Leigh Weber of exida discusses cyber threats and ISASecure in this well written article in Control magazine.
True process security—like true beauty—has to be more than skin deep. So, while a protective metal suit is impressive, it’s nothing without the muscles, bones and brain driving it from inside. Likewise, all the pipelines, tanks and process vessels in every process application and facility are useless without their sensors, instruments and controls, so securing them requires internal awareness and protections that go beyond external defenses.
Simplify and Standardize
Luckily, an excellent way to improve internal cyberecurity is to simplify by turning off or removing unneeded software, hardware, services or access points, and then standardizing the remaining software and components, according to Todd Mortensen II, senior network specialist at Public Service of New Mexico’s San Jose Generating Station (SJGS), who spoke at Invensys’ Foxboro and Triconex Global Client Conference 2013 in September.