Sign up
Log in
Skip Navigation Links

ICS Security Challenges

Industrial Control Systems (ICSs) are meant to ensure reliability, facilitate interoperability, and increase safety of manufacturing plants and infrastructures. As operating practices have evolved to allow real-time operation and control of critical assets, protecting control systems from cyber risks has become more difficult. Some of the serious security related issues inherent in current ICSs include ever increasing connectivity, proliferation of access points, escalating system complexity, greater interdependencies, increased outsourcing and reliance on foreign products, market restructuring, and wider use of common operating systems and platforms.

One of the challenges is that ICS Security implementation is often left to the discretion of the Information Technology (IT) departments. IT personnel are well versed at securing business systems against cyber threats, installing OS patches, updating virus definitions and so on. They are fully aware that their business users need simultaneous access to corporate networks, the internet, the email client along with a variety of other IT systems, and they have strategies and protocols to address this issue. However, ICSs are different and thus require a different security approach.

Driven by business requirements for access to real-time data, automation industry trends have seen that the demand for interconnectivity between the control system and the enterprise has moved away from proprietary technology to a more open and interoperable control system. This trend opens opportunities, but increases the exposure to potential internal and external vulnerabilities.

Another challenge is the difficulty of providing security for existing ICSs that may have been designed with minimal security measures and may not support more robust security practices. Further, cyber-security risk assessment is challenging due to the lack of information about threats, specific vulnerabilities, attack likelihood, potential consequences, and the efficacy of various countermeasures or mitigation strategies. Lack of information in these areas makes it hard to define appropriate security requirements.

Due to the evolving, diverse, and complex nature of current control systems within enterprises, many asset owners simply do not know where to start when it comes to devising a security strategy. The lack of awareness about their current vulnerability state obstructs effective application of security technologies or processes. Many industrial plants experience difficulties in determining vulnerability levels, exposure, and possible impact; moreover, they are unable to monitor who has access to network and critical assets. They also face difficulties in effective distribution and enforcement of appropriate policies and procedures.

APAT ICS Security Program

APAT ICS-Security Program builds on the best practice approach through its lifecycle methodology, and it is in compliance with ICS Security Standards.

APAT ICS Security Assessment

Security Assessment is a key part of any best practice security program, which helps ensuring critical infrastructure protection and compliance to corporation, industry and/or government mandates. APAT ICS Security Assessment results clarify “AS IS” status of the plant. In order to understand the risks that may impact plant’s safe and reliable operation, assessment of the current security of customer’s control system is the first step taken by APAT. APAT ICS Security Assessment seeks to identify and mitigate vulnerabilities that would allow an attacker to disrupt a system or take control of it. Many considerations would be taken into account by APAT due to significant differences between an ICS Cyber Security Assessment and the tests that would be performed in a standard corporate environment. Sector-based and cross-sector ICS Security Assessment methods such as ISA-99 assessment methodology are employed in APAT ICS Security Assessment.

APAT plans and executes Security Assessment of ICS plants in following steps:

  • Site and System Assessment- A unique approach for reviewing Site/System-specific vulnerabilities. The results are provided in a conclusive report that highlights critical assets, vulnerabilities and risks.
  • Compliance Assessment — APAT will address compliance status by reviewing the plant’s operations or processes against the required corporate compliance standards.
  • Security Baseline Establishment- Security Baseline allows the plant owner to gauge progress against current status and operating model for security.

APAT ICS Security Assessment is followed by appropriate ICS Penetration Testing in 4 steps :

  • 1. Reconnaissance
  • 2. Exploration
      a. Functionality and Configuration Reviews
      b. Staff Interviews
      c. Risk Assessment
  • 3. Exploit Development
  • 4. Assessment Reporting

APAT ICS Security Training Courses

Many of those individuals responsible for auditing, installing, or operating Industrial Control Systems are aware of the need for ICS security, yet are confused on exactly what to implement, and how to verify the resulting solution. APAT ICS Security Courses provide a solid foundation for addressing basic concepts. APAT Training Courses develop necessary skills and knowledge to identify and solve potential security threats in ICS plants. During this training, subjects will provide insight into threats, best practices, vulnerabilities and mitigating controls. Participants would be taken through the complete ICS Security Cycle, i.e., Know, Prevent, Detect, Respond and Recover. The training courses include extensive demonstrations that will be used to reinforce the selection and implementation of security controls specifically relating to ICSs.

Training Courses

  • Introduction to ICS Security for Managers : 1 day
  • Introduction to ICS Security for Operators : 2 days (including hands-on training)
  • ICS Threats and Vulnerabilities : 3 days (including hands-on training + workshop)
  • ICS Security Solutions : 3 days (including hands-on training)
  • ICS Security Assessments and Penetration Testing : 3 days (including hands-on training+ workshop)
Training Courses.

The Latest News

HPI is now GIS enabled...

Read More

HPI has new topology processing capabilities...

Read More

HPI has been integrated with a Security Information/Incidents and Event Management System (SIEM) ...

Read More