Industry Needs Successful ICS Cybersecurity Case Studies – What Works and What Doesn’t

By Eric Cosman

ARC Report Abstract

Industrial control systems (ICS) cybersecurity has been a subject of discussion for several years. It is now generally accepted that all asset owners should make protecting these systems from malicious software and deliberate attacks a high priority. Moreover, a wealth of information (standards, recommended practices, and other guidance) is available detailing what should be included in a comprehensive cybersecurity management system.

Beyond the fundamentals of identifying and characterizing normal asset operation, much of this information focuses on risk management. Those responsible for protecting systems must identify and understand threats, mitigate known vulnerabilities, and identify potential consequences of attack. Consequences can be theoretical, but the maximum benefit comes from having realistic scenarios based on actual experience.

Where Are the Cybersecurity Case Studies?

Cybersecurity Case Studies casestudy.JPGMost would agree that there are real benefits from learning from the experience of others. This is the basis of benchmarking exercises in many other areas. Unfortunately, there has been considerable reluctance among asset owners to share information about certain elements of cybersecurity risk. While suppliers and researchers often share information about threats and vulnerabilities, asset owners are often unwilling or unable to share details of their response for fear of having this information fall into the hands of attackers.

While this is certainly a valid concern when talking about details, it is possible to obfuscate many of these details to create general case studies that still have significant learning value.

End Users Share Their Cybersecurity Case Studies at ARC Forum

ARC Advisory Group is actively helping asset owners to share their success stories in many ways, including presentations and panel discussions at the 2018 ARC Industry Forum in Orlando, Florida, Feb. 12-15.  In addition to our series of cybersecurity workshops on Monday, February 12, there are several cybersecurity case studies and presentations scheduled in our cybersecurity track throughout the week. These presentations cover a broad range of industries from power transmission and utilities to smart cities, refining, and oil and gas.  For more information on our the forum or our cybersecurity workshops and sessions, please email Mark Luciw at

By shifting the conversation from what should be done to what has been done and proven effective, we can advance the state of our security as a community.

ARC Advisory Group clients can view the complete report at ARC Main Client Portal or at ARC Office 365 Client Portal

If you would like to buy this report or obtain information about how to become a client, please Contact Us

Keywords: Case Studies, Cybersecurity Management, Metrics, Successes, Use Cases, ARC Advisory Group.


Engage with ARC Advisory Group