Guide To Increased Security In Industrial Control Systems ICS
User Manual:
Open the PDF directly: View PDF
Page Count: 48
- Guide to Increased Security in Industrial Control Systems
- Summary
- Contents
- Preface
- Guide to Increased Security inIndustrial Control Systems
- Part A : Prerequisites and general recommendations
- Industrial control systems
- Security in industrial control systems is important!
- Differences between administrative IT systems and industrial control systems
- Good security culture– a basic requirement
- Summary of recommendations for increased security in industrial control systems
- Part B Recommendations and guidelines
- Basis for recommendations
- Recommendations for increased security in industrial control systems
- 01 Clarify roles and responsibilities for security in industrial control systems
- 02 Establish a process for surveying industrial control systems and for conducting risk analyses
- 03 Establish a process for change management in industrial control systems
- 04 Establish processes for contingency planning and incident management in industrial control systems
- 05 Introduce security requirements in industrial controlsystems right from the start in all planning and procurement
- 06 Create a good security culture and heighten awareness of the need for security in industrial control systems
- 07 Create a multilayer defence (defence-in-depth) in industrial control systems
- 08 Implement around-the-clock internal and external intrusion detection and incident monitoring in industrial control systems
- 09 Conduct risk analyses of industrial control systems
- 10 Conduct periodic technical security audits of industrial control systems and connected networks
- 11 Continually evaluate physical security of industrial control systems
- 12 Ensure that any and all connections to industrial controlsystems are secure and relevant
- 13 Harden and upgrade industrial control systems in collaboration with system vendors
- 14 Follow up incidents in industrial control systems and monitor external security problems
- 15 Participate in user associations, standardisation bodies and other networks so as to increase security in industrial control systems
- Part C Reference list with comments
- NERC CIP-002-2 to CIP-009-2
- NIST SP 800-82 – Guide to Industrial Control Systems (ICS) Security
- CPNI Good Practice Guide Process Control and SCADA Security
- 21 Steps to Improve Cyber Security of SCADA Networks
- Information Security Baseline Requirements for Process Control, Safety and Support ICT Systems
- Cyber Security Procurement Language for Control Systems
- Information resources (selection)