Steve Batson, Invensys Critical Infrastructure & Security Practice consultant, gives tips on how nuclear plants can "stay ahead of the curve" and efficently implement cyber security best practices.
U.S. Nuclear Plants have stepped up to the plate and are actively implementing cyber security controls to combat cyber threats. When it comes to cyber security, key areas of focus have been collaboration, leveraging existing programs, standardization, and resource management.
The nuclear industry provides a great collaborative effort through Nuclear Energy Institute (NEI). NEI has several different working groups that allow utilities and vendors to collaborate and approach cyber security systematically and efficiently. Invensys stays intimately involved in NEI and many other key organizations providing useful working groups and sites that provide cyber security guidance.
One area the nuclear industry that saves thousands of man hours is in the efficient performance of cyber security assessments. Sophisticated database tools, like Wiznucleus Cyberwiz-Pro and Lumension Risk Manager, make the assessment process manageable. These tools come pre-loaded with regulatory requirements, interfaces with existing site databases, allow security control responses to be applied to multiple CDAs at once, and provide an efficient process for managing and maintaining cyber security assessments. Implementation of common controls across groups of CDAs can leverage existing programs and greatly reduce the time required to assess the implementation of security controls.
Standardizing and centralizing security solutions implemented across multiple platforms can also increase efficiency. Centralized patching, backups, and signature updates greatly reduce the time and effort required to update systems. Centralized log management (Security Information and Event Management) and intrusion detection system functions also improve efficiency and effectiveness. While it is essential to maintain defense-in-depth, minimizing the number of different types of security controls implemented reduces the cost and complexity to maintain cyber security controls on systems. Consider standardizing the type of language incorporated into procurement contracts to help standardize the security control products purchased.
Developing an effective and maintainable incident response program is another area of focus for establishing efficient use of resources. A comprehensive process, procedure, and knowledgeable set of stakeholders are needed to appropriately respond to an incident. Stakeholders will include maintenance, security, management, ops, engineering, and an expert in incident response. Most plants do not want to invest in keeping staff resources trained in forensic analysis and the use of the tools needed to investigate an incident. This is an area where an external expert can be a more efficient use of resources. It also helps to have someone who can lead an incident response team that is dealing with incident response on a regular basis.
These are just a few tips that can allow nuclear plants to stay ahead of the curve and implement cyber security in an efficient manner. By using online resources and guidance documents, participating in working groups, using effective assessment tools, developing common controls, standardizing security controls and procurement language, implementing centralized log management, and establishing effective incident response procedures, nuclear plants are reducing the amount of cost, effort, and resources needed to implement their cyber security plans.
No comments:
Post a Comment