Cybersecurity Readiness: An Empirical Study of Effective Cybersecurity Practices for Industrial Control Systems (original) (raw)
Related papers
An Analysis of Critical Cybersecurity Controls for Industrial Control Systems
European Conference on Cyber Warfare and Security
Industrial Control Systems (ICS) comprise software, hardware, network systems, and people that manage and operate industrial processes. Supervisory Control and Data Acquisition Systems (SCADA) and Distributed Control Systems (DCS) are two of the most prevalent ICS. An ICS facilitates the effective and efficient management and operation of industrial sectors, including critical infrastructure sectors like utilities, manufacturing, and water treatment facilities. An ICS collects and integrates data from various field controllers deployed in industrial contexts, enabling operators to make data-driven decisions in managing industrial operations. Historically, ICS were isolated from the internet, functioning as part of air-gapped networks. However, the efficiency improvements brought about by the emergence of Information Technology necessitated a shift towards a more connected industrial environment. The convergence of Information and Operational Technology (IT/OT) has made ICS vulnerabl...
From safety to cyber security: New organizational challenges in Industrial Control Systems (ICS)
2017
Cyber security is a growing challenge for all organizations. In the past two decades, organizations have developed a huge amount of infrastructures based on important industrial control systems (ICS) for their businesses. A specific domain of these challenges comprises the industrial organizations that manage railway infrastructures, public utilities, nuclear plants, communication infrastructures and utilities. The aim of the paper is developing a conceptual bridge between organizational research on safety and new research program on cyber security in industrial setting. Working on data provided by an ongoing project on cyber risk in ICS, the paper suggest a preliminary framework to face with relevant questions and reflections on how the organizational social construction of safety can be in some way a good proxy to understand the sociotechnical side of cyber risk in industrial sites.