Since the early 2000s, researchers and a variety of adversaries, ranging from cyber criminals to nation-states, have turned their attention to discovering and exploiting vulnerabilities in industrial control systems (ICS), which control infrastructures ranging from electricity grids to manufacturing facilities. Every 60 seconds a business will have a cybersecurity breach. Some of the breaches are just hackers testing their skills, other breaches focus on extracting sensitive information or planting viruses to cause financial and business disruptions to companies and critical infrastructure. In today’s industrial environments, it is not a question of “if” a company will be breached, it is the question of “when”. Enacting a business continuity plan during a cyber event will help companies contain and understand the impacts of the breach or effects on operations. When companies know how to respond internally to maintain operations and have defined and clear roles of stakeholders, the whole event can be contained and limit the losses incurred. The key to having an effective plan and implementation is training and practice. Building an effective business continuity plan means testing the response and identifying best practices.
CYBERSEC 590: Advanced Topics in Cybersecurity/Industrial Technology and Cybersecurity Analysis