- Understand that there’s no such thing as a 100% secure system, unless it’s buried in a vault, still in the box, unplugged, and unconfigured.
- Educate operators to look for operational anomalies. These are usually the first indication that something is wrong.
- Learn and understand the risks associated with security standard you’ve implemented, and how to mitigate them.
- Get control system engineers and IT synchronized, and working in the same department.
- Create polices and procedures that include an organizational tree, which describes mitigation and alert vectors to be used if a breach or threat is found.
- Schedule risk analyses on an ongoing basis.
- Incorporate change control into the above procedures.
- Know who to contact and what to do in case of a breach or attack.
- Create a single-point failure matrix.
- Follow current industry guidance and Microsoft domain isolation guidance, which presently has a patch that to allow a mostly one-button setup in XP-2K3 systems, and will be included as a one-button setup in a Longhorn/Vista domain.
- During critical junctures of possible attacks or potential threats, pulling the plug on the outside world can be effective if the control system can be reduced to a single point of access.