Increasing legal regulations
Because of the growing threats, more security compliance are being implemented and there is more to follow. There is also a great deal of difficulty in understanding the status of then facility and preventing human errors that affect the security of the solution.
Globalisation
Ensuring remote work-independent of the location, and securing the data exchange and communication between and within globally working companies remains a struggle for many industries while addressing the growing demands of globalisation.
Cybersecurity is even more important now than before.
- Exponential growth of vulnerabilities with digitalisation increases the attack surface
- Connected factories are ill-equipped to defend against cyber attacks
- Clients need end-to-end OT services and solutions
The NIS 2 Directive
The importance of Industrial Cybersecurity is growing as threats increase. Legislators are requiring more and more industries and companies to improve the protection of their businesses and customers.
As of October 17, 2024, the EU’s mandatory cybersecurity directive, NIS 2, will be implemented and is expected to enter into force at that time or for the foreseeable future thereafter. Companies in certain industries must demonstrably take appropriate cybersecurity measures and report serious incidents. Find out if you are affected and how we can support you!
What is NIS 2 regulation?
Stricter cybersecurity regulations in the EU
The EU has introduced a new cybersecurity legislation called the Network and Information Security 2 (NIS 2) Directive. This directive represents a significant enhancement to the existing NIS directive, mandating EU Member States to adopt and rigorously enforce stricter cybersecurity regulations.
Deadline
By 17 October 2024, Member States must adopt and publish the measures necessary to comply with the NIS 2 Directive. They shall apply those measures from 18 October 2024.
Who does NIS 2 apply to?
Find out if your company is subject to the NIS 2 Directive
The scope of the NIS 2 directive encompasses all organisations, including companies and suppliers, that play a crucial role in sustaining the European economy and society by delivering essential or important services. If your organisation falls under any of the following categories and meets the criteria of having more than 50 employees and a turnover exceeding €10 million, compliance with the NIS 2 directive becomes mandatory.
What are the main points of the NIS 2 Directive?
Improve resilience against cybercrime
The new NIS 2 Directive aims to enhance the resilience and incident response capabilities of both the public and private sectors. The directive specifically focuses on combatting cybercrime and improving both European and national cybersecurity management.
What is the status of NIS 2?
The NIS-2 Directive was published in the Official Journal L333 of the European Union on December 27, 2022. It comes into force on the twentieth day following its publication. Member States must transpose the directive into national law within 21 months of its entry into force.
Is NIS 2 mandatory?
Facts that management should be aware of.
The management bodies of essential and important entities approve the cybersecurity risk management measures taken by those entities to comply with the NIS 2 minimum cybersecurity risk management measures (Article 21). They oversee their implementation and can be held liable for violations of this article by the entities.
Members of the management bodies of essential and important entities are required to undergo training, and shall encourage essential and important entities to provide similar training to their employees on a regular basis.
What is the difference between NIS 1 and NIS 2?
Updated EU cybersecurity requirements
NIS 2 is an updated version of NIS that provides improved guidance and clarity on the EU’s cybersecurity requirements. It expands the scope of essential and important entities, specifies management liabilities, outlines how controls should be carried out, and addresses how breaches should be reported. For the first time, directors are liable with their personal assets if they fail to comply with legal requirements. In summary, NIS 2 is an enhanced version of NIS that offers more comprehensive and detailed cybersecurity guidelines.
Take the first step to securing your systems
Join the FREE* Seminar on Cybersecurity.
Parmley Graham, in association with Siemens is hosting a seminar on Cybersecurity in compliance with IEC 62443 and NIS2 mandatory requirements.
15th October 2024 | 9.30am - 3.30pm
Parmley Graham – Head Office
South Shore Road,
Gateshead,
Tyne and Wear
NE8 3AE
5th June 2024 | 9am - 5pm
Siemens House – Manchester
Sir William Siemens House,
Princess Road,
Manchester
M20 2UR
* Limited spaces available.
Why you should attend this webinar? Read the topics.
All seminar sessions are FULLY BOOKED. Please register your interest and we will notify you as soon as the next schedule becomes available.
Can't make it to our live seminar?
Book an online seminar
If you need an exclusive session for your team, you can also book an online seminar with one of our cybersecurity team.
Defense in Depth
Addressing the strong need for protection of automation systems and OT against cyberthreats.
Plant Security
- Systems to prevent unauthorised access to critical components
- Consulting services to define and implement processes and guidelines according to IEC 62443-2-1 and 3-3
- Continuous Security monitoring
of the plant and network - Fully scalable plant protection concept
- Standard conform security guidelines tailored
to the customer organisation - Identify and react on security threats in daily operation
Network Security
- Cell protection, perimeter network and trusted zones
- Firewalls and VPN
- Design, conception and realisation of a network security concept, to prevent unauthorised access and to protect the industrial communication
- Prevention of unauthorised access and espionage of data
- Secure remote access and telecontrol services via public networks (internet)
- Increased plant availability
- Easy to operate – time and cost saving
System Integrity
- System hardening
- Patch Management
- Authentication and access protection
- Design and implement measures to protect automation systems against a variety of threats and design complete solutions for maximum protection over the system lifecycle
- Increased plant availability
- Identifying threats and vulnerabilities over the
lifecycle - Use of certified secure developed Siemens
products according to IEC 62443-4-1 - Comprehensive long-term protection through
continuous monitoring and security management
Comprehensive security concept as recommended by IEC 62443.
Physical protection and security management for automation systems
Plant security employs various methods to prevent unauthorised persons from physically accessing critical components, ranging from conventional building access to the securing of sensitive areas by means of key cards.
Tailored Industrial Cybersecurity Services from Siemens include processes and guidelines for comprehensive plant protection. These range from risk analysis, to the implementation and monitoring of suitable measures, all the way to regular updates.
Secure communication in industrial networks
Safeguarding automation systems and control components
Whether your goal is to protect existing know-how or to exclude unauthorised access to your automation processes from the very start as a way of preventing faults in your production processes – we help you implement targeted measures to protect against a variety of threats and design complete solutions for maximum protection.
Our integrated security features provide comprehensive protection against unauthorised configuration changes at the control level and unauthorised network access. They prevent the copying of configuration data and make it easier to detect any attempts to manipulate these files.
Specific cybersecurity concepts for industry
Cybersecurity for Industry that’s proven in practice
Multilayer Defense-in-Depth concept
Protecting individual areas is no longer sufficient for withstanding the various threats. The Defense-in-Depth concept is strengthened by Zero Trust principles and is supported by three pillars: plant security, network security, and system integrity.
Products hardened ex works
Siemens’ development processes and factories are certified and products are hardened ex works. This means that security vulnerabilities are avoided from the very start and security settings can already be configured or specified in the factory. The latest knowledge about cyber threats is constantly being incorporated into the protection of products.
Proactive protection against threats
As a member of the Charter of Trust, Siemens’ own Cyber Emergency Response Team proactively guarantee the most up-to-date protection for customers and their own factories. When necessary, Security Advisories also inform you of current threats to your company and any necessary updates to the products.
Protected in every aspect
As a valued reseller and partner, we leverage from Siemens’ experience from their own production plants and enable to pass the knowledge along to our customers, and incorporate it into our products and services – combining well-grounded domain knowledge and industry-specific knowledge with an understanding of cybersecurity.
Take cybersecurity in your company to the next level
Certification and standards
Improve the security of your industrial plant based on the latest certifications and all relevant IT security standards. Drawing on our many years of experience, we advise you on the selection and implementation of suitable standards.
Cybersecurity Services
SITRAIN security training
To find out more about cybersecurity and how we can help you with it, please speak with our experts.
For your specific requirements, talk to us.
To see how we can help with your systems or if you have any enquiry, please get in touch – we’ll be pleased to help. Send us an email at support@parmley-graham.co.uk or fill the form below.
Save 30% or more + Parmley Graham experts' support
Cybersecurity Application Bundle
Develop a robust defence against cyber threats, using built in TIA Portal and SIMATIC security functions along with a SCALANCE S Firewall, with optional RFID components that enable seamless access control and asset tracking, enhancing security.
- Security configurations set using security wizard, for confidential configuration data, secure PG/HMI communication and plc access protection
- Perimeter based security using industrial firewalls with centralised management
- Explicit identification of operating staff at machines and plants, including access control and audit trail
*Subject to Terms & Conditions
Cybersecurity Application Bundle Components
Mandatory Items
S7 CPU
S7-1500 Advanced Controllers
Unified Comfort Panels
Unified Comfort Panels
RF1000
RFID System
Scalance S Firewall
SCALANCE S Firewall
Spurred on by the rapid advance of digitalisation, trends and changes, far-reaching implications are emerging in industrial communication. Open communication and the ever-stronger networking of production systems not only offer huge opportunities, but also a major risk of being hit by a cyber attack.Security Integrated network components from Siemens, such as SCALANCE S Industrial Security can be added for protected and simultaneously practical remote access to widespread machinery and plants.
Optional Extras
ID Key Switch
Plastic Pushbutton Units - ID Key-operated Switch
SIRIUS ACT is a modular system of command and signaling devices for front panel mounting and rear-mounted electrical modules. Complete units made up of an actuator or indicator and contact modules and/or LED modules are offered for the most frequent application cases.
PSU 6200 / 8600
SITOP PSU6200 - Additional Diagnostics & Condition Monitoring
Experience the start of a new chapter in the world of standard power supplies with the SITOP PSU6200 all-around power supply. Whether you’re a builder or operator of control panels, machines, or plants, all users benefit from the ingenious functions and features of the new SITOP PSU6200 product line – throughout the entire lifecycle, from planning and engineering to installation and operation.
- Focused diagnostics. Top integration.
- Fast installation. Top efficiency.
- Dependable operation. Top reliability.
SITOP PSU 8600
Selectivity
Current and Selectivity Monitoring
The SITOP selectivity and diagnostics modules are the optimal extension for all 24-V DC power supplies. They distribute and monitor the load current over several current circuits. Overloads and short circuits on a circuit are reliably recognized and the faulty 24-V DC load circuit reliably disconnected, while the other loads continue with absolutely no interruption; this prevents the complete failure of the plant.
- Reliable tripping, regardless of the cable lengths or cable cross-sections
- 4 or 8 24-V DC load feeders per module
- Alternative switch-off characteristics:
X 200 Switch
Managed Switches Layer 2
Discover the rest of Siemens Automation and Application Bundles
We are Siemens trusted and approved distribution partner.
As a Value Added Reseller in Siemens’ Approved Partner network, Parmley Graham is a proven supplier of a wide range of quality products in the UK and globally.
Find out more how this will benefit you or check Siemens Configurator.
