Responding to and Recovering from a Cyber Attack: Cybersecurity for the Manufacturing Sector

Industrial control systems (ICS) and devices that run manufacturing environments play a critical role in our nation’s economy. Manufacturers rely on ICS to monitor and control physical processes that produce goods for public consumption. These same systems face an increasing number of cyber attacks, presenting a real threat to manufacturing safety and production. Though defense-in-depth security architecture can help mitigate cyber risk, it may not entirely eliminate it. Organizations should have a plan to recover and restore manufacturing operations should a cyber event impact plant operations. The NCCoE, together with the NIST Communications Technology Laboratory and industry collaborators, will demonstrate an approach for responding to and recovering from an ICS attack within the manufacturing sector by leveraging the following cybersecurity capabilities: event reporting, log review, event analysis, and incident handling and response.  The NCCoE will implement each of these capabilities in a discrete-based manufacturing work-cell that emulates a typical manufacturing process. The project will result in a freely available NIST Cybersecurity Practice Guide.