Cyber is a series dedicated to protecting your industrial controls.
Defense is Depth is more of a philosophy than anything else. The general idea is that one should have multiple methods of protecting one's assets. How these are set up is your choice, but you should have more than just one thing defending everything.
Smaller plants often share IT and OT networks. While this may be necessary due to budget considerations, what is the next protection? Do they have backups of their system? How often do they back them up? How often do they test those backups?
Larger plants often have complex systems. How well documented are those systems? Where are those documents? (The balancing act includes how much documentation you want on network drives that your adversaries could gain access to.)
Regardless of size, do you have internal staff who can get your system back online? Do you have external contractors who could do it? Do you just have one person who can do it? (If you are in the last position, what happens if they win the lottery the week before someone breaks in?)
You need multiple layers of protection. If you talk to corporate, they will think of it as a raw onion: unappealing and difficult to swallow. But you can always ask them how long we could be down for if they do not budget for your requests...
Keep your system safe!
Comments