The National Cybersecurity Center of Excellence has published a six-step approach to guide small manufacturers in implementing security segmentation in order to protect their operations from cyber attacks.
NCCoE, a unit of the National Institute for Standards and Technology, formulated the guide in accordance with the NIST Cybersecurity Framework, the institute said Thursday.
The paper was written by cybersecurity engineers Michael Powell of NCCoE, and John Hoyt, Aslam Sherule, and Lynette Wilcox of MITRE. According to their approach, information and operational technology managers at small manufacturing facilities should begin by conducting an inventory of their tech assets. They should also identify where the hardware, software and data resources should be located rather than were they have been designated.
Security zones should be created based on risk assessments of the hardware assets. Every security zone must be evaluated and assigned with a risk level, which will determine the kind of protection required for each zone, the NCCoE report stated.
IT managers of small manufacturers should map a communication network among the security zones, and then apply security controls such as remote access, firewalls, and behavior anomaly detection. The ultimate step is to design an architectural diagram illustrating each segmented security block.
On June 8, the Potomac Officers Club will host its annual Cyber Summit. To join the event, register by clicking on the image below.
