Featured Image

Building an Advanced Cybersecurity Plan: Risk Assessment and Vulnerabilities Testing

Any cybersecurity implementation involves a trade-off between a company’s tolerance for risk and the effort and costs associated with protecting the company’s resources and customers. Learn how to assess risk and test for vulnerabilities in your network.
Jan 26, 2023

Any cybersecurity implementation involves a trade-off between a company’s tolerance for risk represented by a security attack and the effort and costs associated with protecting the company’s resources, reputation, customers, and personnel.

One of the most valuable network design concepts implemented as part of an advanced cybersecurity plan is segmenting the network into discrete functional areas or processes. This typically goes beyond separating the IT portions of the network (office) and the OT portions of the network (manufacturing operations) – portions of either network environment may be more risk tolerant than others. When this architecture is implemented, security tools can then be effectively implemented to control access and the flow of information across the boundaries between segments. Separate unique risk assessments can then be defined for each network segment – applying the appropriate level of effort and cost for each network segment.

A company’s cybersecurity plan should include a variety of approaches for testing network security vulnerabilities. Software tools for testing vulnerabilities should include:

  • Tests for the effectiveness of access control to the network (internal and external) and across network boundaries

  • Identification of equipment added/removed from the network

  • Identification of software added to the network or equipment attached to the network

  • Tests that evaluate the effectiveness of tools used to detect infected software

  • Tests to evaluate personnel response to suspicious emails and internet sites

  • Tests to assess personnel response to various types of network security breaches

Other tests may also be appropriate depending on the requirements of individual companies. Additionally, vulnerability testing should include manual actions intended to stress other functions associated with network security – detection of unauthorized access to network equipment, detection to determine when unauthorized equipment is connected to the network, test system response when key pieces of equipment are removed from the network, etc.

Any vulnerabilities detected should be identified as an incident and addressed as part of the network maintenance and incident response procedures defined in the company’s cybersecurity plan.

Vulnerabilities testing is typically reviewed and assessed for effectiveness when first implemented. However, it is important to periodically re-assess the vulnerabilities testing portion of an advanced cybersecurity plan and the tools implemented to ensure all practices, procedures, and tools effectively address all current types of security threats. Any process, procedure, or software/hardware found insufficient should be upgraded/replaced as soon as possible.

Periodic reviews should also evaluate whether the original risk assessment applicable to each network segment is still valid, or if the implementation needs to be upgraded for specific portions of the network architecture.

Each assessment and each periodic review should be fully documented and reviewed by management with oversight responsibility to ensure that the security plan is implemented and functioning as intended.

For more details on addressing maintenance and incident response relative to cybersecurity, you may want to reference Section 3.11 Risk Assessment and Section 3.12 Security Assessment of NIST standard SP 800-171.


For more on this topic, we invite you to explore the Building an Advanced Cybersecurity Plan article series.

Part 1: Engagement and Reinforcement

Part 2: Interaction Mapping

Part 3: Access Control

Part 4: Electronic Media Protection

Part 5: Identification and Authentication

Part 6: Activity Logging, Auditing, and Traceability

Part 7: Network Resource Configuration Management

Part 8: Communications, Network, and Database Security 

Part 9: Personnel and Infrastructure Security

Part 10: Maintenance and Incident Response

Part 11: Risk Assessment and Vulnerabilities Testing

PicturePicture
Author
John Turner
Director of Technology for FA Consulting & Technology (FAC&T) and member of the MTConnect Institute.
Recent technology News
A company's cybersecurity plan requires constant monitoring and maintenance in order to effectively detect, analyze, contain, recover, and prevent attacks. Learn what steps personnel should take when an incident is detected and how to maintain the system.
You can set up free machine monitoring in as little as 30 minutes using a tool created by the great folks at Oak Ridge National Laboratory (ORNL)...
Ultra-premium, bougie digital twin. Michigan incentivizes industry 4.0 embrace. Metal health. "Go hug a driver or hug a worker in a distribution center."
A key aspect of any advanced cybersecurity plan is oversight and management of company and supplier personnel to address events originating within a company – intentional or not. Find out what considerations should be made when implementing your plan.
Implementing a cybersecurity plan includes deploying specific security functions to provide communications, networking, and database security. Learn what key factors to consider, what new technologies are being overlooked, and more for your implementation.
Similar News
undefined
Technology
By Stephen LaMarca | Mar 24, 2023

Machine tending with cobots. ChatGPT’s reinforced position in manufacturing. Don’t bank on EVs just yet. Emerged technology. AddUp sends support to Ohio.

5 min
undefined
Technology
By Benjamin Moses | Mar 17, 2023

Collaboration = manufacturing. Check your chips. Who doesn’t like new materials? 5G in manufacturing. We are living in the future.

5 min
undefined
Technology
By Benjamin Moses | Mar 10, 2023

Innovation is driven by diversity. What does collaboration mean? Energy for wearable tech. ​Hole technology. Wake me up before you grow-grow.

5 min