Blog

In today’s digitally connected world, there is little doubt that cyber threats against the industrial networks that operate our global critical infrastructures have grown more prevalent and sophisticated. This disturbing trend poses both a criminal and national security threat and has raised the need for governments, industry regulators and private sector organizations to search for ways to implement more effective cyber risk management strategies to protect the SCADA and Industrial Control Systems (ICS) that operate mission-critical infrastructures such as power, nuclear, oil and gas, water and sewage treatment.

Without an effective risk management strategy in place, operators of critical infrastructures know that their systems are facing a hostile and dynamic environment and they are less than perfectly prepared to meet the onslaught. If you can’t quantify the risk to your systems and your organization then you’re forced to put in place a myriad of ineffective and redundant defense mechanisms (sometimes referred to as “defense-in-depth” or layered defense) that typically lead to increased cost and complexity and add little to no quantifiable reduction in risk.

Certainly, implementing defense-in-depth is better than nothing. It will provide some protection. But as the threats from outside the organization as well as the insider threats get more sophisticated the response does not have to be - add more layers of defense. What you need is a better understanding of the systems you have. Managing the cyber risk to your industrial control systems will also make your systems more resilient and I am sure that most of your customers will appreciated that. Just imagine, you can demonstratively increase the security of your control systems while simultaneously increase their resilience. This is the classic win-win situation.

This bottom-up approach to risk management does force more rigor into the process of protecting your assets and it shifts your focus from “out there” (i.e., the Internet) to an internal focus. You can’t do anything about the Internet, even though at times you simply want disconnect all your systems from the Internet. That approach might work fine for some isolated and classified military systems, but it is not a good strategy in the private sector. The only area where you have any control is on your own turf. So, taking a bottom-up approach will force you to more fully understand what you have and how it behaves. You will have to understand the failure modes that exist within your systems.

For example, if you know all the ways in which a particular PLC can fail, then you are not so concerned about the latest threat de-jour. Instead, you can build a resilience profile for your systems, you can know how they fail and that (the failure modes) is what you protect against. There is really no need to protect your PLC (for example) from everything under the sun.

By introducing a bottom-up approach to managing the cyber risk to industrial control systems at your facility you’ll have the latest methods to assess, mitigate and ultimately manage your risk. This approach has the potential to significantly reduce the complexity of your network while quantifiably increasing your security posture. In simple terms, less complexity, enhanced resilience, and better security. This is exactly what this industry needs and gives you, the ICS professional, a good argument at the next budget battle.

- Perry