Emergency WAN connectivity to ensure business continuity

Emergency WAN connectivity to ensure business continuity

Probably The coolest thing in cyber security is that you constantly learn.

On a conference I was speaking up I was asked by an attendee in my audience, and after my talk whether I could answer him a very confidential question.

Turns out the guy was the CISO Of an oil and gas company, and had heard him I talk my reference to an emergency WAN connection . 

For him this was a major issue, because they were in the business were faults aren’t easily tolerated.

Meaning, he was responsible for the security of critical infrastructure.

Now, primary and secondary connections to the Internet/network are pretty cool, and in most cases do the trick of keeping you connected.

The problem is when you are in a country where pretty much everything is unreliable.

So his question was: how do we secure our critical infrastructure, a majority of which we have remotely connected/under remote management.

I liked the challenging outlook of the project, and provided them with an offer to conduct a thorough risk assessment.

The outcome of the risk assessment was a disaster, And so I ended up staying with them for quite a while to mitigate a lot of the discovered threats. 

Getting back to the original question, and the content of the post: having an emergency connection to the Internet is becoming increasingly important.

This is true for a variety of businesses, and organizations which rely on a stable connection to the Internet, because parts of their mission relies upon being able to connect to remote devices.

Now, this doesn’t go one way, and was one of the major headaches this guy had.

If the network goes down, it affects all devices. So in the first instance he was just thinking about having some kind of alternative means to connect to the Internet.

What he forgot was the fact that the connected devices which need to be managed in case of an emergency, would not be connected anymore because the Internet is not available to them also; or at least the connection is interrupted.

We ended up building a solution which relied on a satellite connection , Which was a major headache because connecting established hardware through GSM/3G/(LT/landline is not a problem at all; if you come around the corner with something exotic like a satellite connection, the vendor of the SCADA/PLC is going to shut their Blinds and say something along the lines of: hate we don’t know you guys!

So requesting support for this from the vendor side was a major headache; we did however manage to find a pretty nifty engineer within the organization who was able to solder something together which actually worked too!

Whether or not you work for an organization that requires an emergency WAN connection is hard to determine; further it has to be evaluated whether or not the worst case is so costly that it makes sense from an economical point of you to invest this kind of money, and to be able to justify it in front of your Board of Directors.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.