Special Considerations for Human Factors in Industrial Control System Security
Looking back over papers, publications and standards for the security of Industrial Control Systems (ICS), it is striking how little human factors featured in the early days. Very extensive discussions of ‘Defence in Depth’ took no real notice of the risk to systems from poor security awareness, lack of training or malicious or casual behaviour. More recently, human factors have been recognised as a significant factor in securing ICS, but even now there has been relatively little consideration of this as much more than a footnote to detailed technical analysis and recommendations. This article examines the key considerations, develops them into some areas which may not be immediately apparent, and highlights the ways in which human factors in ICS security may differ from the security of conventional IT systems.
Please sign in or register for FREE
Sign in to E&T Cyber Security Hub
Register to E&T Cyber Security Hub
E&T Cyber Security Hub brings together engineers and cyber security specialists to share practical know-how. With content created ‘by engineers, for engineers,’ it provides peer-reviewed technical information, real-world insights, lessons learnt and case studies, as well as tools for networking and knowledge-sharing, profiles of experts and the opportunity for companies to showcase their expertise.