It is always said that security is never a one-size-fits-all solution.  This is true not only because of the apparent infinite varieties of equipment in each individual organization, but also, and perhaps more importantly, the different ways that every organization views security. Some spend lots of time focusing on physical security, especially those with industrial control systems (ICS). Others are small organizations, where the primary concern is personal data theft. There is also everything in between those two ideologies.

Fortunately, the end goal is usually the same for each entity, with the disparities amounting to a misunderstanding of language or some industry-specific phrasing.

An example of that would be someone from the ICS world referring to their log management solution as “the historian,” whereas someone in the commercial vertical knows it as a SIEM. Fundamentally, they do the same thing; gathering up all the activity or event data from devices to be forensically stored/analyzed at a later date.

How can one bridge the gap of industry jargon to try and explain that even though one thing might be known as something else, it does not mean that it provides a different function? The time-honored analogy may be the best method.

Although there are broad expanses where security is important, there are four key areas of security concerns that all ICS organizations should maintain.

1. Asset Management

This refers to the consistent management or awareness of devices within an organization, whether that means software, PCs or even hardware devices, such as a PLC on an ICS plant floor. Any entity found within an organization could be vulnerable to compromise, and not knowing what you have is no different than intentionally leaving it unsecured. Ignorance is not bliss.

There was a time when the idea that any device could (Read more...)