Defense-in-Depth May Be Our Best Bet for Industrial Control Systems Cybersecurity

The digital realm is expanding in new and unpredictable directions, and recent events – not least of which include last month’s OPM hacking revelations – have served as a sobering reminder of the vulnerability of critical U.S. entities to cyber attacks. It is crucial that both the public and private sectors analyze and construct appropriate defensive measures against the destructive potential of cyber weapons; specifically, as a recent GBC issue brief observes, considerable progress might be made in deflecting cyber attacks against industrial control systems (ICS) through the development of a more vigilant defense-in-depth posture.

While ICSs have traditionally operated under the policy of “security through obscurity,” the advent of Internet-connected IT systems, cloud computing, and mobile technologies has rendered them increasingly susceptible to intruders. A 2014 survey found that 70% of security executives at critical infrastructure companies worldwide had experienced a serious cyber breach within the past 12 months; at the same time, only 28% felt that their organization was effectively managing security risks. On the federal side, although ICS cybersecurity has been flagged as a top priority, there remain significant weaknesses in many agencies’ policies – many of which could be addressed by restructuring attack countermeasures according to defense-in-depth principles. The NIST Guide to Industrial Control Systems (ICS) Security highlights key aspects of this approach:

Network Segmentation – minimizing access to sensitive information by partitioning the ICS network into smaller networks with separate security domains.

Boundary Protection – installing devices (gateways, routers, firewalls, intrusion detection systems, etc.) that control communications passing through domain boundaries and prevent unauthorized flow of information.

Authentication and Authorization – determining a secure process for verifying identity credentials of ICS network users.

Monitoring, Logging, and Auditing – monitoring user activity, content, and accessed URLs in order to validate system operation, troubleshoot, and determine sources of breaches.

Incident Detection, Response, and System Recovery – developing a fast response to incident detection and post-breach recovery.

Unknown Threat Prevention – tracking and understanding potential threat sources in order to proactively devise risk management strategies.

While the cyber threat remains increasingly salient, implementing these fundamental defense-in-depth measures could contribute substantially to our ability to safeguard U.S. critical infrastructure against future attacks.