Industrial Control System Security

Protective measures against the top 10 threats

Work processes and infrastructures become more and more electronically controlled and permanently monitored. Information will be stored and transmitted digital for this. This also means "that more and more social value is behind these systems". ¹⁾

Not only Stuxnet has terrifyingly brought to collective conscience what experts knew long ago: There is no total security and targeted cyber attacks are possible with sufficient resources (money and manpower).

The table shows:

The top 10 threats for automation and process control system identified by the internationally renowned BSI ³⁾ as well as
appropriate security features of the INSYS icom router products as measure against accidental and targeted cyber attacks!

INSYS - secure

Bank on 3 stands:
1. Technically,
2. Physically and
3. Organisationally.
You are well-prepared with our devices technically more
Find out more about the physical and organisational measures here

Measure catalog PDF

No.	Threat ²⁾	Measures
Technical measures by INSYS SECURITY INSIDE
1	Unauthorised use of remote maintenance accesses	VPN Network segmentation Firewalls Authentication Blacklisting Whitelisting Key switch functions
2	Online attacks via office / enterprise networks	Network segmentation Firewalls Authentication VPN
3	Attacks on used standard components in the ICS network	Remote firmware update Waiving office IT components Linux components selected for INSYS
4	(D)DoS attacks	Redundant connections
5	Human misbehaviour and sabotage	Intuitive configuration "keep it simple and secure" Restrictable web interface access Whitelisting Blacklisting Key switch functions Policies & Procedures Devices and services "Made in Germany" Services only enabled if necessary
6	Introduction of malicious code via removable media and external hardware	VPN Firewall Network segmentation Port-based security
7	Reading and writing messages in the ICS network	Network segmentation VPN
8	Unauthorised access to resources	VPN Firewalls Authentication Network segmentation Key switch functions Port-based security Whitelisting Blacklisting
9	Attacks to network components	Monitoring log files Message dispatch Port-based security
10	Technical misbehaviour and force majeure	Redundant connections Redundant devices Configuration backup

Therefore, use INSYS icom products with INSYS SECURITY INSIDE and benefit from the technically well-founded advice of our employees - we are happy to consult you professionally!

¹⁾ Prof. Gordon Rohrmeier, Hochschule Augsburg BR kontrovers, from min. 8:00

²⁾ Source: BSI-CS 029 | version 1.00 dated April 12, 2012, page 2 of 2 web link

³⁾ BSI: Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security)

Our new website

Convince yourself of our passion for professional IoT and M2M data communication.

We look forward to you!