Cybersecurity standard to affect critical industries

New standard might improve all industries, critical or not.

By Ian Verhappen, P.Eng.

In response to Executive Order (EO) 13636, NIST released version 1 of "Framework for Improving Critical Infrastructure Cybersecurity" in February 2014. It says the EO defines critical infrastructure as "systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters," which is certainly potentially a broad swath of industry. Critical infrastructure is commonly assumed to be utilities, emergency responders and similar, but it could and perhaps should include all forms of manufacturing, or at least those related to the energy industry and other hazardous goods.

The EO's  Framework model works somewhat like most risk management tools, developing a grid of functions (Core) versus compliance (Tiers) to determine your level of risk and compliance. A number of tools are available to assist with performing the analysis, and Table 2 in Appendix A includes a wide range of references for each of the identified functions and subcategories.

What, you may ask, does all this have to do with wireless?

To learn more about standards, read “New standards coming for cybersecurity of critical infrastructure” from Control.

Free Subscriptions

Plant Services Digital Edition

Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe Today. E-Newsletters

Get Plant Services delivered to your inbox Monday through Friday! Sign up for Plant Services' complimentary Smart Minute e-newsletter to get maintenance and reliability know-how you can put to use today, plus the latest manufacturing news from around the Web, special reports, and more. Learn more and subscribe for free today.