Three walls are better than one 

Cybersecurity at Siemens

Hacker attacks on factories are increasing and are becoming more and more sophisticated in the process. A powerful line of defense against them can be created only by using a carefully coordinated arsenal of weapons. The second installment in our series on Cybersecurity for Industry explains how companies can erect strong cybersecurity walls around their factories.

During the Middle Ages, princes who were hard up for money applied the following strategy: They erected their fiefdom on a hill and surrounded it with a wall. They built a gateway in the front that allowed goods to be transported in and out – and, on occasion, the soldiers of enemy armies or bands of robbers. As an added layer of defense against such attacks, princes with especially deep pockets built two or, even better, three walls. They also surrounded the outer wall with a moat, an obstacle that could only be crossed with a drawbridge. Even when attackers had cleared the first hurdle, they were still a long way reaching from the heart of the fortress. Having been weakened by the initial assault, they had to withdraw in certain cases.


Franz Köbinger likes to use the image of castle walls to explain concepts used to effectively protect factories from hacker attacks. The Marketing Manager for Industrial Security at Siemens says one wall will not get the job done. He adds that companies need to apply a combination of multi-layered and graduated measures that can prevent cyber-gangsters from penetrating a company’s defenses and shutting down operations, stealing sensitive information and encrypting data for the purpose of extorting a ransom. Siemens is already applying these principles in its own factories and is using the knowledge that it has gained there to help its customers create extra layers of cybersecurity by applying this experience in products and services.

Deep defense

Production facilities and critical infrastructures have become interesting and lucrative targets for hackers. Franz Köbinger, who has been working in the area of industrial cybersecurity for years, knows this fact of life better than just about anyone. The response focusing on all aspects of factory automation that he and his colleagues in the Digital Industries business segment have developed is based on an idea called Defense-in-Depth. This strategy protects key levels while erecting additional virtual walls around the factory:

  • System integrity: The objective is to protect automation components in such a way that keeps hackers’ greedy hands from sensitive data and thus prevents them from causing damage. This includes such measures as authentication that allows access to only authorized individuals. Another key aspect of this strategy is a sophisticated system of patch management that facilitates security updates once vulnerabilities are found. After all, the aim of the strategy is not only to be secure, but also remain secure. The production operation may not be interrupted or made more elaborate when the security concepts are applied. Siemens’ expertise comes into play here. Unlike many service providers who obsess over IT issues and know very little about OT, the specialists around Franz Köbinger have a high level of expertise about factory processes and know exactly where the sensitive areas in procedures are.
  • Network security: Today’s machines are connected in many ways, including via the Internet. They are vulnerable from outside attack as a result. Siemens’ experts protect the network in a factory by erecting firewalls and using encrypted networks like VPN. They also recommend network segmentation. In this process, particularly sensitive facilities, places where a successful attack could cause very costly damage, are segregated from the rest of the communications network. Network segmentation also helps prevent an attack on one part of the network from spreading like wild fire to other areas of a factory. 
  • Facility security with Industrial Security Services: Many factories are decades old and are being digitalized bit by bit. Siemens works with its customers to develop concepts that can place these operations on the highest cybersecurity level and help them avoid becoming easy prey for hungry hackers. This process includes continuous security monitoring that sounds an alarm when an attack is attempted. In spite of all of the digitalization: The be-all and end-all of any factory’s lines of defense is integrated organizational and technical measures that are backed up by well-trained personnel.

Simply keep the gate closed

Factory operators can select the stones that they want to use to erect their walls and multi-tiered and, thus, effective line of defense – after all, every factory is different. Franz Köbinger: “Demand for Siemens’ OT security workshops has risen sharply.” Customers should keep one thing in mind: The thickest walls are useless if the guard falls asleep at the gate. For this reason, the first requirement is to ensure that all employees understand the threats and to continuously train them about ways that they can protect the company and themselves or, at the very least, not endanger them. The human factor is frequently the weakest link in the chain.
Bernd Müller

Part 1 - Cybersecurity for Industry: always one step ahead

Part 2 - Three walls are better than one

Part 3 - Built-in cybersecurity

Subscribe to our Newsletter

Stay up to date at all times: everything you need to know about electrification, automation, and digitalization.