Professional Documents
Culture Documents
Cybersecurity Best Practices For Industrial Control Systems
Cybersecurity Best Practices For Industrial Control Systems
Practices
ICS security patches.
CISA ASSESSMENTS: FISCAL YEAR 2019 MOST PREVALENT IT AND OT WEAKNESSES AND RISKS
Boundary Principle of Identification and Physical Access Account
Protection Least Functionality Authentication Control Management
RISK RISK RISK RISK RISK
Undetected unauthorized Increased vectors for malicious Lack of accountability and Unauthorized physical access to field Increased opportunity for
activity in critical systems party access to critical systems traceability for user actions if equipment provides increased opportunity to: unapproved system access from For additional information, including advisories, alerts, and
an account is compromised • Maliciously modify, delete, or copy device shared or system accounts recommendations, please visit CISA’s Industrial Control Systems
RISK RISK programs and firmware website: https://www.cisa.gov/ics
Weaker boundaries between Opportunity for rogue internal RISK • Access the ICS network
ICS and enterprise systems access to be established Increased difficulty in securing • Steal or vandalize cyber assets
accounts as personnel leave the For additional information on Department of Energy (DOE)
• Add rogue devices to capture and cybersecurity initiatives, please visit:
organization, especially sensitive
for users with administrator access retransmit network traffic https://www.energy.gov/ceser
PROACTIVELY PROTECT TOMORROW