Talks of cyber security are at an all-time high yet too many utilities wait in limbo between no action and reaction. That’s because real cyber defense involves more than firewalls and controls.
Whether you’re a small or big utility, an effective strategy demands an operational transformation that integrates multiple levels of controls, policy, and protocols. A daunting task, utilities are realizing the need for fully-coordinated security expertise, in addition to strategies that do more than avoid risks, but actively respond to them in real-time. As IIoT experts, we understand the road to glory won’t unfold overnight, but best practices are emerging everyday. After years of seeing what works and what doesn’t, here’s what we believe are the core practices that make up real cyber defense.
A strong security framework provides strategy from threat prevention to recovery. It measures all of the threats, activities and developments that can impact your network and identifies the mechanisms to prevent, monitor, and respond to cyber threats in real-time. The NIST Cybersecurity Framework is a good start for thwarting cyber threats while maintaining ICS performance, reliability and safety. Your security framework must address three key stages: threat prevention, detection, and recovery. Knowing which threats abound, combined with continuous monitoring is the basis of effective prevention. Further, having a framework will help you prioritize your security investment, helping you identify any redundancies and understand if the problem requires a technical solution.
Integrated guidelines
Nearly all cyber incidents that utilities and critical infrastructure providers reported in the past two years could have been prevented if system owners had implemented guidelines recommended by ICS-CERT, the industrial security agency explained in a report. While there is no one-size fits all approach to ensure a hack-free grid, the seven best practices ICS-CERT advocates are worth integrating into your official policy. They include the implementation of application whitelisting to detect and prevent execution of malware, proper system configuration and patch management, an isolated ICS network, complex authentication, monitoring and response, secure remote access, and a fully-defendable environment.
Aligned team
Communication between various teams within your agency will make-or-break the security of your operational network. System engineers, cyber security professionals, and network engineers can no longer operate independently of one another. They must find a common framework in which they can communicate. When it comes to defending the IIoT, no one person can be the subject matter expert. Further, partnering with a third-party expert might be prefered to going at it solo. At SSS, we know all too well the importance of cyber defense in securing the grid and your operation. By integrating a framework, recommended protocols and a team approach to security, you will be on your way to cyber security success.
—
Second Sight Systems is a leader in secure solutions for your industrial and utility communication systems. To talk with one of our experts, please reach us at info@sssrf.com