+2

Cyber Security Improvement Plan for Industrial control system

By Melda

Current status of PureLand Wastewater Treatment

 

The physical security of PureLand is relatively strong and has been under intense care by the company. However, the aspect of Cyber security is a major concern for PureLand. PureLand operations folks and executives were recently contacted by the office of the Department of Homeland Security (DHS) regarding the use of toxic chemicals for Waste water sanitization that leads to hazardous process. This is the chlorine Dioxide chemical under the Chemical Facility Anti-Terrorism Standards (CFATS) list of DHS. PureLand understood the nature of using this chemical but did not consider Cyber theft and terrorism of chemical as being a way to sabotage its businesses during its last risk assessment.

This threat has serious implications to the company, and it has been forced by the Federal law to comply with both the Cyber security and physical regulations concern the use of chemicals. Failure to simply to these regulations in the next twelve months will lead to huge penalties and fines or even closure of the company’s facility. This document presents a comprehensive Industrial Control System Cyber Security Improvement that PureLand will use to prevent Cyber theft and improve cyber security. The key areas of this plan include system integrity, malware and monitoring, procedures and policies, enhanced security devices, sensor network solutions, applicable regulations and knowledge based security bests practices recommended for industrial businesses (Nemati, 2007).

Introduction                               

IT security solutions always aim at addressing security challenges through adding new software to a device dealing with security or adding another device as part of the network. the Industrial Control Systems (ICS) devices are specifically for ensuring reliable and secure performance of a production process. The devices are meant to handle physical stresses such as moisture and heat that do occur in process control environments and are reliable in addressing hardware failure that can happen under normal operating conditions (Nemati, 2007).

PureLand has undertaken a collaborative effort in conducting a cyber security risk assessment that will be incorporated in this cyber infrastructure and Cyber security Plan for PureLand. the risk assessment is used to document, prioritize and gather the cyber risks theft and threats that PureLand faces. This security plan aims to provide recommendations for PureLand to improve its existing cyber security program. The plan is developed based on the identified threats, risks and vulnerabilities found from the assessment activities. The goal is to provide informed approach on cyber security for the cyber infrastructure of PureLand.

The Cyber security Plan is a long-term approach that is structured to implement develops and maintains a safe environment that will ensure the trustworthiness and reliability of the assets of this company.

ICS security improvement case description

Cyber Security Improvement (ICS) planning starts with the identification of valuable assets from a wide range of threats. Addressing these threats will provide results that will be vital in prioritizing tasks and allocating resources scoring to the most effective strategy for risk management. in the planning for cyber security lifecycle for PureLand, the method that was applied is as follows. First was the identification of the goals of the document and documenting the environment that the company currently operates in. This involved reviewing of PureLand’s existing Cyber Security plan, procedures and policies. The second step was the identification of threats, risks and the negative impacts from these risks to the assets of PureLand. Finally was the identification of the controls that can be implementing by PureLand to minimize the impact of these risks to the company’s assets (Pulley, 2011).

The serious threats to ICS

Based on the present day’s threat environment, ICS security threats are most likely to occur because of unintended effects by outsider attacks. Threat agents specifically attack ICS as per the claim by the security analysts. This happens when there are also great chances of ICS being attacked by sophisticated vectors that impact the performance of ICS. This indicates that though the there is a valid determined intentional attacker, it is an aspect that needs to be integrated as part of the entire risk management program whereby the operator of the ICS has to focus on the day to day survivability and sustainability of its components. This is by considering the chances when threats are likely to occur.

The most insidious threat on modern day internet today is computer hi-jacking for the purpose of relaying spam, botnets hosting and phishing software among other malicious software; the malware. These threats are not just specific to ICS but embody all the adversaries of ICS as per the NIST enumeration. Computer hi-jacking is done for the purpose of spam, malware, phishing and bots which are activities of organized crimes and actions of foreign intelligence services that take advantages of the vulnerabilities of the system to exploit tools that have been constructed from scratch (Raether, 2008). These are the infamous vulnerabilities or zero-day exploits that pass through antivirus and firewalls systems since vendors were not previously noted. This creates the ability for criminals to generate signatures. These exploits become significant investments for foreign intelligence agencies and organized crime.

The major general threat to the security of ICS is mainly related to collateral damage from the hi-jacked systems for illegal and illicit purposes by foreign intelligence and organized crime. The assets of ICS can be targeted directly through ICS attacks that affect the entire support systems. The support systems are the standard operating systems, file servers, service laptops desktops and ICS networks attached to the system. It is also possible for ICS to be targeted indirectly through the systems attacks within the interconnected business networks (Oezlem, 2008).

Monitoring and malware

PureLand has to adapt organization’s security controls and policy to assess, monitor and deal with emerging threats in the modern world that is constantly changing. Stuxnet malware has been identified that targets certain programmable.

Logic controllers (PLCs). The malware has remained dominant, and its tracks remain hidden while infecting and propagating a machine meant to program the PLCs. It injects its own code to the ladder logic of PLC leading to the interruption of the normal daily and normal operations of the physical hardware. Due to the vulnerability Stuxnet succeed in dominating insecure software and affects the overall IT security management. the people dealing with IT management at PureLand need to be trained on how malwares such as Stuxnet work and made to understand how the entire technology, process, people tried works within the underlying security of the company’s system.

It is also essential to note that other blueprints of Stuxnet can be used for generating other malware that target the industrial control installations (Pashel, 2006). Developing practices such as frequent monitoring and assessment, regular security patching, proper segmentation of the network, use of up-to-date antivirus software, proper risk management of vendors, security-aware software acquisition and development. Others are personnel security training and remote testing of firmware that is running the field equipment will be effective ways of mitigating cybersecurity risks (Pallavi and Cha 2011).

Ongoing monitoring of security threats will provide a balanced way of looking at the adequacy and existence of security controls at the organization. the monitoring exercises ensure that security countermeasures and control are in place and are effective in dealing with potential risks. This is a never ending activity to ensure that the latest antimalware and anti-virus software are regularly running.

System Integrity:

PureLand has to ensure that data integrity and confidentiality are paramount and that the whole systems are protected, making changes o f the company software requires through deployment and testing to be done incrementally in the whole system to ensure that the control system maintains its integrity. Thus, changes in technologies require PureLand managers to set the bar high to preserve integrity, availability and confidentiality of its cyber assets. the main security concern is to ensure that efforts or attempts that tamper with the software failed device data or hardware to not impact on the overall grade operations at a large scale or do not lead to taking of incorrect actions.

An increase in cooperative security practices maturity is expected. Security risks occur from three main categories which are; technology, process and people. The security posture is on the rise, and the company is expected to set high standards of security for the three categories. Attackers will target the weakest link meaning that PureLand has to focus on establishing a comprehensive security program and adopting new risk management practices. It is essential for PureLand to comply with security principles such as fault isolation, defense in depth, least privilege and compartmentalization. It is also important to plan for failures, contain damages isolate failures and gracefully recover from these failures. Potential impact of cyber threats includes low availability of assets and loss of integrity. Thus, it is essential always to assess the impact that these threats pose to the system. Data stored, transmitted, and used by the company have to be sensitive. Maintaining the security of this data will prevent loss of confidentiality (Wilhelm, (2010).

Policies and procedures

The risk assessment process involves identifying the responsibilities of information security at PureLand. This means appointing a person or a team that will lead the security of PureLand. The appointed team should come up with security procedures and policies, operational security, incident response and the general vision of security program of PureLand. An effective security team is one which members do represent the key areas of the cyber security program of the company, such as system administration, networking and management (Styles, and Tryfonas, 2009).

The existing policies and procedures of PureLand have to be reviewed, communicated and updated to suit the current operational procedures of the company. Security procedures and policies need to document incident response procedures and acceptable policies being used. Documented procedures and policies help to ensure that all the PIs, staff members and users understand their respective responsibilities and roles. The correctly existing cyber security procedures and policies were developed a long time ago by a member of the company. There is a need for these policies to be reviewed, communicated to all members of PureLand and updated on an annual basis. There is also need to make additions on the acceptable procedures and policies used to cover the areas of credential management such as protecting, managing and use of strong password in accessing PureLand cyber system. These new additions will help in promoting and improving the current PureLand’s policies (Styles, and Tryfonas, 2009).

 

Sensor networks solutions

Sensor networks solutions are networks for cyber threat prevention that stores and collects information on the current threats to the system and shows the behavior of the attackers. The sensor searches for bad activities and reports back to the cloud system that the company is connected to (Bikash 2011). Whenever the Sensor networks detect a problem, it blocks the malware that is entering the systems and at the same time prevents out of system exfiltration.

PureLand cyber system managers need to know that attackers are always efficient when it comes to designing malware that escapes through the traditional security controls endpoints. They need to build defenses that go beyond the signatures in preventing specialized threats. An example is adopting solutions such as those by Confer known as Specialized Threat Analysis and Protection (STAP), so as to fill in the existing gap. STAP solutions do support a range of techniques for collecting information, tracing communication activity, behavior and reputation among other factors that have gone undetectable for a long time. The Specialized Threat Analysis and Protection (STAP) are some of the Sensor networks solutions provide a promising approach that PureLand has to consider identifying unknown threats before they occur.

The cyber threat prevention network by Confer is a host based threat analysis system managed by SaaS. It collects data from various sensors that are ruined by Android, Microsoft Widows and Apple Macintosh systems. The sensors can be installed simply in minutes and can be operated from various endpoints whether they are within or outside the corporate perimeter (Intelligent security solutions, 2014).

Enhanced security for device

Computers among other electronic devices for accessing and storing data require a high level of security supports. These requirements also apply to other servers designated as critical servers and others from other vital servers. These requirements can apply to electronic devices and computers used by PureLand employees and the entire departments.

Enhanced security requirements call for employees at the PureLand Company to be trained through providing them with periodic updates on security policies and use of personal devices to access company’s assets. There is also the aspect of authentication whereby employees and other members of PureLand need to apply strong passphrases, passwords and Mkey in accessing ICS devices and assets.

Company-owned laptops / desktop computers have to have a high level of security that is appropriate to the system. This ensures that data stored and accessed via these devices are safety; computer and devices need to meet contractual or regulations agreement in terms of their management, maintenance and configuration.

Software and hardware firewall among other networking filtering technologies can be used to protect PureLand’s devices and computers an s ne accesses the internet network. Laptops and desktops have to use operating systems that are built -in or software firewall. Up-to-date antivirus software is required to maintain the company’s computers and other electronic devices.

 

Understand applicable regulations and include provisions for achieving compliance within the plan

With the daily reports of computer hacking, data privacy breaches and persistent and advanced threats, it is imperative for PureLand to handle sensitive information and to have a comprehensive program for its cyber security. the cyber security program has to address a range of issues to make it comprehensive. First the programs should show that PureLand complies with applicable industry regulations and laws including written plans on information security. PureLand’s cyber security involves the implementation of procedures and policies to protect the company’s systems and data from internal and external vulnerabilities. All employees need to be informed and trained on these procedures and policies so that they can correctly execute these policies. PureLand is to undertake reviews, tests and implement robust plans for incident response by involving a number of vital stakeholders. Vulnerability and security risks testing and assessments have to be conducted yearly; there is also need for review on insurance coverage for cyber events.

Based on the knowledge recommended security best practices and standards document and communicate the designed the future state for security of the ICS

PureLand has to adopt best practices that are evidence-based for data protection and protection of cloud stored information. The best practices have to be used for implementing and developing data breach procedures and policies and for enhancing the revising programs on security Reponses. Through working with forensic consultant PureLand can assess, investigate and address breaches of data and information that places millions of individuals that the company is deal with at risk. Legislative issues also need to be considered by PureLand. the company has to work closely with an expert lawmaker concerned with public policy to help in shaping how the company has to respond to key legislative proposals. Another essential best practice is intellectual Property Rights and sensitive data protection. These assets are digitally maintained and are vital in M&A transactions.

 With advanced persistent threats and corporate espionage being on the rise, It is essential for PureLand to protect its cyber systems from threats that may jeopardize its IP assets. Lastly, is the element of ongoing training of cyber security programs to employees. Members of PureLand will learn more about regulatory compliance, data and privacy protection, transactional and insurance issues from experts. Lawyers offering these trainings will share their knowledge through onsite, education forums, and webinars training at PureLand facilities. The tailored training programs are available that suit the interests and needs of PureLand.

 

 References

Wilson T (2014) Intelligent security solutions, Startup Confer Launches Cyber threat Prevention Network. Retrieved from

http://www.darkreading.com/analytics/threat-intelligence/startup-confer-launches-cyberthreat-prevention-network/d/d-id/1141238?

Nemati, H (2007)The Expert Opinion.Information Technology Research journal 9.1 59-64. ABI Inform<http://proquest.umi.com/pqdweb?index=1&did=1271340741&SrchMode=2&sid=4&Fmt=6&VInst=PR



Bikash B (2011) CEO of iViZ on cloud-based penetration testing and raising Series A funding from IDG Ventures YourStoryn. page. Factiva. <http://global.factm.proxyuwaterloo.ca/ha/default.aspx>.



Oezlem, A (2008) "Secure Software Development—The Role of IT Audit.ISACA Journal 4. 1-11. <http://www.isaca.org/Journal/Past-Issues/2008/Volume-4/Pages/Secure-SoftwareDevelopment-The-Role-of-IT-Audit1.aspx>.



Pallavi, G, and Cha K (2011) In the latest attack, hackers steal Citibank card data." Yahoo News, 09 06 http://old.news.yahoo.com/s/ap/20110609/ap_on_hi_te/as_citigroup_data_breach



Pashel, B (2006)Teaching Students to Hack at the University Level. 197-200. ACM Digital Library.. <http://delivery.acm.org.proxy.lib.uwaterloo.ca/10.1145/1240000/1231088/p197pashel.pdf?



Pulley, J (2011)Are there perils in penetration testing?." Federal Computer Week 21.462-63. ABI Inform. Web <http://proquest.umi.com/pqdweb?



Raether, R (2008) DATA SECURITY AND ETHICAL HACKING: Points to Consider for Eliminating Avoidable Exposure." Business Law Today 18.155-58. ABI Inform.. <http://proquest.umi.com/pqdweb?index=12&did=1574334521&SrchMode=2&sid=10&Fmt=3&VInst


Winnie Melda is the Managing Director of MeldaResearch.Com a globally competitive college essay writing service which is the premiere provider of Essay Writing Services, Research Paper Writing Services at Term Paper Writing Services at very affordable cost. For 9 years, she has helped a number of students in different academic subjects.

+2
Author's Score 3.7
Up Votes
23
Down Votes
1
Articles
9
Voted on
0 articles
For everything fun and local, you can find it on Fonolive
Tags:
Cyber Security Improvement Plan for Industrial control system, Cyber Security Improvement Plan for Industrial control system,

Recent Articles

In today’s dynamic world, there are several potential business outlets and there are more number of...
If you're like many people out there, you probably need a desktop to complete many tasks. Maybe you are the type...
Creating blogs on WordPress are the great way for bloggers to increase the web presence. WordPress started as a...
Getting good deals on something you need is something that most people appreciate. When the deal is on furniture,...
Every website visitor has some expectation when they reach a website page post search. This has lead to the...


Copyrights © 2016 Voticle. All Rights Reserved.