-
Protect, Detect and Respond
-
Defence in Depth
-
Technical, procedural and managerial protection measures
-
ESTABLISH ONGOING GOVERNANCE
- Establish governance and supporting organisation
- Develop and implement the security strategy
- Monitor the risks and ensure compliance
- Maintain and improve security
-
MANAGE THE BUSINESS RISK
- Assess business risk
- Establish ongoing risk management
-
MANAGE INDUSTRIAL CONTROL SYSTEMS LIFECYCLE
- Ensure security requirement included in procurement
- Ensure ICS are secure by design
- Manage security through ICS construction
- Manage operational security
- Manage security risks during decommissioning & disposal
-
IMPROVE AWARENESS AND SKILLS
- Increase ongoing awareness
- Establish training frameworks
- Develop working relationship
-
SELECT AND IMPLEMENT SECURITY IMPROVEMENTS
- Review risks and assess existing controls
- Define target state
- Develop a risk reduction plan
- Implement security improvements
-
MANAGE VULNERABILITIES
- Monitor vulnerabilities and threat activity
- Analyse impacts and review response options
- Test and implement selected response
-
MANAGE THIRD PARTY RISKS
- Identify third parties
- Manage risk from vendors
- Manage risk from support organisations
- Manage risks in the value chain
-
ESTABLISH RESPONSE CAPABILITIES
- Form an ICS Security Response Team
- Integrate security response with other business response plans
- Test and rehearse response capabilities
- Monitor and respond to security alerts and incidents