For Better OT Security, Control And Monitor Your Environment
- It’s important not just to have a comprehensive understanding of the types of communication transpiring on your ICS network but detailed monitoring in place as well.
- Establishing a baseline for what normal behavior looks like will allow you to identify anomalous events in the ICS environment more easily.
“Once you’ve got a baseline, it’s really easy to detect if an asset suddenly throws an error or is doing something that it doesn’t normally do.”
Spencer Wilcox is an experienced ICS security leader who provides strategic direction to teams responsible for protecting the grid. He believes that controlling and monitoring network flows is key to improving ICS security. Wilcox suggests three measures chief information security officers (CISOs) can take to make the plant’s OT/ICS environment more secure from cyber attacks:
– Instead of relying on a device-based strategy, aim for absolute control of your network flows.