| |December 20199- NERC CIP Reliability Standards - ENISA Appropriate Security Measures for Smart GridsIndustrial cyber security protocols are different from IT protocols. The security protection and detection tools in IT systems are generally probing by design and can cause production outage and physical safety issues. Core differentiation between industrial and IT systems needs to be considered before applying security controls. Some of the critical cyber security controls that are relevant for the success of industry 4.0 are listed below:1. Identification of a digital transformation leader2. Assembling a team of technology professionals who have operations technology and information technology background3. Providing cyber security training and awareness for the employees at all levels (factory supervisors, field technicians, architects, information technology professionals etc.)4. Document the end to end data flow and identify any gaps5. Perform risk assessment to identify and prioritize the mitigation of security risks6. List out and categorize the operations and IT assets7. Ensure that the assets from OT systems are safely integrated with IT systems8. Identifying and patching for vulnerabilities in industrial devices, controllers and SCADA systems needs special attention 9. Assets must be cleaned with secure wiping techniques before disposal10. Encryption of data based on the protection levels and compliance needsAs with any major shift in any technology, industry 4.0 has its own benefits and risks. Organizations can mitigate the risks by adopting strategic and tactical methods and prepare themselves in a planned manner for success. As with any major shift in any technology, industry 4.0 has its own benefits and risks. Organizations can mitigate the risks by adopting strategic and tactical methods and prepare themselves in a planned manner for success
< Page 8 | Page 10 >