Establish Security Policy
The model above is a simplified adaptation of the ARC security lifecycle model. We have found this to be an excellent framework for helping customers through the often difficult process of establishing and implementing a security policy. We have simplified the 5 step model of (Secure, Defend, Contain, Monitor, and Manage) into “Where to Start”, “Network Infrastructure” (Vertical Security), and “Industrial Cyber Security” (Horizontal Security). This site is intended to provide you access to resources and expertise to help guide you on your Industrial Security Journey.
Secure your network – Ideally, this is the starting point of your industrial security journey. Even if it isn’t, it’s valuable to review and consider implementing as this is where the security policy for your network is established and will serve as the “blueprint” for later phases.
This will serve as your “blueprint” or road map for how you will implement security and help you to plan what capabilities your OT network will have to support now or in the future. This will be a living document that will need to be reviewed and updated to keep up with the changing cyber threat landscape. Some questions to consider:
- How to perform Software/Firmware updates?
Many critical systems and controls are running out of date and/or unpatched systems leaving an easy target for hackers.
- Who should have access to your systems?
This will help you define how to implement security policies across your network as you deploy or update your network.
- What is your 3rd Party and contractor security policy for on-premise and remote access?
This is a common source of many network breaches where someone unintentionally brings something into the network bypassing the traditional network security measures.
- Will you implement centralized authentication?
Centralized authentication vastly improves the ability of organizations to better lock down one of the most commonly used network exploits, weak authentication.
- How do you deal with remote access?
Set guidelines for remote access and who will have this capability.
- What does 3rd party and contractor access look like?
Establishing a policy will help to avoid confusion and mitigate cybersecurity risks.
Inventory what is on your network on a regular basis to:
- Identify rogue or unauthorized devices in the future.
- Meet industry-specific requirements.
- Establish policy to address updates to firmware & applications, backup of configurations, and ultimately be part of a good disaster recovery plan.
Network Infrastructure →