Industrial Control Network (ICS) Security is a relatively new field, in which there is a growing knowledge gap among its different actors, in one side we have usual Control Systems devices and interconnecting networks with all their own complexity and particular problems/challenges, and in the other side we have the Information Security area in which by its current state is having a growing skills shortage. Moreover, an additional level of complexity is added when different non-standardized networks are working together in an Ethernet based network architecture, which is the case of different types of sensors sending digital signals (or digitized analog signals) through usually proprietary industrial networks to control devices, such: PLC, DCS, etc and from this to much more complex and once again non-standard SCADA systems; from which management can take different kinds of processed or unprocessed data through standard Network devices to a specific or wide audience depending on the company structure.
Having that amount of devices, non-standard industrial networks, standard network devices, and proprietary network protocols doesn't make any easier different security related processes as risk assessment, vulnerability management, patching, logging and monitoring, etc., moreover the result of a Cyber Security Incident in ICS could humans life, e.g. Stuxnet [1], and other attacks [2].
In an additional note, Incident Response will be heavily impacted in the first triage due to the above unique characteristics ICS Security has.
Although there are efforts towards the creation of a much wider curriculum that could create professionals with knowledge in both areas, finding professionals with both skills set is a growing challenge.
From other point of view this allows professionals from both areas, Control Systems and Information Security, to work together to find solutions in their own areas, although that could represent an additional cost for companies/organizations.
Critical infrastructure companies and governments should get together in order to create a collaborative platform in which support can be given according to specific needs. This is being done in many countries, but the efforts should be rapidly followed by the rest of the world.
References:
1. https://en.wikipedia.org/wiki/Stuxnet
2. https://www.cbronline.com/cybersecurity/top-5-infrastructure-hacks/
.jpg)
.jpg)
.jpg)
.jpg)