About This Chapter
Policies, Procedures, & Standards for ICS and SCADA - Chapter Summary
Those working in critical infrastructure must have a clear understanding of the policies and procedures applicable to ICS and SCADA systems. In this chapter, those who hold positions in this field or who are studying computer science will be able to define these policies and identify various agencies that play a role in such regulation. With the quick and engaging lessons taking ten minutes or less, it's easy to find the time to master this material. Once you've reviewed the materials in this chapter, you'll be able to:
- Provide examples of policies and procedures that should be in place to protect ICS and SCADA systems
- Describe technical measures that can be taken to protect these systems
- Recognize the series of publications developed by NIST regarding cybersecurity
- Describe the ISO/ICE series of standards
- Discuss the scope of ISA 99 and IEC 62443 standards
- Talk about additional security standards in specific industries
- Identify the defense in depth model
1. Organizational Policies & Procedures for ICS & SCADA Systems: Overview & Examples
In this lesson, we are going to look into the security policies and processes enforced in industrial networks (ICS/SCADA) organizations. Multiple such elements will be critically reviewed and we'll look into some specific examples as well.
2. Technical & Operational Policies & Procedures for ICS & SCADA Systems: Overview & Examples
What are the security policies and processes concerning ICS and SCADA systems at the technical and operational levels? This is what we will discuss in this lesson and provide specific examples along the way.
3. NIST Special Publication 800 Series: Definition & Purpose
What if cybersecurity came with an instruction manual? Thanks to NIST, it does! This series of special publications is used as the framework for many security policies and programs. Learn more about that in this lesson.
4. ISO/IEC 27000 Series: Definition & Purpose
Have you met the ISO/IEC 27000 series family? In this lesson, you'll discover what this series of standards is, its background, and its framework for information security that can be tied to any organization.
5. ISA 99/IEC 62443 Series: Definition & Purpose for ICS/SCADA Systems
In this lesson we will describe the purpose and scope of ISA99 (Industrial Automation and Control Systems Security) and IEC 62443 series of standards as applied to ICS and SCADA systems.
6. Security Standards for ICS & SCADA: Types & Overview
ICS and SCADA systems require higher security standards than traditional ones. In addition, electric services, oil and gas pipelines, the chemical sector and water works have additional guidelines they need to follow. In this lesson, we will present an overview of these guidelines and standards.
7. Defense in Depth Model in Critical Infrastructure: Definition & Layers
The Defense in Depth Model is a cybersecurity approach that can be applied to all IT systems. This lesson describes what defense in depth is, how it is deployed and what the future holds for Defense in Depth strategies.
Earning College Credit
Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.
To learn more, visit our Earning Credit Page
Transferring credit to the school of your choice
Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.
Other chapters within the Computer Science 330: Critical Infrastructure Security course
- Introduction to Industrial Networks & Control Systems
- Industrial Network Security & Threats
- Industrial Network Design & Architecture
- Network Protocols in Industrial Networks
- Risk Assessment & Vulnerability in Industrial Networks
- Implementing Secure Zones & Conduits in Industrial Networks
- Protecting Industrial Networks Using Security & Access Controls
- Detecting Threats, Exceptions & Anomalies in Critical Infrastructure
- Monitoring the Security of Industrial Networks
- Required Assignments for Computer Science 330