Risks

Risk can be defined as the probability of a successful exploit and the associated loss thereafter. While a security vulnerability is innate to a platform, risk refers to the chances of that vulnerability being exploited to cause the anticipated damage. For example, an industrial computer used to process accounting data may be running an application with known authentication and remote access control defects. If this computer is air-gapped, the risk associated with these defects is almost negligible. However, when connected to the internet, the associated risk increases by a great degree (IOT-SEC).

Risks can be managed by using threat modeling (which will be described in Chapter 2, Industrial IoT Dataflow and Security Architecture), which helps to ascertain the possible exposure, impact, and overall cost associated with an exploit. It also helps to estimate the importance of the exposure to the attackers, their skill levels to launch the attack, and so on. Risk management practices help to deploy mitigation strategies proactively.

Some examples of ICS risks that have been introduced by brownfield IoT deployments are:

• The adoption of open-standard protocols and technologies with known vulnerabilities
• The connectivity of the control systems to external networks and data centers
• Insecure and rogue connections
• Widespread availability of technical information about control systems