A recent incident where a likely nation-state threat actor inadvertently shut down a critical infrastructure facility in the Middle East when testing new malware has stoked widespread concerns about the vulnerability of industrial control systems (ICSs) to new cyberthreats. Many security experts see the incident as a harbinger of a new wave of destructive attacks targeting ICS and want critical infrastructure owners to urgently update the security of their operational technology (OT) networks.

What is an ICS?

An ICS is any device, instrumentation, and associated software and networks used to operate or automate industrial processes. Industrial control systems are commonly used in manufacturing, but they are also vital to critical infrastructure such as energy, communications, and transportation. Many of these systems connect to sensors and other devices over the internet—the industrial Internet of things (IIoT), which increases the potential ICS attack surface.

ICS security

“It is important that organizations leverage lessons learned securing enterprise IT but adapt those lessons to the unique characteristics of OT,” says Eddie Habibi, CEO and founder of ICS security vendor PAS Global. “This includes moving beyond perimeter-based security in a facility and adding security controls to the assets that matter most – the proprietary control systems, which have primary responsibility for process safety and reliability,” he says.

The following are some of the key questions that plant operators, process control engineers, manufacturing IT specialists, and security personnel need to be asking when planning for ICS security, according to several experts.