{"id":13392,"date":"2018-09-19T11:00:27","date_gmt":"2018-09-19T19:00:27","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/09\/19\/news-7159\/"},"modified":"2018-09-19T11:00:27","modified_gmt":"2018-09-19T19:00:27","slug":"news-7159","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/09\/19\/news-7159\/","title":{"rendered":"TIPs to Securely Deploy Industrial Control Systems"},"content":{"rendered":"<p><strong>Credit to Author: Daniel Desruisseaux| Date: Tue, 18 Sep 2018 19:47:59 +0000<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-51594\" src=\"https:\/\/blog.schneider-electric.com\/wp-content\/uploads\/2018\/09\/deploying-industrial-automation-1024x699.jpg\" alt=\"\" width=\"1024\" height=\"699\" srcset=\"https:\/\/blog.schneider-electric.com\/wp-content\/uploads\/2018\/09\/deploying-industrial-automation-1024x699.jpg 1024w, https:\/\/blog.schneider-electric.com\/wp-content\/uploads\/2018\/09\/deploying-industrial-automation-300x205.jpg 300w, https:\/\/blog.schneider-electric.com\/wp-content\/uploads\/2018\/09\/deploying-industrial-automation-768x524.jpg 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><a href=\"https:\/\/www.schneider-electric.com\/en\/work\/products\/automation-and-control.jsp\">I<\/a><a href=\"https:\/\/www.schneider-electric.com\/en\/work\/products\/automation-and-control.jsp\">ndustrial Control System<\/a> (ICS) operators recognize the need to improve cybersecurity, but many lack the understanding on how to deploy a system in a secure manner.\u00a0 Schneider Electric has authored a whitepaper \u201c<a href=\"https:\/\/www.schneider-electric.com\/en\/download\/document\/998-20304108_GMA-US\/\"><em>Effective Implementation of Cybersecurity Countermeasures in Industrial Control Systems<\/em><\/a>\u201d that takes asset owners through the system deployment process. \u00a0In this blog article, I will provide a brief overview of the concepts presented in the whitepaper.<\/p>\n<p>The Implement Phase is comprised of a variety of sub-tasks.\u00a0 The design and implementation of security countermeasures is a complex project and should be managed as such.\u00a0 Activities should be planned, documented, and executed throughout the Implementation Phase.<\/p>\n<ul>\n<li><strong>Security Requirements<\/strong> &#8211; The first step in the implementation phase involves the definition of requirements. Examples of requirements include features tied to the specific countermeasures (firewall, IDS, SIEM, etc.), and requirements that must be supported by all components that comprise the system.<\/li>\n<\/ul>\n<ul>\n<li><strong>Design Specification<\/strong> &#8211; The requirements document specifies features that the system must support, the design specification details how the system addresses the requirements. The design document typically contains a variety of sections to clearly define how the system works, including architecture diagrams, network diagrams, and use cases.<\/li>\n<\/ul>\n<ul>\n<li><strong>Creating a Detailed Project Plan<\/strong> &#8211; Once the design is complete, the project team will create a detailed project implementation plan.<\/li>\n<\/ul>\n<ul>\n<li><strong>System Hardening<\/strong> &#8211; Process utilized to secure a system by reducing its attack surface. Examples of techniques that can be used to reduce attack surface include the removal of unnecessary software\/user accounts\/services, and installing security patches to address known vulnerabilities.<\/li>\n<\/ul>\n<ul>\n<li><strong>Deploying Security Appliances<\/strong> \u2013 System hardening cannot by itself effectively secure a system, additional security appliances may be required. Some examples of security appliances include firewalls, intrusion detection systems, and SIEMs.<\/li>\n<\/ul>\n<ul>\n<li><strong>Access Control<\/strong> &#8211; Access control refers to policies and technologies implemented to control access to control networks. Properly implemented access control define techniques to create, modify, and remove user accounts.<\/li>\n<\/ul>\n<ul>\n<li><strong>Remote Access<\/strong> &#8211; A critical task to consider when securing an IACS involves effectively managing remote access. Remote access introduces significant risk as it provides a path for individuals outside of the facility to access the control system.<\/li>\n<\/ul>\n<ul>\n<li><strong>Acceptance Testing<\/strong> &#8211; Applications may require additional system cybersecurity acceptance testing prior to implementation. Acceptance testing can take place at the factory, a staging site, or both.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.schneider-electric.com\/en\/download\/document\/998-20304108_GMA-US\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-51599\" src=\"https:\/\/blog.schneider-electric.com\/wp-content\/uploads\/2018\/09\/Secure-automation-white-paper.jpg\" alt=\"\" width=\"177\" height=\"229\" \/><\/a>The threat of cyber-attack is real and will continue to be an issue plaguing ICS for the foreseeable future.\u00a0 Following the steps outlined in the whitepaper will enable operators to effectively deploy ICS infrastructure.\u00a0 The whitepaper can be found at:\u00a0 <a href=\"https:\/\/www.schneider-electric.com\/en\/download\/document\/998-20304108_GMA-US\/\">https:\/\/www.schneider-electric.com\/en\/download\/document\/998-20304108_GMA-US\/<\/a><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.schneider-electric.com\/cyber-security\/2018\/09\/18\/tips-to-securely-deploy-industrial-control-systems\/\">TIPs to Securely Deploy Industrial Control Systems<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.schneider-electric.com\">Schneider Electric Blog<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.schneider-electric.com\/cyber-security\/2018\/09\/18\/tips-to-securely-deploy-industrial-control-systems\/\" target=\"bwo\" >http:\/\/blog.schneider-electric.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Daniel Desruisseaux| Date: Tue, 18 Sep 2018 19:47:59 +0000<\/strong><\/p>\n<p>Industrial Control System (ICS) operators recognize the need to improve cybersecurity, but many lack the understanding on how to deploy a system in a secure manner.\u00a0 Schneider Electric has authored&#8230;  <a href=\"https:\/\/blog.schneider-electric.com\/cyber-security\/2018\/09\/18\/tips-to-securely-deploy-industrial-control-systems\/\" title=\"ReadTIPs to Securely Deploy Industrial Control Systems\">Read more &#187;<\/a><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.schneider-electric.com\/cyber-security\/2018\/09\/18\/tips-to-securely-deploy-industrial-control-systems\/\">TIPs to Securely Deploy Industrial Control Systems<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.schneider-electric.com\">Schneider Electric Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[12389,12388],"tags":[6148,13177,12608,4500,19546,17881,12667,12508,17883,19547],"class_list":["post-13392","post","type-post","status-publish","format-standard","hentry","category-scadaics","category-schneider","tag-automation","tag-cyber-attacks","tag-cyber-security","tag-cybersecurity","tag-cybersecurity-countermeasures","tag-industrial-control","tag-industrial-control-systems","tag-machine-and-process-management","tag-secure","tag-security-appliances"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13392"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13392\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13392"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}