How ICS Operators Can Improve Cybersecurity

 Learn how ICS operators can improve cybersecurity.

Learn how ICS operators can improve cybersecurity.

Industrial Control System (ICS) is a term that encompasses many types of control systems and associated instrumentation used for industrial process control. ICS operators are attempting to improve cybersecurity, but many do not know how to operate a system effectively and securely. In the whitepaper “Effectively Maintaining the Security of Industrial Control Systems” by Schneider Electric, there is a detailed description of the tasks associated with ongoing system maintenance process. Continue reading for an overview of the concepts presented in the paper and learn how ICS operators can improve cybersecurity.

Continual Monitoring

The Maintenance Phase is when the organization actively monitors the ICS, responds to incidents, performs maintenance tasks such as back-ups, and manages change. This phase includes various independent activities that require effective management. These activities may occur on a continuous basis, or they may be event driven. Continual monitoring doesn’t just mean that personnel must look at the alarms every day, but instead, they must have in-depth knowledge of the monitoring applications.

There are two activities of continual monitoring- asset monitoring and security monitoring. Asset monitoring refers to the ongoing monitoring of the network to track devices connected to the system and to ensure elements are using the latest software versions. Software monitoring focuses on the tracking of technologies that have been implemented to detect malicious activity.

Event Driven Maintenance

In addition to activities that occur on a continual basis and operate in the background, there are a few event-driven components of the Maintenance Phase. One element that is critical to system security is patch management, which refers to the activity of patches being utilized by equipment vendors to address vulnerabilities. Another crucial process in the Maintenance Phase is incident handling, which creates a plan to deal with intrusion, cyber theft, denial of service, malicious code, and additional security-related events.

The system backup component defines elements requiring backup- including the number of backups, manual vs. automatic backup, backup schedules, file storage locations, and how to get rid of backup systems that are no longer needed. Also, since system architecture diagrams, network diagrams, and asset inventories were created during the implementation phase, changes will occur when the system is operational. A change management process will ensure that changes in the system are effectively requested, decided on, implemented, and documented.


A third key area that all companies should associate with maintenance is auditing. Businesses should create an extensive plan to audit essential cybersecurity-related policies and procedures on a regular basis. Examples of an audit schedule may include change management process audits, security recovery audits, and risk assessment process audits. An internal audit is crucial, as it helps to identify weaknesses that a business may not know about and allows leaders to suggest improvements.


At Critical Systems, the people come first, from our employees to our customers. We strive to attract and develop the best talent in the business. Our goal is to deliver innovative solutions for the purpose of making every building secure, efficient, and effectively managed.

Serving the Washington D.C., Northern Virginia, and Baltimore regions, SEBCSI provides innovative solutions for your commercial building or facility. Visit our website and follow us on Facebook, Twitter, Instagram, LinkedIn, and Google+ today! If you’re looking for more information or interested in working with us on your next project, please contact us!

This entry was posted on Tuesday, November 6th, 2018 at 12:21 pm. Both comments and pings are currently closed.

Comments are closed.