Cybersecurity assessments are a vital part of maintaining the overall operational health of your facility. Assessments identify areas of concern that may have been overlooked or deemed unimportant. Even if you’ve already decided against having an assessment performed, there could be value in the exercise that you haven’t yet considered. Understanding how cybersecurity assessments work and your options for handling risk might change your mind.
How do assessments work?
Cybersecurity assessments provide a better overall understanding of the risks in your facility. Working in your facility every day may blind you to cybersecurity issues; having an assessment performed by a trusted organization brings fresh eyes and an objective perspective for identifying risks that the day-to-day staff is not aware of.
By identifying specific areas of concern, the assessment helps owners and operators understand how to allocate their resources for the best return. Taking a proactive approach—i.e., not waiting for a problem to occur—reduces the likelihood that you will be the next victim of a cyberattack.
The steps to each particular assessment vary depending on the plant’s goals and the assessment company, but an assessment typically follows this format:
- Document what the plant is or is not doing regarding security practices, including a review of existing policies and procedures.
- Compare information to industry regulations, best practices, and standards.
- Identify gaps to understand the current risks and determine their criticality.
- Create a report with recommendations on how to address issues.
- Review the report with the client, helping them understand their current cybersecurity posture.
- Fully informed, the client then decides what risks they choose to address.
To be effective and keep your facility safe, the assessment must result in a unique, prioritized list of specific risks and potential remediation strategies. The criticality of identified risks and the effectiveness of risk mitigation strategies vary between plants depending on their level of risk tolerance. What is essential to Plant Alpha may not be as pressing for Plant Bravo. The organization performing the assessment must understand what’s most crucial to you and your operations. Prioritization is based on plant needs, and the solutions developed have to be tailored to your unique circumstances.
Issues will be identified in the assessment, but how they are weighted will vary between plants, even within the same company. Solutions can be complex, simple, expensive, or cheap, and you will need to keep your goals in mind when deciding what risk level you are comfortable living with and what must be addressed immediately.
Why are assessments important?
Ultimately, a cybersecurity assessment identifies risks and provides solutions to help keep you safe from the next big cyber issue. Most people are reactive to cybersecurity and more willing to spend money on it after a breach. Can you afford to go down with the next attack?
We can’t know what, who, or when the next big cybersecurity issue will be, but a proactive approach will have your plant prepared and informed about risk. It’s vital that the company you choose to perform your assessment understands the industry and stays abreast of the latest developments. Find a team with the relevant certifications in cybersecurity working diligently in the industry to define standards for sets of controls.
Don’t wait until it’s too late—if you try to solve the problem after you’ve been breached, there is nothing anyone can do for you. Identifying risk and being proactive by scheduling your cybersecurity assessment will give you peace of mind and, most importantly, a safer facility.
Brandon Bohle is Manufacturing IT Analyst III at Interstates, a certified member of the Control System Integrators Association (CSIA). For more information about Interstates, visit its profile on the Industrial Automation Exchange.