One
problem that confronts a would-be cybersecurity practitioner is the
plethora of standards and initiatives that have been proposed by
various stakeholders. Secure NOK, a Norwegian cybersecurity consultancy
has done a great job of bringing all these together in context in its
‘Guidebook to current drilling control systems cybersecurity,’ a 67
page free download from Secure NOK.
The
Guidebook covers relevant standards for industrial control systems and
scada systems, from top level generic ISO 27001/27002 standards through
US NIST SP 800 standards, Norway’s Norsok/OLF derivatives and ISA/IEC
62443 standards for industrial automation control systems.
The ‘myriad’ standards can seem hard to understand and implement and are too often an exercise in ‘compliance’ rather than a contribution to cybersecurity. The Guidebook addresses technical cybersecurity, industry best practices and legal and compliance issues.
Drilling systems present a particular attack surface to hackers and DCSC does a good job of mapping the standards maze. To navigate your way through it, you may find you need help from Secure NOK’s consultants.
© Oil IT Journal - all rights reserved.