Like most facilities, yours probably has established maintenance, availability, and safety programs in place. But is there a program that guards your control system against possible cyber attacks?
According to a recent article by Kathy Kowalenko, based on cybersecurity expert Joseph Weiss' book "Protecting Industrial Control Systems from Electronic Threats," many control systems for critical facilities are vulnerable to cyberhackers.
More than 170 cyberincidents — the majority of which are unintentional — involving industrial control systems worldwide have been documented by Weiss. To help keep your facility secure, Weiss recommends the following:
- Establish a person or team that will be held accountable for the industrial control system’s security program, and review the security program periodically.
- Make certain that policies involving IT systems and control systems are consistent with each other.
- Ensure your security program for control systems includes components that are unique to it, as well as reflect industry standards and guidelines.
- Perform vulnerability assessments regularly.