Security strategy and compliance
Security strategy planning: from the enterprise’s own business strategy and IT strategy, planning industrial control security strategy and objectives;
Security compliance: According to the industry and region of the enterprise, sort out the corresponding regulatory requirements and track the updates, carry out gap analysis, and rectify the problem discovery to meet the compliance requirements.
Risk assessment and management
Asset identification: identify equipment and facilities, hardware, software, data, communication protocols, documents and other industrial control-related assets, and determine the value of the assets;
Risk identification: identify vulnerabilities at the management and technical levels of industrial control, and consider internal and external threats;
Risk assessment: Based on the determined value of industrial control assets, identified vulnerabilities and threats, judge the possibility and impact of risk occurrence, and rank risks;
Risk response: Based on the results of risk assessment, plan appropriate response measures to control the risk within an acceptable range.
Security governance and architecture
Organizational structure: Establish an industrial control safety management organization and the person in charge of safety management, clarify and implement safety management responsibilities, and supervise the effective operation of safety management measures;
System and process: Formulate industrial control security management system and process, including software and hardware management, identity authentication and access control management, data protection and backup management, configuration and patch management, network and communication management, equipment management, physical and environmental management, supply chain management, security audit, etc.;
Technical measures: Establish a comprehensive industrial security technical framework, including network and equipment monitoring, intrusion detection and protection, system configuration and update, border protection, communication protection, security domain division, application security, data security, log management, virus and malicious code prevention, physical and environmental security, etc.
Safety awareness: Establish an industrial control safety training mechanism to enhance the overall safety awareness of the enterprise, including laws and regulations, enterprise safety system and process, safety events, safety technology, etc.
Threat and vulnerability management
Intelligence collection: Continuously collect news, events, vulnerabilities and other information related to the security of enterprise industrial control systems as a reference and basis for security protection;
Vulnerability scanning: Through professional tools, scan the equipment, components, systems and communication protocols in the industrial control system network, identify vulnerabilities in the industrial control system, assess and sort their risks, and take appropriate countermeasures;
Penetration test: through professional design, simulate real hacker attacks, try to break through the existing security control, and evaluate the anti-attack capability of the system;
Communication protocol vulnerability analysis: Through professional tools, identify the communication protocol in the industrial control system, analyze and evaluate the vulnerability of the communication protocol.
Safety emergency management
Establishment of emergency team: Establish emergency team, manage and coordinate enterprise industrial control safety emergency work;
Risk scenario identification: Determine industrial control safety risk scenarios, including data loss, equipment damage, communication interruption, production power outage, natural disasters, etc.
Plan establishment: According to the determined risk scenario, combined with the actual situation of the enterprise, the development of industrial control safety incident emergency plan;
Emergency drills: carry out drills for emergency plans, and update emergency plans according to the drill results.
With the continuous development of enterprise business strategy, production management mode, and information and communication technology, industrial control safety protection system should also be adjusted accordingly. In addition, while promoting intelligent manufacturing, Industry 4.0 will also promote the application of emerging technologies to modern production, including Internet of Things technology, 5G, AI, big data, cloud computing, etc.