Connectivity

Secure Connectivity

The real risk associated with the interconnected nature of our plants requires specific attention to:

  • Securing connectivity between business systems and ICS within corporate networks
    The objective is to restrict the highest probable attack path to ICS. In the recent past, cyber-attacks on ICS have most often been initiated through the Internet to the business system and then to the ICS. 

Guidance to addressing this risk can be found in section 2.15 of the Catalog of Control Systems Security: Recommendations for Standards Developers, authored by DHS with representatives from the National Institute of Standards and Technology, as well as the Department of Energy.

Secure Remote Access

The real risk associated with the interconnected nature of our plants requires specific attention to:

  • Securing communication between remote access devices and control centers
    The objective is to deter cyber-attacks from remote location via legitimate and surreptitious access points.  Remote access includes wireless communication devices that have access to the control system, such as personal communication devices that have access to the control system and system state sensors, senders and receivers.  It also includes virtual private network (VPN) connections, and authorized vendor and system support access. 

Guidance to addressing this risk can be found in section 2.15 of the Catalog of Control Systems Security: Recommendations for Standards Developers, authored by DHS with representatives from the National Institute of Standards and Technology, as well as the Department of Energy.