More and more devices are being connected to each other and external systems, creating the rise of the Industrial Internet of Things (IIoT) and making the task of protecting control networks more complicated than it has been in the past. With increased connectivity comes a greater potential for cyber attacks or accidental cyber incidents. Therefore, it is more important now than ever to understand the principles of cybersecurity.
Start with a risk assessment
The first principle of cybersecurity is to understand your network’s level of risk and rate the state of cyber defenses at your facilities. Purchasing these assessments from third parties can be costly. However, you can implement a zero-cost industrial security risk assessment. While this might not be for everyone, it can be a viable option for a company that can’t afford a third-party assessment, but also can’t afford to do nothing.
The steps for implementing a zero-cost industrial security risk assessment include the following:
- Determine who should help with the risk assessment (consider IT personnel, an executive, and a person from each type of job in your company).
- Identify critical assets.
- Prioritize and list the largest risks for each asset.
- Prioritize the list of industrial security assets.
- Determine and rate existing protection measures.
However, don’t stop analyzing your risk after you’ve completed these steps—no security measures are 100 percent foolproof. The best security requires that you monitor, evaluate and improve your plans regularly to ensure current measures are working effectively and to recognize new or developing risks to your network.
Plan a defense-in-depth strategy
After completing the risk assessment, you need to create a plan to secure your network. The most effective approach is defense in depth (DiD), which includes multiple layers of defense distributed throughout the control network.
A well-developed DiD strategy includes:
- Multiple layers of defense instead of relying on a single point of security.
- Differentiated layers of defense, ensuring an attacker can’t access all subsequent layers after getting past the first.
- Context- and threat-specific layers of defense—meaning each layer is optimized to deal with a specific class of threats.
A network protected by using a DiD strategy adds security solutions inside the control system, limiting the impact to the zone where the problem began, and using alarm messages to pinpoint the zone and the source of the problem.
Protect the crown jewels first
Lastly, you must prioritize the crown jewels. What are the crown jewels? Think of the systems that would cause a complete disaster for your network if they were shut down (either unintentionally or maliciously). Protecting the crown jewels means focusing your protection efforts on your most important assets.
Control systems have become complex and difficult to protect at all times, so use the method that the smart IT teams are using and focus your resources on securing those assets that really matter to the survival of the company.
Don’t let the complications brought on by IIoT’s increased connectivity or the high cost of formal risk assessments keep you from protecting your network effectively. By taking the right steps to understand your threats, choosing a layered approach to your security, and prioritizing your most important assets, you can successfully protect your network in our increasingly connected world.
You can learn more about the principles of cybersecurity by attending Belden’s Industrial Ethernet Infrastructure Design Seminar Oct. 19-22 in Schaumburg, Ill. For more information, or to register, visit www.belden.com/designseminar.
Click here to download the white paper: “Cyber Security in Electrical Substations”
