With respect to Internet boundaries, most practitioners intuitively understand the need to place key security systems, such as authentication servers, inside the perimeter. However, in control network environments this need is often overlooked. Control network perimeters exist to provide some measure of protection from all external networks, including general purpose corporate networks. Key security systems […]
2012 NCSAM Tip #11
2012 NCSAM Tip #10
Need to transfer files within your control environment from system to system? Avoid using insecure methods to do so, such as FTP or NFS. SFTP and Secure Copy are common options – the overhead is low and the potential net positive security “goodness” is high! Take a look at this comparison document for a few more secure […]
2012 NCSAM Tip #9
Security innovation has no boundaries! We are often looking for solutions in our own backyard – attending sector-specific security events and calling upon our peer utilities for help. We should continue doing that…but, we also should look outside our industry. Industrial Control Systems are used throughout the world in a variety of industries. There is […]
2012 NCSAM Tip #8
Control system security relies heavily on its network perimeter designs and isolation techniques. It isn’t also the design that wins or loses the control system security game. More frequently, it is the configuration management of that perimeter environment. Be sure to focus attention on uni-directional and bi-directional data streams between the business networks and control […]
2012 NCSAM Tip #7
Cybersecurity for SCADA systems requires tremendous due diligence. Such efforts can be applied in many areas; however, focusing on strong security plans for SCADA technology projects at the onset will save time and money in the end. Work closely with the operation teams during such projects to assure that the security requirements are meeting the […]
2012 NCSAM Tip #6
Especially in a control system environment, consider employing realtime up-to-date removable media malware scanning stations and require all incoming USB sticks, CDs, and other media to be scanned at these stations prior to use. Control environments should be isolated as much as possible perhaps even completely separated from any other network. Using removable media to transfer data (informally […]
2012 NCSAM Tip #5
In order to determine how to configure your cyber security measures and controls in a manner which supports the improvement of your cyber security posture in addition to any compliance requirements, consider developing common attack scenarios and threat trees. These should include “bad guy” motivations and your specific business risks. Compare the attack scenarios and […]
2012 NCSAM Tip #4
These days, everyone has more passwords than they can possibly remember. Why bother even trying? There are numerous products available that will store passwords with relative security. Use of these tools enables one to use longer and more complex passwords, and more importantly, unique passwords for every account.This greatly reduces the risks associated with compromised […]
2012 NCSAM Tip #3
Have your technology systems been compromised by hostile parties? Would you know if they were? Building an appropriate level of security situational awareness is no easy task, and can take significant time and financial resources. Still, you must start somewhere, and even simple, quick measures can provide real value. Visibility into network traffic, and adequate […]
2012 NCSAM Tip #2
Security training in the control environment must be specific to the employees role. If the person being trained is instructed on the details of database access control management or how PKI’s famous Bob and Alice maintain their secrets using asymmetric key methods but has no responsibility or oversight of those functions, it is going to be difficult to command […]