As the number, scale, and connectivity of industrial automation systems continues to grow, it becomes increasingly crucial to fundamentally understand, evaluate, and manage cybersecurity risks. The objective of an effective cybersecurity management program should be to maintain the industrial automation system consistent with corporate risk criteria.
Ownership for industrial automation cybersecurity concerns often fall to someone with a different full-time focus, as just one more task piled onto an already overbooked schedule. This makes it even more critical to manage cybersecurity both efficiently and effectively. The cost for failing to adequately manage risk for cybersecurity concerns can be seen from an ever-growing list of industry examples.
The first step in actively managing cybersecurity risk is understanding the current level of risk within a system. The three fundamental activities for the analysis of cybersecurity risk in the IEC 62443 lifecycle are:
- High-Level Risk Assessment
- Detailed Risk Assessment
- Security Level Verification
The High-Level Risk Assessment is the starting point for risk analysis activities, and its purpose is to define the scope of future assessments, develop initial security level targets for devices, establish the zone and conduit diagram, identify high risk areas for further analysis, and determine responses to cybersecurity concerns.
The fundamental method behind the High-Level Risk Assessment is that it assumes a threat likelihood of one and focuses on evaluating the worst-case scenario if a cyber asset is compromised, allowing for a relatively quick method to determine the highest areas of risk within an automation system. This method provides easy progression from defining device security level targets to establishing an effective network segmentation strategy by grouping devices with like security requirements into zones and separating zones with boundary devices such as firewalls or managed switches. Combining the results of the High-Level Risk Assessment with the operability requirements of the automation system leads to a network architecture that supports both efficient and secure communication between devices.
Although establishing effective network segmentation is easier for new projects, the results of this assessment still benefits existing facilities by providing an understanding of the highest-risk cyber assets in the automation system. This narrows the focus of further risk analysis to the areas that most need it, reducing the overall cost and duration of analysis activities and allowing organizations to address the highest-risk areas first. It also provides the initial cybersecurity response for a compromised device or zone supporting more effective recovery from cybersecurity incidents.
A High-Level Risk Assessment can typically be completed in one day for a major process area. In this way it supports both improved efficiency (reduced time and cost) and effectiveness (most important security concerns) of cybersecurity risk management for a relatively small investment.
Not only does the High-Level Risk Assessment provide actionable means for addressing critical concerns, but it also inherently defines the scope for future lifecycle activities, specifically for the detailed risk assessment and security level verification.
Interested in learning more? View the webinar, Cyber Risk Assessments and Security Level Verification: High-Level Risk Assessments (Part 1 of 3).