Understand your network's risk level
Starting with a risk assessment is a best practice recommended not just by Belden, but by many security consulting firms and standards groups. You need to understand your network’s level of risk and rate the state of cyber defenses at your facilities. This process is important and it is not a one-time exercise. Good security requires monitoring, evaluating and improving your plans regularly in order to ensure current measures are working effectively. This will also help you to recognize new or developing risks to the network.
Create a plan to secure your network
The approach you want to take is called Defense in Depth (DiD), which includes multiple layers of defense distributed throughout the control network. A well-developed DiD strategy includes:
- Multiple layers of defense instead of relying on a single point of security
- Differentiated layers of defense, ensuring an attacker can’t access all subsequent layers after getting past the first
- Context- and threat-specific layers of defense, meaning each layer is optimized to deal with a specific class of threats
If your network is protected by a DiD strategy, the impact of an accidental security incident or a malicious attack will be limited to the zone where the problem began. You want to set up your systems so that the right people or teams receive an alarm and the work to identify the issue begins in a timely fashion.
Prioritize the “crown jewels”
Lastly, you must prioritize the "crown jewels." Think of the systems that would cause a complete disaster for your network if they were shut down (either unintentionally or maliciously). Every control engineer knows what really matters to his or her particular operation. Aggressively protect these assets and the chance of a truly serious cyber incident is greatly reduced.
More information on Belden’s Industrial Cyber Security Solution Portfolio can be found here.