{"title":"Covid Best Practices for Cyber Risk Management","authors":"Syed M. Belal, Md. Abdur Rahman","doi":"10.2118/208113-ms","DOIUrl":null,"url":null,"abstract":"\n If we learned anything from the year 2020, it is that we need to be more prepared for the unexpected. We need to be working to enable our business to be more resilient in the face of unexpected challenges. We strongly believe that for the industrial sector, the most effective way to enable resiliency is to ensure you have integrity in your operational technology (OT).\n The objective of this paper is to identify and manage the risk that arose from managing plants remotely. As a result of COVID-19, people started working and managing from home. While this needed to be done to keep businesses running, many risks were introduced as well. How to manage them effectively to reduce cyber risk to an acceptable level will be discussed.\n Industrial frameworks to identify security gaps, and thus risk, were considered, such as ISA-99/IEC-62443, NIST, ISO-27001, and Top CIS controls. New practices critical infrastructure followed to reduce infection rates were identified from interviews and surveys conducted by PAS, part of Hexagon, of our customers who work with critical infrastructure. These new practices were then compared to the industrial risk management framework to identify the severity of the threats. Once these were identified, mitigation plans were recommended to reduce the risk to an acceptable level.\n Because of this rapid shift to run the plant remotely, there was an over-provisioning of access in the early stages of the pandemic – i.e., giving more direct access to the industrial control system environment. This was not wise from a security standpoint, but the priority was to keep businesses up and running, so they were ready to take that risk.\n Now that some organizations have decided to continue with remote work, it is imperative to verify all remote access considers the least privileged access concept.\n Remote access is like a bridge that bypasses all the controls implemented. Having a remote access vulnerability will help bad actors break into the network and cause catastrophic damage. Though this paper focuses on remote access risk introduced by the COVID-19 pandemic, you can apply the findings to all remote access into critical infrastructure.","PeriodicalId":10967,"journal":{"name":"Day 1 Mon, November 15, 2021","volume":"87 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2021-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Day 1 Mon, November 15, 2021","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2118/208113-ms","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
If we learned anything from the year 2020, it is that we need to be more prepared for the unexpected. We need to be working to enable our business to be more resilient in the face of unexpected challenges. We strongly believe that for the industrial sector, the most effective way to enable resiliency is to ensure you have integrity in your operational technology (OT).
The objective of this paper is to identify and manage the risk that arose from managing plants remotely. As a result of COVID-19, people started working and managing from home. While this needed to be done to keep businesses running, many risks were introduced as well. How to manage them effectively to reduce cyber risk to an acceptable level will be discussed.
Industrial frameworks to identify security gaps, and thus risk, were considered, such as ISA-99/IEC-62443, NIST, ISO-27001, and Top CIS controls. New practices critical infrastructure followed to reduce infection rates were identified from interviews and surveys conducted by PAS, part of Hexagon, of our customers who work with critical infrastructure. These new practices were then compared to the industrial risk management framework to identify the severity of the threats. Once these were identified, mitigation plans were recommended to reduce the risk to an acceptable level.
Because of this rapid shift to run the plant remotely, there was an over-provisioning of access in the early stages of the pandemic – i.e., giving more direct access to the industrial control system environment. This was not wise from a security standpoint, but the priority was to keep businesses up and running, so they were ready to take that risk.
Now that some organizations have decided to continue with remote work, it is imperative to verify all remote access considers the least privileged access concept.
Remote access is like a bridge that bypasses all the controls implemented. Having a remote access vulnerability will help bad actors break into the network and cause catastrophic damage. Though this paper focuses on remote access risk introduced by the COVID-19 pandemic, you can apply the findings to all remote access into critical infrastructure.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
