DCS Cybersecurity Tips and Updates

Emerson's Rick Gorskie


Most of the process manufacturing facilities across the world is considered critical infrastructure. From the energy we consume to the medicines we take, manufacturers work to deliver these products as safely, reliably and efficiently as they can. And with the threat of cyber-attacks growing more common, cybersecurity remains a growing concern and focus.

Emerson’s Rick Gorskie has been sharing a series of Cybersecurity Moments. Although they are specific to the DeltaV distributed control system, much of the guidance is beneficial no matter what control or data acquisition system you might have. I’ll recap a few items from his recent posts in the Emerson Exchange 365 community here.

In a post, Cybersecurity Protection Starts at The Front Gate!, Rick opens highlighting the critical importance of the human element in cybersecurity:

No matter who you are or what your job title is, YOU are an integral part of the cybersecurity protection at your site. The very moment that you pass through the front gate, your cyber-related actions could possibly lead to the compromise of your site’s cyber-protection strategy. Human error is responsible for some of the worst data breaches on record and, because of a lack of cybersecurity awareness, organizations are risking their reputation, customer trust, and potentially their bottom lines when employees mishandle data.

Education of the plant staff in the collection of cybersecurity policies and procedures is critical. Some of these elements to highlight and continually reinforce include spear-phishing or phishing, indiscreet use of USB sticks, computer lock screens, unauthorized software downloads, and strong passwords (see Rick’s earlier post, DeltaV Secure Passwords: The Do’s and Don’ts). A security-minded culture must be built as a safety culture has been built, in the vast majority of manufacturing facilities.

In another post, New DeltaV Cybersecurity Course, he describes this training.

Based on the principles and guidelines of the DeltaV Security Manual, this course will prepare all students for implementing and maintaining cybersecurity solutions for their DeltaV control system. The audience for this school should be DeltaV System Administrators or IT-personnel responsible for implementing DeltaV security products. Additionally, this course will be valuable to those who frequently work with customers and their cybersecurity products and services.

Training topics addressed include:

  • Endpoint Security for DeltaV Systems
  • Application Whitelisting for DeltaV Systems
  • SIEM for DeltaV Systems
  • Network Security Monitor for DeltaV Systems
  • Automated Patch Management Service
  • Emerson Smart Firewall
  • DeltaV Firewalls
  • Backup & Recovery
  • More…

DeltaV system user can register for upcoming classes beginning the week of October 30 through November 30, 2017 or December 4 through December 8, 2017.

Make sure you are joined to the Emerson Exchange 365 community and a member of the DeltaV group to follow Rick’s ongoing series of cybersecurity insights, tips and news updates.

Posted Friday, August 11th, 2017 under Cyber-Security.

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz