Many end users, system integrators, managers, businesses and other organizations are familiar with their main cybersecurity responsibilities, procedures and chores. However, just as "eternal vigilance is the price of freedom" and "practice make perfect," they need to be continually reexamined and reapplied if a cybersecurity program is going to be effective and successful. As always, the basic steps include:
-
Design, apply and turn on more complex passwords; initiate other authentications for users and components, including two-factor capabilities; set email and messaging apps to block unfamiliar files formats or extensions; and implement and update anti-virus software.
-
Account for and evaluate all network, software and hardware connections at production sites, overall organization and affiliates. Employ passive and active network search and discovery tools to find and shutdown unused or open ports or links.
-
Segregate on-the-floor and in-the-field devices and other operations technology (OT) networks from administrative, enterprise, corporate, Internet and other information technology (IT) networks with network gateways configured to serve as firewalls. Also, maintain firewall configurations, such as scanning compressed files, and upgrade packet-inspection functions when available.
-
Divide geographically distributed sites, production lines, workcells, equipment and other functional areas into sub-networks; prioritize them according to security and safety risk levels; and add firewalls and demilitarized zones (DMZ) between them.
-
Enable publish-only devices like data diodes or publish-subscribe protocols such as MQTT, which permit plant-floor devices or software to send data outwards, but don't permit incoming communications or software downloads.
-
Enlist an organization-wide group of staffers; gain management and enterprise-level support for a cybersecurity program; and cooperate with IT and OT to develop cybersecurity policies and procedures, such as staff education and practical software patching.
-
Teach, train, practice and refresh personnel on carrying out routine cybersecurity tasks. Repeat regularly, so good cybersecurity hygiene and best practices become cultural norms.
-
Disallow mainstream software apps or functions from running in operational areas or the field. These auto play, file sharing or remote desktop services.
-
Allow only the most narrowly defined privileges and network access that users must have to do their jobs. These are determined by their titles, job descriptions, actual roles and tasks they're required to perform. Keep track of known and authorized users and applications, and block others.
-
Establish and maintain regularly scheduled network traffic evaluation and anomaly detection using IT-based software that can identify, isolate, reject and prevent unusual and unauthorized messages, communications and other activities that could be the precursors to cyber-probes, intrusions or attacks.
