Cyber security is a reality of business in our connected world. Industrial Control Systems are a frequent target and need to be protected. In 2015, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reported 295 attacks in the US against control systems, with the systems governing energy production and distribution being the second biggest sector affected.
Regulations, standards and frameworks are ubiquitous but how do you know which one to follow? Whether you have internal company standards you are aligning to or geographical standards or regulations that are being enforced, a great place to start is the Seven Strategies to Effectively Defend Industrial Control Systems, published by ICS-CERT.
Who is ICS-CERT?
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is a US-based group that partners with law enforcement agencies and the intelligence community to provide insight and recommendations for Industrial Control system owners, operators and vendors as well as government entities. Their goal is to reduce cyber security risks within and across all critical infrastructure sectors. Additionally, ICS-CERT collaborates with international and private sector Computer Emergency Response Teams (CERTs) to share control systems-related security incidents and mitigation measures.
The seven strategies and how they can prevent threats
The seven strategies outlined in the whitepaper are tools and processes that can be used by control system owners, operators and vendors to mitigate the top threats commonly aimed at industrial control systems. According to ICS-CERT, “if system owners had implemented the strategies outlined in this paper, 98 percent of incidents ICS-CERT responded to in FY2014 and FY2015 would have been prevented. The remaining 2 percent could have been identified with increased monitoring and a robust incident response.”1
The strategies recommended, and the percentage of incidents they could have prevented, include:
- Implement Application Whitelisting – 38%
- Ensure Proper Configuration/Patch Management – 29%
- Reduce Your Attack Surface Area – 17%
- Build a Defendable Environment – 9%
- Manage Authentication – 4%
- Monitor and Respond – 2%
- Implement Secure Remote Access – 1%
How does GE align?
GE addresses all seven strategies in a centralized cyber security solution. SecurityST. SecurityST provides a single vantage point to view and manage your cyber security posture. Implementing SecurityST can help you to reduce your attack surface, reduce labor costs and resources as well as support governmental and internal compliance efforts.
- Secure-mode encryption communication
- Role-based Access Control
- Application Whitelisting
- Centralized and Validated Patch Management
- Security Information and Event Management
- Remote Access Security
- Network Intrusion Detection and Prevention System
- Backup and Recovery
- Endpoint Protection
Partner with GE
Cyber security is becoming increasingly a concern for both power generation and oil & gas operators globally. As global threats rise, it’s important to have a trusted partner such as GE to help you assess and protect your assets from cyber attacks. Our complete set of cyber security solutions provide a defense-in-depth approach that begins with a site security risk assessment and continues to include control system protection and HMI patching solutions.