NIST CSF for Industrial Control Systems Security

Industrial control systems face growing cybersecurity risks. The NIST Cybersecurity Framework can help operators gain insight into their level of risk and how to decrease it.

Industrial control systems (ICS) play a critical role in maintaining and enriching modern life, from power delivery to pharmaceuticals. As they become increasingly interconnected and dependent on other systems, more attack vectors open for hackers to exploit, which can result in disastrous consequences.

To help ensure ICS operators adopt effective risk management strategies, the National Institute of Standards and Technology (NIST) has released the “Framework for Improving Critical Infrastructure Cybersecurity.” While the NIST Cybersecurity Framework (CSF) is not a one-size-fits-all solution for improving security resilience, its flexibility allows it to apply to a wide variety of ICS operators’ business structures and needs. It is less of a stringent guide on specific controls to assess and more of a methodology, which, when paired with a control framework, such as ISO/IEC 27000, COBIT 5, ANSI/ISA 62443, or NIST SP 800-53, can aid organizations in effectively addressing potential cybersecurity and control gaps.

ICS operators can use the framework to:

  • Adopt a common taxonomy to ensure efficient and effective communication
  • Create a target state for cybersecurity
  • Evaluate the current risk management program
  • Engage C-level and other management personnel in cybersecurity operations
  • Prioritize risk management activities to reach desired business and security outcomes

NIST CSF is comprised of five functions: Identify, Protect, Detect, Respond, and Recover. Respectively, these functions help ICS operators accomplish the following goals:

  • Understand the ICS environment to gain insight into the level of cybersecurity risk.
  • Implement safeguards to limit or contain cybersecurity event impacts.
  • Implement measures to quickly identify cybersecurity events.
  • Develop a response plan to effectively communicate, contain, and analyze incidents.
  • Restore functionality after a cybersecurity event.

Protecting ICS from cyber attacks is a matter of national security. For more information, read our white paper, Industrial Control Systems: Security in an Interconnected World.