As more and more devices are connected to the process control network, there are more and more risks related to potential impacts from industrial cyber security events, some of which may not even be targeted against industrial control systems (ICS).
For instance, WannaCry ransomware actually shut down entire plants without that being its primary objective. Is this a risk you can ignore?
What is an industrial cyber security event?
An industrial cyber security event is anything that can negatively impact the ability to view, monitor and control the industrial process. Such situations can come from human error, equipment failure, or malicious activity.
Are we taking the necessary precautions to help mitigate the potential impact of a cyber security event?
We need to be cognizant that “what is a good cyber security control or best practice (configuration management), will also be a good operational control.” This means that the best practices we can perform to mitigate risk for industrial cyber security events will also be effective controls for ensuring operational uptime or availability.
They will also give us the ability to reduce the mean time to repair (MTTR) for operational and cyber security event outages when, not if, they happen.
What are you doing to increase your industrial cyber security?
There are no shortcuts. Industrial cyber security is a journey that never ends, for the threat landscape is always changing as technology within control systems keeps advancing. There are, however, fundamental measures that we need to take.
First, make cyber security part of the industrial network design cycle. If we make this part of the design, we will make sure cyber security event risk reduction is taken from the start versus trying to bolt on industrial cyber security controls after a control system is deployed.
One other step we (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/visibility-an-essential-component-of-industrial-cyber-security/