In this new project, the NCCoE, in conjunction with the NIST Engineering Laboratory (EL) and industry collaborators, will highlight how an organization can take a comprehensive approach to securing ICS within the manufacturing sector by leveraging the following cybersecurity capabilities: behavioral anomaly detection, security incident and event monitoring, ICS application whitelisting, malware detection and mitigation, change control management, user authentication and authorization, access control least privilege, and file integrity-checking mechanisms.
The goal of the project is to demonstrate an example solution that protects the integrity of data from destructive malware, insider threats, and unauthorized software within manufacturing environments that rely on ICS. The NCCoE will map the security characteristics to the NIST Cybersecurity Framework; the National Initiative for Cybersecurity Education Framework; and NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, and will provide standards-based security controls for manufacturers. Additionally, NIST will implement each of the listed capabilities in two distinct but related existing lab settings: a discrete-based manufacturing workcell and a process control system that resembles what is being used by chemical manufacturing industries. This project will result in a freely available NIST Cybersecurity Practice Guide.
Dispel is joined by collaborators CyberX, Dragos, GreenTec USA, ForeScout Technologies, OSIsoft, Radiflow, Tenable, TDi Technologies, and VMware in supporting the NCCoE.
Read more at: Star Local Media