Tuesday, February 9, 2016

ISA Offers Free White Paper on Cybersecurity for Industrial Control Systems

cybersecurity for industrial control systems
Industrial control system pose special
cybersecurity challenges.
The International Society of Automation is offering a free white paper entitled “What Executives Need to Know About Industrial Control Systems Cybersecurity”. The article provides useful commentary and information that establishes the scope of cybersecurity in the industrial process control space and provides a basic framework for understanding how every process may be impacted by lax cybersecurity efforts. The author, Joseph Weiss, differentiates Industrial Control System (ICS) cybersecurity from that of organizational IT through a review of various attributes common to both types, including message confidentiality, integrity, time criticality, and more. Any reader’s awareness and understanding of the cybersecurity risks to their operation will be enhanced through this article. I finished reading the article wanting more on the subject, and ISA is certainly a resource for additional content.

A quote from the article...
“Cyber incidents have been defined by the US National Institute of Standards and Technology (NIST) as occurrences that jeopardize the confidentiality, integrity, or availability (CIA) of an information system.”
ICS cybersecurity extends beyond preventing malicious outside intruders from gaining access. It is an important part of maintaining the overall operating integrity of industrial processes. A holistic approach is advocated to identify physical risk factors to the process and its componentry (previous post on device protection), as well as vulnerabilities that may prevent exploitation by unauthorized parties. Weiss goes on to describe the role and qualifications of the ICS Cybersecurity Expert, essentially an individual that can function effectively as an IT cybersecurity tech with the added skills of an industrial control systems expert.

A synopsis of attack events is provided in the article, with the author’s conclusion that not enough is being done to secure industrial control systems and the risk exposure is substantial in terms of potential threats to personnel, environment, and economy. By providing your name and email address, you can obtain the white paper from the ISA website. Your time spent obtaining and reading the article will be well spent.

For any specific information or recommendations regarding our products and cybersecurity, do not hesitate to contact us directly. We welcome any opportunity to help our customers meet their process control challenges.