Thursday, July 9, 2020

Common Vulnerabilities in Critical Infrastructure Control Systems - 550 Words

Common Vulnerabilities in Critical Infrastructure Control Systems (Case Study Sample) Content: Common Vulnerabilities in Critical Infrastructure Control Systems Name Institution Instructor Date Common Vulnerabilities in Industrial Control Systems Industrial control systems face various vulnerabilities, which may occur both within and outside the network of the control system. These vulnerabilities arise from various sources, mainly due to the operations and communications carried out by these control systems. The inefficiencies or the lack of administration and security governance, inadequate funds to ensure proper system management, and the attrition of employees in the automation of the control system could also expose the system to these vulnerabilities (Stamp, Dillinger, Young, DePoy, 2003). In addition, the vulnerabilities may arise due to external attacks due to the individuals outside the system, who take advantage of the loopholes in the network being used by the control system. Being able to understand the vulnerabilities that the industrial controls systems at PureLand Wastewater will ensure that appropriate measures are put in place to mitigate them. PureLand Wastewater faces threats and vulnerabilities in their ICS. A major threat is that the company has not established the sensitivity levels of the data that is circulated in their system. Most secure systems are determined by the ability to classify and identify the data into their appropriate categories based on how sensitive they are to the organization. Failure to establish such distinction makes it hard to determine where the precautions could be applied or data segments that requires more security. Most ICS systems become vulnerable due to lack of effective security administration, mainly due to the absence of effective policies to help in system administration (Stamp, Dillinger, Young, DePoy, 2003). The lack of policies on security leads to lack of measurability and self-perpetuation of security, which in turn makes the network more vulnerable to external threats. For the prevention of these vulnerabilities, the organization should apply procedures that enhance security administration making it effective and instills coherence. This is done through the implementation of security plans and training, implementing guides, as well as auditing the system controls to enforce security. The architecture of the control system could make it more vulnerable due to the physical infrastructural damages or architectural designs that weaken the protection of the system data. In addition, the networks and links that are used to convey data or signals within the organization may expose it to security vulnerabilities. The platforms that are used could also endanger the data shared within the organization due to harm that may arise form incidences within the company. The use of passwords does not always guarantee the protection of the data as these may be accessed and lead to damages. The failure by the company to collect or examine the system logs could cause the system to become vulnerable and possible loss of vital i...

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.