NIS Directive and Cyber Security in ESA Automation Products

The European NIS Directive has once again called the attention to the importance of cyber security in Industry 4.0. The growth in digitalization has increased the need for solutions that can prevent cybernetic attacks and fight digital threats. Solutions like those offered by ESA Automation, which has always put security – as well as connectivity – at the center of its products.

What is NIS Directive? All you need to know

The NIS Directive has three main goals:

  • “To promote a culture of risk management and incident reporting among the main economic actors;
  • improve national cyber security capabilities;
  • strengthen cooperation at national and EU level. “

Today, many essential services depend on digital, from energy to industry, transport and health. This is why it’s in the interest of the Government to guarantee its continuity and security. How? B adopting technical and organizational measures that will reduce digital risks and, in the case of IT accidents, limit their impact. Hence the obligation to notify any accident that has a significant impact on a service provision.

The NIS Directive has another important purpose: to adopt all necessary tools to create a punctual and effective network of cooperative measures between the States of the European Union. It is then each individual state’s responsibility to appoint the national competent authorities for cyber security, as well as the National Computer Security Incident Response Team (CSIRT) that is responsible for monitoring and preventing accidents in this field. All in cooperation with the CSIRTs of the other EU States.

ESA Automation cyber security solutions

ESA Automation offers multiple cyber security solutions to prevent attacks on networks and production plants. Starting from our Everyware platform, which in its 2.0 version includes a “double authentication” access policy (or two-step authentication). This procedure consists first in entering your Domain Name, Username and Password. Later, you can choose between:

  • Verifying with a code sent via SMS to a telephone number entered during the user registration.
  • Verifying with an OTP (One Time Password) code generated by a specific app installed on a phone registered with the user.

Another digital security solution is represented by the encrypted VPN connection based on the TLS 1.2 algorithm, which can prevent external attacks and protect all the data in the system.

Finally, to separate the IT (Information Technology) network from the OT (Operational Technology) network, ESA Automation products present:

  • Physical separation, integrating two separate ethernet ports with different IP addresses.
  • A firewall that allows you to define the bridge rules between the two networks in order to filter access to the OT.

With digital data growing every day, cyber security is destined to play an increasingly important role in Industry 4.0, and thanks to solutions such as those of ESA Automation, companies can continue to produce safely.