Brief Good Practice Guidelines for ICS/SCADA Systems Security
ICS/SCADA is used in many different areas, varying from very critical systems and processes to simple applications. It is up to their owners to decide which level of security and depth of measures are necessary. This checklist makes a distinction between organisational and technical/operational measures.
A brief explanation is provided for each measure, including references to additional background information and/or tips for implementation. The checklist focuses on measures against the most frequent vulnerabilities and security problems. It is important to note that complying with all items on this checklist does not mean that your organisation is fully protected and 100% safe.
Background
Hackers and security researchers are increasingly and visibly turning their attention to the security of process control systems (ICS/SCADA). Systems that can be accessed directly from the Internet are especially at risk, although this Internet connection is not the only potential security problem for process control environments.
The National Cyber Security Centre (NCSC) has therefore developed this ICS/SCADA system security checklist. This checklist may help your organisation to determine whether the ICS/SCADA environment is sufficiently protected based on measures considered ‘good practice’.
Another publication is the NCSC Fact sheet 2012-01 entitled ‘Security risks of online SCADA systems’, including a checklist focused on reducing the risk of (undesirable) Internet connections of SCADA systems.
Context of this checklist
ICS/SCADA is used in many different areas, varying from very critical systems and processes to simple applications. It is up to their owners to decide which level of security and depth of measures are necessary.
Download
Checklist security of ICS-SCADA systems
ICS/SCADA is used in many different areas, varying from very critical systems and processes to simple applications. It is up to their owners to decide which level of security and depth of measures are necessary. This checklist makes a distinction between organisational and technical/operational measures.
A brief explanation is provided for each measure, including references to additional background information and/or tips for implementation. The checklist focuses on measures against the most frequent vulnerabilities and security problems. It is important to note that complying with all items on this checklist does not mean that your organisation is fully protected and 100% safe.
Background
Hackers and security researchers are increasingly and visibly turning their attention to the security of process control systems (ICS/SCADA). Systems that can be accessed directly from the Internet are especially at risk, although this Internet connection is not the only potential security problem for process control environments.
The National Cyber Security Centre (NCSC) has therefore developed this ICS/SCADA system security checklist. This checklist may help your organisation to determine whether the ICS/SCADA environment is sufficiently protected based on measures considered ‘good practice’.
Another publication is the NCSC Fact sheet 2012-01 entitled ‘Security risks of online SCADA systems’, including a checklist focused on reducing the risk of (undesirable) Internet connections of SCADA systems.
Context of this checklist
ICS/SCADA is used in many different areas, varying from very critical systems and processes to simple applications. It is up to their owners to decide which level of security and depth of measures are necessary.
Download
Checklist security of ICS-SCADA systems
No comments:
Post a Comment