Search :       login

IT Shortlist Business Intelligence CAD/CAM/CAE Consultancy / Services CRM Enterprise Systems Factory / Plant Systems IT & Network Infrastructure Planning / Scheduling Process Systems Product Data Management Supply Chain Systems Time & Attendance / HR Design Engineering Production Engineering Electronics Design Plant & Manufacturing News Reference Zone Engineering Design CAD/CAM/CAE Shop Floor Systems Process Systems Enterprise Systems Lean / Agile Systems Supply Chain IT & Network Infrastructure Integration Consultancy / Services Industry Sectors Comment / Opinion Jobs Events Advertiser Services Direct Marketing services How to Advertise

Systems running manufacturing infrastructure need risk analysis 28/04/2008   Critical manufacturing infrastructure is increasingly at risk from IT vulnerability, according to a new study by the Information Security Forum (ISF), an association of 300 businesses and public sector organisations. Author of the report Mark Chaplin, says it’s not just about business systems, and that everything from transport systems and utility networks to manufacturing production facilities and financial transaction networks are at serious risk. “While the increasing dependence on IT may make this seem rather obvious, the relationship between information systems and critical infrastructures is frequently overlooked,” says Chaplin. And he adds: “It appears that information security professionals are rarely involved in the design, planning, implementation and management of infrastructure components, such as production lines, support networks and electricity supply, heating and ventilation equipment. This has to change.” The report, ‘Securing Critical Infrastructure’, focuses on infrastructure associated with four different categories, each of which, says the ISF, could be adversely affected by a failure or compromise of information systems – manufacturing operations, telecoms, utilities and building controls. It identifies major external threats as hacking, espionage and denial of service attacks, while internal threats include human error, malicious misuse and fraud. The report makes the following recommendations: STEP 1: Identify the organisation’s critical infrastructure. Gain a high level and enterprise-wide view of infrastructure used by the organisation. STEP 2: Determine the information systems that support the critical infrastructure. Maintain an inventory of relevant information systems and establish roles and responsibilities of individuals who own and run critical infrastructure. STEP 3: Perform an information risk analysis of information systems that support critical infrastructure. STEP 4: Establish a framework of controls to secure the critical infrastructure – including developing a control framework for information systems that support that infrastructure; applying a balanced set of controls to information systems; reducing single points of failure; addressing the power requirements of these information systems; and managing third parties that are involved with critical infrastructure.   Author Brian Tinham   Email this article   Bookmark this article using:   Del.icio.us digg reddit Facebook StumbleUpon   Similar News Articles     GSS warns that WiFi security is no longer secure     Anywhere, any time is cloud computing’s strength – and weakness     IBM to bail out HP security software users     First Cyber Security warns of poisoned DNS caching issue     Cyber security initiative to address global critical infrastructures     Similar Reference Zone Articles     Network practice     Wireless world     Mobile IT: for real     Unlocking business with cyber security     Netting material improvements

Contact Us  |  About Us  |  Careers @ MCS  |  Site Map  |  Terms & Conditions  |  © Findlay Publications Ltd 2008  |  Login  |