Each process application has its own unique characteristics, and so each has its own vulnerabilities and cybersecurity tasks to perform. Jason Nations, senior enterprise security manager at OGE Energy Corp., Oklahoma City, detailed his cybersecurity to-do list during his presentation at ARC Industry Forum 2019 earlier this year in Orlando. It's assignments include:
- Inventory and understand your operating environment, assets and equipment, and find security gaps in them;
- Segment the network with firewalls into sub-networks determined by role-based assets and applications;
- Get all internal staff onboard, and find partners and vendors, so all can help define cybersecurity use cases;
- Follow cybersecurity best practices from recognized organizations, such as NIST's Cybersecurity Framework and the U.S. Dept. of Energy's Cybersecurity Capability Maturity Model (C2M2);
- Base all decisions on risk to answers questions like what are our critical processes?
- Take care of low-hanging fruit, such as settling on DCS group policies, etc;
- Plan and coordinate cybersecurity software and hardware deployments with field personnel;
- Steadily develop a cybersecurity culture, in part by building relations between IT and OT operators in the field;
- Prioritize threat intelligence feeds and limit cybersecurity windows for analysts, so they can focus their efforts and be more effective; and
- Once basic cybersecurity policies, procedures and solutions like anomaly detection are established, begin to actively hunt for threats.
About the author: Jim Montague