Attackers are devising ever-more sophisticated ways to illicitly access, inspect, and manipulate critical infrastructure control systems—and security practices and products are constantly evolving in turn.
Keeping up with the ever-changing cybersecurity threats can seem daunting, but there are several practical steps that all owners of critical infrastructure systems can begin taking immediately to mitigate the risk of a damaging cyber attack.
These practical steps do not directly address regulatory requirements or any particular cybersecurity framework. Instead, they provide a broad set of best practices intended to help you and your team cut through the complexity of cyber-attack protection and improve the overall security of your systems.
For help meeting regulatory requirements and implementing risk mitigation solutions, please contact SEL Cyber Services.
Securing all external and internal network access points is one of the most important things you can do to increase the cybersecurity of your system. Take an inventory of communications paths and the access points they require—and then disable all unused communications ports.
USB ports should also be considered, as they may be potential vulnerability points for viruses and malware propagated via thumb drives.
Having an alternate communications path for key system assets will minimize the impact of denial-of-service attacks. Security alarms should be sent through a second path as well.
Network access points include the following:
SEL cybersecurity experts provide network assessments, OT system baselining services, and risk mitigation plans. We can provide detailed plans for you to follow or implement complete security solutions, depending on your needs.
All communications access points should be secured with user access controls and authentication procedures. In addition, all communications entering or exiting the electronic security perimeter (ESP) should be encrypted to prevent man-in-the-middle attacks.
Keep your designs safe, and limit access to system details to those who have a need to know in order to do their jobs. Be especially careful to protect the following:
The SEL cybersecurity team provides comprehensive analyses of existing security plans, policies, and procedures as they relate to personnel, technology, and operations, including:
Analyses include detailed reports, complete with findings and actionable suggestions for improvement.
A strong and effective security solution should have multiple layers of defense. Defense in depth should include:
SEL cybersecurity professionals provide setup, documentation, and customer training on defense-in-depth best practices, including the following:
Whether you need to manage one substation or hundreds, SEL can help you apply layered cybersecurity that maximizes reliability and minimizes the intrusiveness of controls on critical processes.
Your organization should have a clear, concise plan that details how your company will respond to a cyber incident. Having a cybersecurity incident response plan in place before the emergency occurs will help you mitigate potential damage and recover more quickly.
SEL helps companies build incident response plans that include the following recovery services:
Implement these best practices to ensure that passwords protect access to devices and systems:
SEL provides a comprehensive approach to effective password management. In addition to offering services to review security plans, policies, and procedures, we also create solutions that include products and training.
SEL equipment such as the SEL-3620 and SEL-3622 Ethernet Security Gateway products make it easy to manage passwords and access to IEDs. You can use virtually all printable ASCII characters and a password manager, such as KeePass or Lastpass, to generate long, complex passwords for each unique login you have.
SEL University also provides real-world, hands-on training in using SEL solutions to implement strong electronic access controls for critical assets.
Cybersecurity is achieved not merely by products and software, but by people. Some of the most damaging cyber attacks in history have exploited human weaknesses to bypass strong electronic security.
Creating a security-aware culture with appropriate education and training is vital to the continued success of any cybersecurity program.
Take advantage of our cybersecurity awareness and education resources—many of them free—to help build a security-aware culture in your organization.
SEL cybersecurity professionals provide expert help with evaluating your control systems and communications networks and implementing solutions that mitigate cybersecurity risks.
We provide a comprehensive range of professional services that include system baselining, security roadmaps, and the design and implementation of complete OT networking and cybersecurity solutions.
We’re happy to answer all your questions and help develop the best solution for your needs.
SEL support teams are stationed in regional offices around the world and staffed with application engineers who are experts in our products and in power system applications.
Technical support for SEL-manufactured devices is always free. No matter how often you need to call or how long your SEL products have been in service, you’ll reach an SEL expert who can provide the service and support you need.
Our cybersecurity team is always ready with the information and resources needed to keep your OT networks and critical systems secure and working effectively. Cyber services support contracts can include incident response, audits, system hardening, and more, depending on your anticipated needs.