Is your plant floor vulnerable to cyberattacks?
Assessing Risk to Networked Devices on the Plant Floor
Hundreds to thousands of devices on the plant floor. Each type with their own level of cybersecurity risk. Device availability is critical to the production environment. What factors should be considered in an assessment? How to monitor and manage risks over the long term?
Upon completion of an asset inventory, the next step in establishing a cybersecurity program is to determine each device’s level of risk to a cyberattack. Many factors should be considered, including the type of device and on what level of the network it resides.
Identifying similarities across devices to improve efficiency is critical to a successful assessment and enabling the ongoing monitoring and patch management effort. Once this is completed, a prioritized action plan can be developed to secure plant floor devices. This information can also be used to create action plans when vulnerabilities are identified for groups of devices.
- Divide assets into groups of similar type and function to simplify the process of evaluating each asset’s risk. Assets of the same type/function carry the same level of risk.
- Utilize the AIC method, with the highest risk being Availability, followed by Integrity and Confidentiality, in contrast to standard IT risk analysis which uses the CIA (Confidentiality first) approach.
- The level on the network, as well as the overall network architecture, can have a significant impact on a given asset group’s risk level.
Assets were organized into like groups in order to assess the risk across the organization in a consistent and easily understood manner.
The order in by which to assess risk for Industrial Control Systems is different than used for IT systems, with Availability of the device as the primary factor.