Fri Apr 8 06:49:41 PDT 2016
Management: ICS Security Management: Who should manage ICS security and where should they be placed?
Options:
Option 1: An enterprise-wide ICS security manager should be used.
Option 2: Each major business unit with substantial ICS operations should have an ICS security manager.
Option 3: Each facility should have an ICS security manager.
Option 4: Each ICS system should have a security manager.
Option 5: No ICS security manager should be in place.
Option A: The top-level ICS security manager should be at the enterprise executive level.
Option B: The top-level ICS security manager should be one level below the top-level enterprise security executive.
Option C: An ICS security manager should work one level below the top-level operations manager for the relevant ICS systems.
Option D: An ICS security manager should be a member of the overall ICS design and operations team.
Decision:
IF Risks are Low,
THEN No ICS security manager should be in place.
OTHERWISE
IF Enterprise-wide security architecture is in place AND ICS is a significant component of the enterprise,
THEN An enterprise-wide ICS security manager should be used.
ALSO
IF Enterprise information protection is structured so that business units have security managers,
THEN Each major business unit with substantial ICS operations should have an ICS security manager.
ALSO
IF A facility contains ICS systems with Medium or High risk levels,
THEN That facility should have an ICS security manager.
ALSO
IF ICS systems have High or Medium risk,
THEN That ICS system should have a security manager.
ALSO
IF An enterprise-wide ICS security manager is used,
THEN The top-level ICS security manager should be one level below the top-level enterprise security executive.
ALSO
IF The enterprise is small OR ICS is a major component of enterprise operations and managed at the enterprise level,
THEN The top-level ICS security manager should be at the enterprise executive level.
ALSO
IF An operations manager is in charge of a Medium or High risk ICS operation,
THEN An ICS security manager should work one level below the top-level operations manager for the relevant ICS systems.
ALSO
IF An ICS security manager is in place at any level,
THEN An ICS security manager should be a member of the overall ICS design and operations team.
Basis:
An enterprise-wide ICS security manager should be
used:
An enterprise-wide ICS security manager has
executive-level control over all ICS security decisions. This includes
all facets of information protection as they apply to ICS
systems. This is rarely the case in large enterprises, and when it is,
the ICS security manager typically works for another high-level
executive at the enterprise level and has responsibility across
business units which typically have their own ICS security expertise
that is coordinated by the enterprise-wide executive. This should not
normally be the Information Protection Lead (IP Lead), since ICS is highly specialized and
requires special knowledge and attention that is usually not available
to the IP Lead, who has many other broad responsibilities.
Each major business unit with substantial ICS operations should
have an ICS security manager: This is compatible with an
enterprise-wide ICS security manager, and typically used because each
business unit typically has different sorts of ICS systems and
requirements and operates in a different management decision-making
structure, in different locations, and under different requirements.
Each facility should have an ICS security manager: As a
rule of thumb, when a facility contains ICS systems with Medium or
High risk levels, it is prudent to have an individual in the ICS
security manager role. However, this may be a role that also involves
other duties, depending on the workload of this activity at the facility.
Each ICS system should have a security manager: In
cases where ICS systems have High or Medium risk, a security manager
should be identified with each ICS, even if that individual plays
other roles and may have that role for a multitude of such systems.
This is required if only to have a responsible party with adequate
knowledge of the specific ICS for making decisions regarding the
implications of changes.
No ICS security manager should be in place: In Low risk
situations or in situations where ICS mechanisms are highly
standardized, there may be no need for an ICS security manager.
The top-level ICS security manager should be at the enterprise
executive level: For large enterprises, there may be a single
point of coordination of ICS security, and in smaller enterprises,
there is often an individual tasked with this responsibility. To the
extent that the ICS and enterprise information systems interact, the
ICS security manager should be responsible for integration and
protection across the boundaries. This has to be done at some level,
and since enterprise architecture usually exists at this level, it is
important that integration of these architectures is done at this level.
The top-level ICS security manager should be one level below the
top-level enterprise security executive: Some enterprises
structure protection so that an IP Lead exists at
the enterprise level. In those cases, when there is enterprise-wide
unified ICS security management, the ICS manager might appropriately
be placed in that position.
An ICS security manager should work one level below the
top-level operations manager for the relevant ICS systems:
This is a reasonable management structure for an ICS security manager.
The operations manager has responsibility that requires the expertise
of the ICS security manager, and the ICS security manager tends to
make decisions that directly effect and are affected by operational
issues.
An ICS security manager should be a member of the overall ICS
design and operations team: In most cases when an ICS
security manager is in place, it is appropriate for them to
participate in the design and operations team activities. To the
extent that ICS security architecture is in place, that architecture
is usually the responsibility of the ICS security manager to assure,
and thus their presence on the design team will be instrumental to
proper architectural operations.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved
|