As smart cities become increasingly reliant on the internet of things, ICS devices are the most favorable target for cyber attacks.
FREMONT, CA: An information system controls industrial processes like manufacturing, product handling, production, and distribution. Industrial control systems are employed by government agencies and private companies to run critical infrastructure and industrial processes for decades. It includes supervisory control and data acquisition systems used to control geographically dispersed assets, as well as distributed control systems and smaller control systems using programmable logic controllers to control localized processes. ICS devices are now connected to the internet, enabling them to offer real-time analytics and remote management. This capability makes ICS devices prone to remote attacks giving opportunity for attackers to cause utility outages and hazardous operating conditions.
The National Institute of Standards and Technology recognizes the importance of securing these systems against modern threats. Here are a few steps that state and local government agencies can embrace to protect ICS devices.
Locate and inventory ICS components
Before applying security controls to the ICS components, agencies should have an accurate inventory of them. Cybersecurity teams should begin with soliciting information from other departments accountable for the type and nature of any ICS components operated by agencies under their purview. It will help officials with adequate descriptions to help identify them.
Perform a risk assessment of ICS components
Cybersecurity teams should conduct automated vulnerability scans for risk assessment and identify systems with obvious vulnerabilities and those exposed to the internet to yield a prioritized list of systems requiring remediation.
Segment ICS Networks
Network segmentation restricts an attacker and boosts ICS security. Network segmentation does not require the use of expensive, dedicated networks but allows agencies to use logical security control in firewalls and network devices to isolate sensitive systems from other devices.
Monitor ICS Components Security
Real-time monitoring of systems and networks being important, now, government agencies operate their own security operations centers (SOCs) or employ a shared-service SOC that correlates information from multiple agencies. Then the security logs from ICS devices should be monitored by tools used by SOCs by SOC analysts to identify potential threats to critical infrastructure systems.