November 12, 2022 | Author: Anonymous | Category: N/A
Download The ICS Cybersecurity Lifecycle PDF...
exida Consulting LLC
White Paper Version 1.2 Published August 26, 2013
The ICS Cybersecurity Lifecycle INTRODUCTION ...................................................... .............................................................................................................. ............................................................................ .................... 2 WHAT IS THE ICS CYBERSECURITY LIFECYCLE? ....................................................................................... 2 CYBERSECURITY MANAGEMENT PROGRAM ............................................................................................ 5
Policies ................................. ..................................................................... ........................................................................ ........................................................................ .............................................................. .......................... 5 Awareness Programs P rograms ........................................................................................ ........................................................................................................................... ........................................................ ..................... 6 Training Programs ................................ .................................................................... ........................................................................ ........................................................................ ............................................ ........ 7 ASSESS PHASE ............................................... ....................................................................................................... ..................................................................................... ............................. 7
Scope Definition Def inition and Project Proj ect Setup ................................................ .................................................................................... ....................................................................... ...................................... ... 8 Vulnerability Assessment, Risk Assessment, & Target Selection ............................................................................ 8 Model the System, Document the Requirements ...................................................................................................10 ................................................................................................... 10 IMPLEMENTATION PHASE .................................................................................................................. 11
Conceptual Design ................................ .................................................................... ........................................................................ ........................................................................ ........................................... .......11 11 Design Validation .................................. ...................................................................... ........................................................................ ........................................................................ ........................................... .......12 12 Test Planning Pl anning and Acceptance Acce ptance Testing Te sting ...................................................... .......................................................................................... ............................................................. .........................12 12 MAINTAIN PHASE .............................................................................................................................. 13
Countermea sure Maintenance Countermeasure Main tenance and Security Monitoring Mon itoring ............................... .................................................................... ........................................................ ...................13 13 Incident Response Planning and Periodic Assessments ........................................................................................14 ........................................................................................ 14 CONCLUSION .................................................................................................................................... 14 REFERENCES .................................................................................................................................... 15
Copyright © 2013 exida Consulting LLC
Authors John Cusimano, CISSP, CFSE Director of Security Security exida Consulting LLC
[email protected] jcusimano@ exida.com m www.exida.com
Gene Cammack Director, Gulf Coast Region exida Consulting, LLC
[email protected] www.exida.com
Copyright © 2013 exida Consulting LLC
exida Consulting White Paper
The ICS Cybersecurity Lifecycle
Introduction With the ever changing threats posed by cyber events of any nature, it has become critical to recognize these emerging threats, malicious or not, and identify the consequences these threats may have on the operation of an industrial control system (ICS). (ICS). Cyber-attacks over time have the ability to take on many forms and a nd threaten not only industrial but also national security. Saudi Aramco, the world's largest exporter of crude oil, serves as a perfect example depicting how devastating a cyber-attack can can truly be on an industrial manufacturer. manufacturer. In August 2012, Saudi Aramco (SA) had 30,000 personal computers on its network infected by a malware attack better known as the "Shamoon" virus. According to InformationWeek Security this this was roughly 75 percent of the company’s workstations and took 10 days to complete clean-up efforts.i The seriousness of cyber-attacks in regards to national security was addressed by former United States Secretary of Defense Leon W. Panetta in his speech on October 2012. Panetta issued a strong warning to business executives about cybersecurity as it relates to national security." A cyber-attack perpetrated by nation states [and] violent extremists groups could be as destructive as the terrorist attack on 9/11. Such a destructive cyber-terrorist attack could virtually paralyze the nation," he stated. "For example, we know that foreign cyber actors are probing America's critical infrastructure networks. They are targeting the computer control systems that operate chemical, electricity and water plants and those that guide transportation throughout this country."ii In addition to Panetta’s address, the U.S. Department of Homeland Security has issued several alerts about coordinated attacks on gas pipeline operators, according to a May 2012 report by ABC News.iii This whitepaper will focus on the significance of cyber-attacks on industrial control systems (ICS) and how these attacks can be prevented by proper practice of the ICS Cybersecurity lifecycle.
What is the ICS Cybersecurity Lifecycle? The ICS Cybersecurity Lifecycle is a visual guide that tha t recognizes the principle that cybersecurity is a continuous process that requires attention and care not only during the initial design stage sta ge but throughout the lifecycle of the system. We have divided the cybersecurity lifecycle into three main phases; the Assess Phase, the Implement Phase and the Maintain Phase. Each phase consists of multiple process process steps. The major activities performed performed in each step are described as
September 16, 2013
2
exida Consulting White Paper
The ICS Cybersecurity Lifecycle
well as the inputs to and the outputs from each step. Additionally, there is an overall Cybersecurity Management Program that must be addressed throughout the lifecycle. lifecycle. This is visualized as the long white bar that spans all three phases.
September 16, 2013
3
exida Consulting White Paper
The ICS Cybersecurity Lifecycle
,-'./
'012344
1./'./
*5#6" )*78#9*)
10.*0.'-# B "7-# *0+757#" ',9 *.05#96.#"
+
%.0W#5- 2*#57/75 I#N67.#)#,-" +
250*# E#/7,7-70, ',9 %.0W#52#-6*
!.5&7-#5-6.# E.':7,@
