Maintenance Technology July 2017 - 31

CYBERSECURITY

Crucial steps

What's an operation to do? Andrew
Kling points to these specifics:

Adhere to a
'Best Practices'
Cyber Framework
IN 2013, THE UNITED STATES'
National Institute of Standards and
Technology (NIST, Gaithersburg, MD,
nist.gov) was tasked with developing
a framework that would become an
authoritative source for cybersecurity
best practices. Other countries have
similar standards or are actively working
on versions. In some places, such
as France, these standards carry the
weight of law.
According to Andrew Kling, director
of Cybersecurity and Software Practices
for Schneider Electric (schneider-electric.
com, Andover, MA), the standards that
emerged from the NIST framework
established an ordered, structured
approach to addressing cybersecurity
challenges and helped translate vague,
fear-based concerns into commonsense
risk analysis, risk-tolerance assessment,
and risk avoidance.
"Confronting the cybersecurity
challenge as part of a focused riskmanagement program," Kling noted,
"allows an organization to take on one of
the biggest threats to its ability to deliver
shareholder value. For plants to operate
profitably, they must protect the reliability
of their assets and operations. Cybersecurity attacks threaten their reliability,

which in turn jeopardizes their ability to
turn a profit."
He explained that, while the set of
core cybersecurity practices necessary
to manage cyberthreats are well known,
there are still barriers to adoption. For the
most part, these obstacles are related to
an improper understanding of the risks
at hand, as well as to an organization's
ability to resist them.
Consequently, despite regulatory
and risk-management incentives, Kling
said finding companies that effectively
address cybersecurity is rare. To his
way of thinking, it's time to change the
conversation away from the fear of a
cyber attack to something understood
in all boardrooms: How do cyber attacks
threaten the reliability of plant assets and
operations and their ability to contribute
to the bottom line.
This requires managers to know and
understand their plants' cybersecurity
positions and appetites for risk tolerance.
This information helps them recognize
the difference between where they are
managing cyber risks and how much gap
there is to close. Here's where a strategy
to improve an operation's cybersecurity
readiness through comprehensive
security-risk management pays off.

For more information, visit schneider-electric.com and/or nist.gov/cyberframework/.
JULY 2017

■ Discuss and understand your riskmanagement plan and objectives
(which usually means protecting
your ability to produce).
■ Locate responsibility for risk
management in your organization
so that decision making, execution,
and incident response are efficient
and successful. Assess your riskmanagement workflows.
■ Ascertain the value of your manufacturing processes and assets to your
organization and potential attackers.
Basically, you need to calculate your
security risk. For example: If the
plant were to go down for a day due
to a cyber attack, loss of production
would equal $X.
■ Model the cyber-threat landscape.
Analyze threats specific to your
industry and your plant. Remember
that threats are constantly evolving
as new skills, techniques, and tools
emerge. You might need expert help.
■ Determine where security-riskmanagement functions should
integrate into your organization's
infrastructure. These functions can
take many forms, i.e., risk avoidance,
mitigation, acceptance, and/or
transference.
■ Construct a cybersecurity plan that
lets the organization respond to an
evolving threat landscape. Analyze
options to the plan and rank the
effectiveness of its elements in
reducing risks.
■ Prioritize and execute the plan
to manage your organization's
cyber risks.
■ Keep in mind that program
elements, such as bug patching and
threat monitoring, are continuous. A
cybersecurity risk-management plan
isn't a single event, but a continuous
operation.

In short, have a plan, execute it,
measure its effectiveness, and, if
necessary, adjust it. Taking these
simple steps to manage your
cybersecurity risks can have a
significant impact (in a good way)
on your bottom line. MT
-Jane Alexander, Managing Editor
MAINTENANCETECHNOLOGY.COM | 31


http://www.nist.gov http://www.schneider-electric.com http://www.nist.gov/cyberframework/ http://www.MAINTENANCETECHNOLOGY.COM

Table of Contents for the Digital Edition of Maintenance Technology July 2017

Editorial
Uptime
On The Floor
Powering Auto Production
Following The North Star
Flying Inspections
Untangle Compressed Air Misconceptions
Change Your Lubrication Mindset
HMI-Design Essentials For Today's SCADA Systems
SAP: Tips and Tricks
Cybersecurity Best Practices
Bearing Storage
Interpreting IP Code
Noisy Pumps
Move From Time- to Condition-Based Lubrication
CMMS Energizes Maintenance Efforts
Products
Ad Index
Showcase
Final Thought
Maintenance Technology July 2017 - 1
Maintenance Technology July 2017 - Cover1
Maintenance Technology July 2017 - Cover2
Maintenance Technology July 2017 - 1
Maintenance Technology July 2017 - 2
Maintenance Technology July 2017 - 3
Maintenance Technology July 2017 - Editorial
Maintenance Technology July 2017 - 5
Maintenance Technology July 2017 - Uptime
Maintenance Technology July 2017 - 7
Maintenance Technology July 2017 - On The Floor
Maintenance Technology July 2017 - 9
Maintenance Technology July 2017 - Powering Auto Production
Maintenance Technology July 2017 - 11
Maintenance Technology July 2017 - 12
Maintenance Technology July 2017 - 13
Maintenance Technology July 2017 - 14
Maintenance Technology July 2017 - Following The North Star
Maintenance Technology July 2017 - 16
Maintenance Technology July 2017 - 17
Maintenance Technology July 2017 - Flying Inspections
Maintenance Technology July 2017 - 19
Maintenance Technology July 2017 - 20
Maintenance Technology July 2017 - 21
Maintenance Technology July 2017 - Untangle Compressed Air Misconceptions
Maintenance Technology July 2017 - 23
Maintenance Technology July 2017 - 24
Maintenance Technology July 2017 - Change Your Lubrication Mindset
Maintenance Technology July 2017 - 26
Maintenance Technology July 2017 - HMI-Design Essentials For Today's SCADA Systems
Maintenance Technology July 2017 - 28
Maintenance Technology July 2017 - 29
Maintenance Technology July 2017 - SAP: Tips and Tricks
Maintenance Technology July 2017 - Cybersecurity Best Practices
Maintenance Technology July 2017 - Bearing Storage
Maintenance Technology July 2017 - Interpreting IP Code
Maintenance Technology July 2017 - Noisy Pumps
Maintenance Technology July 2017 - Move From Time- to Condition-Based Lubrication
Maintenance Technology July 2017 - 36
Maintenance Technology July 2017 - 37
Maintenance Technology July 2017 - 38
Maintenance Technology July 2017 - CMMS Energizes Maintenance Efforts
Maintenance Technology July 2017 - 40
Maintenance Technology July 2017 - 41
Maintenance Technology July 2017 - Products
Maintenance Technology July 2017 - 43
Maintenance Technology July 2017 - 44
Maintenance Technology July 2017 - 45
Maintenance Technology July 2017 - Ad Index
Maintenance Technology July 2017 - Showcase
Maintenance Technology July 2017 - Final Thought
Maintenance Technology July 2017 - Cover3
Maintenance Technology July 2017 - Cover4
https://www.nxtbook.com/atp/MaintenanceTechnology/epjulyaug2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epjune2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epfeb2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epjan2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovdec2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epseptoct2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epfebruary2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epjanuary2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epdecember2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovember2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epoctober2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epseptember2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epaugust2018
https://www.nxtbook.com/atp/MaintenanceTechnology/0818schneider
https://www.nxtbook.com/atp/MaintenanceTechnology/epjuly2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epjune2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epfebruary2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epjanuary2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epdecember2017
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovember2017
https://www.nxtbook.com/atp/MaintenanceTechnology/epoctober2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtsept2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtaugust2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjuly2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjune2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmay2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtapril2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmarch2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtfebruary2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjanuary2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtdecember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtnovember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtoctober2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtseptember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtaugust2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjuly2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjune2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmay2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtapril2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmarch2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtfebruary2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjanuary2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtdecember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtnovember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtoctober2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtseptember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTAugust2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJuly2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJune2015
https://www.nxtbook.com/atp/MaintenanceTechnology/M
https://www.nxtbook.com/atp/MaintenanceTechnology/0415endress
https://www.nxtbook.com/atp/MaintenanceTechnology/MTApril2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTMarch2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTFebruary2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJanuary2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTDecember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTNovember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTOctober2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTSeptember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTAugust2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJuly2014
https://www.nxtbookmedia.com