An article posted on Wired.com on September 7th provides potential concerns for all who manage an industrial control system (ICS). Hackers exploited firewall vulnerabilities to cause periodic blind spots for western United States grid operators. The incident lasted 10 hours on March 5th. Even though no blackouts occurred, the cyberattack should have ICS operators questioning their cybersecurity measures.
To ensure your Industrial Control Systems in Edison NJ have proper measures in place, you must address the following questions.
- Do you have the people to maintain and sustain ICS security? Cyber-security is often thought of as a technology issue. When a protective measure is implemented, it does so without the people who can fix any issue that may arise.
- Do you know what is in the field? You must have a full grasp of what assets you have and to which systems they are connected. Then, you need to understand what technology controls are already deployed and where technology can help.
- Do you have cyber-security control system policies in place? Do not equate IT security with control system security. They have different functions. Your control system policies should address whether or not an incident affects the process integrity.
- Can you trust the output of your ICS devices? Ensure you can trust the data your give you. You should have a plan to verify the data in case of suspected compromise.
- Are IT security measures protecting or harassing your systems? Make sure that IT work with control system personnel on any changes or upgrades. Rules that govern IT systems could cause disastrous results for a control system.
- Do you have the right documentation for your systems? You need to be able to evaluate an issue with a device. Documentation will tell you what to expect when a component fails.
- Do you understand your network access issues? Network-connected control systems are easier to manage. But, you must ensure you understand all the security implications and how to mitigate issues.
- Can you properly respond and manage a cyberattack? You must address your ability to respond to and mitigate an attack.
For more information on evaluating Industrial Control Systems in Edison NJ, contact AG Electrical Contractors.
