Sep, 2016
Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies
United States. Department of Homeland Security; Industrial Control Systems Cyber Emergency Response Team
"This recommended practice document provides guidance for developing mitigation strategies for specific cyber threats and direction on how to create a Defense-in-Depth security program for control system environments. The document presents this information in four parts: 1) 'Background and Overview' outlines the current state of ICS [industrial control systems] cybersecurity and provides an overview of what defense in depth means in a control system context; 2) 'ICS Defense-in-Depth Strategies' provides strategies for securing control system environments; 3) 'Security Attacks' outlines how threat actors could carry out attacks against critical infrastructures and the potential impact to ICSs and networks; and 4)'Recommendations for Securing ICS' provides resources for securing ICSs based on the current state-of-the-art methods and lessons learned from ICS-CERT [Industrial Control Systems Cyber Emergency Response Team] activities, national and sector-specific standards for ICS security, and tools and services available through ICS-CERT and others that can be used to improve the security posture of ICS environments."
-
URL
-
Publishers
-
DateSep, 2016
-
CopyrightPublic Domain
-
Retrieved FromUnited States Cyber Emergency Response Team: ics-cert.us-cert.gov/
-
Formatpdf
-
Media Typeapplication/pdf
-
Subjects
-
Resource Group
Details