The IACS manager or cybersecurity leader for industrial environments plays a key role in their protection and subsequently in the prevention and management of cyber incidents that affect them. And there is no doubt about the importance of the cybersecurity manager in industrial environments, and that it is a key role in these times for their protection as well as in the prevention and management of cyber incidents, but sometimes Doubts do arise about what the person in this position should do or what challenges they will have to face.
What are the tasks of an IACS manager?
The cybersecurity leader for industrial automation and control systems is responsible for safeguarding these systems. Their job consists of designing, implementing and maintaining security policies and procedures to ensure protection against cyber threats. Additionally, they are responsible for assessing risks, monitoring systems and networks, responding to incidents and promoting cybersecurity awareness [1].
It is also responsible for security incident management, which involves the identification, analysis and response to security incidents that may affect control and automation systems. Additionally, you must stay abreast of the latest trends and threats in industrial cybersecurity to ensure that control and automation systems are protected against the latest threats.
What are your main challenges?
The Cybersecurity Manager – IACS in an industrial environment has a multifaceted role. Within the life cycle of the management system that the Cybersecurity Manager governs, some of the following challenges arise:
Know and understand the industrial environment:
In an industrial environment, the complexity with respect to the technology to operate and maintain the production process or service delivery is extremely high. With non-standard communication protocols, legacy technology and modern systems coexisting, the Cybersecurity Manager must understand their operation in detail and maintain an updated inventory of the assets that must be protected. Additionally, you must take into account that cyber attacks can come from both internal and external sources.
Risk assessment and management:
A key aspect of the Cybersecurity Manager’s job is to identify and assess potential cyber risks in the industrial environment. This involves performing vulnerability analysis, penetration testing, and risk assessments to understand existing weaknesses and take appropriate preventive measures. You must also collaborate with other departments to ensure that effective measures are implemented at all levels. And that its selection is hand in hand with the risk appetite that the owner of the process has determined for each asset.
Implementation of policies and security measures:
They develop policies and procedures to ensure the security of industrial control systems. They implement firewalls, intrusion detection systems, and access controls to protect the internal network against external threats and monitor activity for abnormal behavior [2].
They also maintain close collaboration with the engineering, operations and maintenance teams, to ensure that security best practices are followed from the beginning.
Monitoring and incident response:
Despite preventive measures, security incidents can occur. The Cybersecurity Manager must be prepared to respond quickly to these situations, investigate the root causes and minimize the impact. This involves maintaining a well-trained incident response team, establishing disaster recovery plans, and coordinating with relevant authorities in the event of serious security breaches[3].
Industrial control environments continue to be a target for cybercriminals, and 93% of operational technology (OT) organizations have experienced an intrusion in the last 12 months[4]. This means that cybersecurity leaders in industrial environments must be prepared to deal with continued cyber intrusions and attacks.
Cybersecurity Awareness:
Education and awareness are critical to strengthening cybersecurity posture in an industrial environment. The Head of Cybersecurity must carry out training and awareness programs for staff, highlighting risks, best security practices and preventive measures. This will foster a strong security culture and help prevent human error and social engineering attacks[5].
Cybersecurity Talent Gap:
The cybersecurity talent gap is another challenge facing industrial environment protection leaders[6]. As demand for cybersecurity professionals increases, organizations may struggle to find and retain talent.
Integration of OT and IT systems:
Integrating OT and IT systems is another challenge facing cybersecurity leaders in industrial environments[7]. As OT systems integrate with IT and corporate networks, organizations’ attack surface increases significantly, which can make it difficult to protect control and automation systems from cyber threats.
Conclusions about the person responsible for IACS
The role of the Cybersecurity Manager in an industrial environment (IACS manager) is essential to ensure the protection of critical infrastructure against cyber threats. Their experience in risk assessment, security policy implementation, system monitoring and incident response is essential to safeguarding industrial processes. As digitalization and interconnection continue to transform industrial environments, the role of the Cybersecurity Manager becomes even more crucial. With proper measures and a proactive mindset, we can build an industrial environment that is secure and resilient to the cyber threats of the future.
To know in detail the tasks and obligations of an IACS manager, it is best to complete specific training for this purpose. The C02 – Course responsible for cybersecurity at IACS coordinated by ISA – Spain – CCI is totally focused on providing students with all the theoretical and practical knowledge necessary to perform this highly demanded professional role. Discover now the next call that we will hold for this course.
References:
[1] A. Genge, “Roles and responsibilities of a Chief Information Security Officer (CISO),” Conference on Human Factors in Computing Systems – Extended Abstracts, 2016.
[2] J. Fraser and S. K. Lowe, “Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems,” Syngress, 2014.
[3] NIST Special Publication 800-82, “Guide to Industrial Control Systems (ICS) Security,” U.S. Department of Commerce, National Institute of Standards and Technology, 2015.
[4] Security challenges facing your infrastructure… https://www.iproup.com/innovacion/33262-desafios-de-seguridad-que-enfrenta-infraestructura-de-tu-empresa
[5] K. J. Shin, S. H. Yang and J. H. Park, “Empirical Study on Factors Affecting Individual Employees’ Information Security Awareness,” 2008 Fourth International Conference on Networked Computing and Advanced Information Management, Gyeongju, 2008, pp. 32-37.
[6] Main trends in digital agreements and … https://www.onespan.com/es/blog/digital-agreement-cybersecurity-trends-2023
[7] Industrial cybersecurity: what is it and how to implement it? https://www.ikusi.com/mx/blog/ciberseguridad-industrial-que-es-y-como-implementarla/