Skip to content
Menu
menu
Illustration of icons featuring an orange cone, an eye, and a red alarm light. Text reading "five critical controls for industrial system cybersecurity".

Illustration by iStock, Security Management

5 Critical Controls for Industrial System Cybersecurity

By Claire Meyer
1 July 2024

Focus on Security Convergence

Smaller organizations and utilities can easily feel overwhelmed and under-resourced when facing cybersecurity threats. In a 2022 white paper, SANS Institute outlined five cybersecurity controls that together can create an efficient industrial control system (ICS) or operational technology (OT) security program—providing an effective starting point for organizations, especially as IT, OT, and physical attacks and effects overlap to harm infrastructure and communities.

5 Essential Cybersecurity Controls

0724-sm-infographic-ics-response.jpg

Incident Control Systems (ICS) Incident Response

    1. Do you have an incident response plan focused on operational integrity and recovery?
    2. Have you tested the plan with tabletop exercises and drills?

 

0724-sm-infographic-architecture.jpg

Defensible Architecture

    1. Defensible architecture reduces as much accepted risk as possible through system design.
    2. Identify and inventory as many assets as possible, especially key sites and crown jewels.
    3. Segment environments to restrict access and improve monitoring.
    4. Log activity and traffic, especially in systems of value, to detect anomalies early.

 

0724-sm-infographic-network-monitoring.jpg

ICS Network Visibility Monitoring

    1. Can you conduct deep packet inspection of ICS protocols? This helps collect data and detect risk scenarios, validate defensible architecture, and analyze root causes in security events.
    2. Many products can help with this control—look for ones that enable non-intrusive monitoring, asset inventory, vulnerability identification, and more.

 

0724-sm-infographic-remote-acces.jpg

Secure Remote Access

    1. In most industrial and critical infrastructure organizations, remote connectivity is unavoidable. Remote access has as many risks as benefits, so select your protocols and partners with care.
    2. Consider leveraging multi-factor authentication to reduce adversary attack options through remote access.

 

0724-sm-infographic-vulnerability-management.jpg

Risk-Based Vulnerability Management

    1. ICS vulnerabilities are discovered every day, making patch management feel overwhelming. Apply a risk-based approach enables teams to focus on key vulnerabilities that pose legitimate risks to the organization.
    2. Focus on the vulnerabilities that drive risk to the organization, such as those that enable an adversary to access the ICS or introduce a new functionality that could cause operational issues.

 

Focus on Security Convergence

Underfunded Water Utilities Contend with Leaky Defenses

Mass Emergency Planning Exercise Tests Resilience to Coordinated Converged Attacks

Editor’s Note: ‘Uncertainty is Wisdom in Motion’

Fast Facts: What is Security Convergence?

Emerging Technology Highlights New Converged Risks and Asymmetric Threats

Strengthening Infrastructure Security: Convergence in Utilities Industry

5 Critical Controls for Industrial System Cybersecurity

Best of Security Management

Is Your Workplace Toxic? Here's What You Need to Do

How Climate and Security Are Connected

Safeguarding the 2024 Olympics in Paris: A Comprehensive Security Approach

Infographic: How to Create Inclusive Evacuation Plans

The Fundamentals of Alerting Employees About Their Daily Commutes

3 Lessons for Building a Stronger School Security Culture
arrow_upward