3 principles to reduce cyber risks to your control systems

Department of Homeland Security offers valuable resources to combat cybersecurity incidents.

By Marty Edwards, director, Department of Homeland Security, Industrial Control Systems Cyber Emergency Response Team

While the world is becoming more and more interconnected and “connecting machines to IT systems provides a number of benefits,” such connectivity, if not installed properly, can introduce many security challenges. These inter-connections can enable security vulnerabilities and potential pathways for compromise of the control environment by malicious threat actors.

The mission of the Department of Homeland Security’s (DHS’s) National Cybersecurity and Communications Integration Center (NCCIC), and specifically the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is to assist critical infrastructure asset owners to reduce cyber risks to control systems and processes that operate the nation’s critical infrastructure. ICS-CERT responds to cybersecurity incidents on a daily basis, almost all involving compromises of control system environments via connections to the corporate network. Once on the network, intruders often move laterally looking for other connected zones or networks. Without proper network segmentation and monitoring of communications, the control system environment can potentially be compromised, in some cases providing the ability for the intruder to take control of the process.

To learn more about cybersecurity, read “U.S. government resources for cybersecurity” from Control Design.

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments