Manufacturing System Categorization and Risk Management
OPERATIONALIZING CYBER RESILIENCE
Each Manufacturer’s organizational risk is unique. A Manufacturer’s risk management must inform and prioritize cybersecurity decisions. To manage cybersecurity risk, a clear understanding of the business drivers and security considerations specific to the Manufacturing organization (business and operations), the Manufacturing System and its environment including its supply chain is required. Recurring risk assessments and validation of business drivers help Manufacturers select target states for cybersecurity activities that reflect desired outcomes.
Manufacturing Business and Mission Objectives must be aligned to a focused set of cybersecurity controls structured into three levels of security (Low, Moderate, High) applied to the manufacturing system to support critical business goals, and achieve and sustain cyber resilience.
These designations identify the security capability, functionality, and specificity for a defined risk level. Manufacturing systems or components are categorized to the Low, Moderate, or High security levels.
Categorization is based on the potential impact if a security breach jeopardizes the manufacturing system or components, operational assets, individuals, or the organization. Security categorizations are used in conjunction with vulnerability and threat situational awareness intelligence information (accessed through the Global Manufacturing ISAO (GM-ISAO) in order to assess and mitigate the risk to the organization. The application of the definitions of the levels below must take place within the context of the organization, the facility and the manufacturing system.
The potential impact is LOW if the loss of integrity, availability or confidentiality could be expected to have a limited adverse effect on manufacturing operations, assets, personnel, the general public, or the environment.
The potential impact is MODERATE if the loss of integrity, availability or confidentiality could be expected to have a serious adverse effect on manufacturing operations, assets, personnel, the general public, or the environment.
The potential impact is HIGH if the loss of integrity, availability, or confidentiality could be expected to have a severe or catastrophic adverse effect on manufacturing operations, assets, personnel, the general public, or the environment.
SECURITY CATEGORIZATION PROCESS
The security categorization process influences the level of effort expended when defining, designating and management the risk levels. Manufacturing systems supporting the most critical and/or sensitive operations and assets demand the greatest level of attention and effort to ensure that appropriate operational security and risk mitigation are achieved.
The process is scalable and supports intensifying security protections when needed, while maintaining a conventional baseline. Each higher security level builds from the baseline starting the the LOW designation. The MODERATE and HIGH designations each include all of the stipulations from the levels below.
Each security level is positioned as the platform to support the next higher level implementation or categorization. Security level implementation starts with LOW and increases in rigor through MODERATE and HIGH implementations. The LOW security level represents the starting baseline for all manufacturing systems. The MODERATE security level will implement the LOW security guidance as well as the Moderate. The HIGH security level implements all of the LOW and MODERATE guidance as well as the HIGH inputs.