Covid Best Practices for Cyber Risk Management

Syed M. Belal, Md. Abdur Rahman
{"title":"Covid Best Practices for Cyber Risk Management","authors":"Syed M. Belal, Md. Abdur Rahman","doi":"10.2118/208113-ms","DOIUrl":null,"url":null,"abstract":"\n If we learned anything from the year 2020, it is that we need to be more prepared for the unexpected. We need to be working to enable our business to be more resilient in the face of unexpected challenges. We strongly believe that for the industrial sector, the most effective way to enable resiliency is to ensure you have integrity in your operational technology (OT).\n The objective of this paper is to identify and manage the risk that arose from managing plants remotely. As a result of COVID-19, people started working and managing from home. While this needed to be done to keep businesses running, many risks were introduced as well. How to manage them effectively to reduce cyber risk to an acceptable level will be discussed.\n Industrial frameworks to identify security gaps, and thus risk, were considered, such as ISA-99/IEC-62443, NIST, ISO-27001, and Top CIS controls. New practices critical infrastructure followed to reduce infection rates were identified from interviews and surveys conducted by PAS, part of Hexagon, of our customers who work with critical infrastructure. These new practices were then compared to the industrial risk management framework to identify the severity of the threats. Once these were identified, mitigation plans were recommended to reduce the risk to an acceptable level.\n Because of this rapid shift to run the plant remotely, there was an over-provisioning of access in the early stages of the pandemic – i.e., giving more direct access to the industrial control system environment. This was not wise from a security standpoint, but the priority was to keep businesses up and running, so they were ready to take that risk.\n Now that some organizations have decided to continue with remote work, it is imperative to verify all remote access considers the least privileged access concept.\n Remote access is like a bridge that bypasses all the controls implemented. Having a remote access vulnerability will help bad actors break into the network and cause catastrophic damage. Though this paper focuses on remote access risk introduced by the COVID-19 pandemic, you can apply the findings to all remote access into critical infrastructure.","PeriodicalId":10967,"journal":{"name":"Day 1 Mon, November 15, 2021","volume":"87 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2021-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Day 1 Mon, November 15, 2021","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2118/208113-ms","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

If we learned anything from the year 2020, it is that we need to be more prepared for the unexpected. We need to be working to enable our business to be more resilient in the face of unexpected challenges. We strongly believe that for the industrial sector, the most effective way to enable resiliency is to ensure you have integrity in your operational technology (OT). The objective of this paper is to identify and manage the risk that arose from managing plants remotely. As a result of COVID-19, people started working and managing from home. While this needed to be done to keep businesses running, many risks were introduced as well. How to manage them effectively to reduce cyber risk to an acceptable level will be discussed. Industrial frameworks to identify security gaps, and thus risk, were considered, such as ISA-99/IEC-62443, NIST, ISO-27001, and Top CIS controls. New practices critical infrastructure followed to reduce infection rates were identified from interviews and surveys conducted by PAS, part of Hexagon, of our customers who work with critical infrastructure. These new practices were then compared to the industrial risk management framework to identify the severity of the threats. Once these were identified, mitigation plans were recommended to reduce the risk to an acceptable level. Because of this rapid shift to run the plant remotely, there was an over-provisioning of access in the early stages of the pandemic – i.e., giving more direct access to the industrial control system environment. This was not wise from a security standpoint, but the priority was to keep businesses up and running, so they were ready to take that risk. Now that some organizations have decided to continue with remote work, it is imperative to verify all remote access considers the least privileged access concept. Remote access is like a bridge that bypasses all the controls implemented. Having a remote access vulnerability will help bad actors break into the network and cause catastrophic damage. Though this paper focuses on remote access risk introduced by the COVID-19 pandemic, you can apply the findings to all remote access into critical infrastructure.
《网络风险管理最佳实践》
如果说我们从2020年学到了什么,那就是我们需要为意外做好更多准备。我们需要努力使我们的业务在面对意想不到的挑战时更具弹性。我们坚信,对于工业部门来说,实现弹性的最有效方法是确保您的运营技术(OT)的完整性。本文的目的是识别和管理远程管理工厂所产生的风险。由于COVID-19,人们开始在家工作和管理。虽然需要这样做以保持业务运行,但也引入了许多风险。会议将讨论如何有效管理这些风险,将网络风险降低到可接受的水平。我们考虑了识别安全漏洞和风险的工业框架,例如ISA-99/IEC-62443、NIST、ISO-27001和Top CIS控制。PAS (Hexagon的一部分)对我们的关键基础设施客户进行了访谈和调查,确定了关键基础设施的新做法,以降低感染率。然后将这些新做法与工业风险管理框架进行比较,以确定威胁的严重程度。一旦确定了这些风险,就建议制定缓解计划,将风险降低到可接受的水平。由于这种向远程运行工厂的快速转变,在大流行的早期阶段,过度提供了访问权限,即提供了更直接访问工业控制系统环境的权限。从安全的角度来看,这是不明智的,但首要任务是保持业务正常运行,因此他们准备承担风险。既然一些组织已经决定继续远程工作,那么必须验证所有考虑到最低特权访问概念的远程访问。远程访问就像一座桥,可以绕过所有已实现的控制。拥有远程访问漏洞将帮助不良行为者闯入网络并造成灾难性的破坏。虽然本文侧重于COVID-19大流行带来的远程访问风险,但您可以将研究结果应用于关键基础设施的所有远程访问。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信