15 - Sep 2020

Highlights the significance of Cybersecurity Monitoring at ICS Level 0. Regulation compliance targeted at 1,600 Israeli entities handling hazardous materials

In any given state or country, there are thousands of manufacturing plants and facilities which hold and use hazardous materials as part of their production processes. Failures in the production, storage or transportation systems of these plants may result in severe damage to public health and the environment. In most cases, these systems are operated, automated and controlled by computerized systems, or ICS (Industrial Control Systems), so a cyber event can potentially cause a failure or disruption in the computerized system and lead to a catastrophic hazardous materials event.

Examples of hazardous events that may occur due to a cyber incident:

  • Emissions of gases that endanger the public
  • Explosions of hazardous substances
  • Excursions of hazardous materials to the environment.
  • Hazardous industrial effluent to water sources or drainage systems

Recently, the Israeli Ministry of Environmental Protection presented a first of its kind cyber protection guide, to any plant or facility that stores or uses hazardous materials in its plant. The guide is based on the principles of defense theory by the INCD, which relies heavily on the American standards of NIST CSF regarding the security of computerized control systems, while adapting it to the world of industry and hazardous materials.


Level 0 Monitoring – a primary control measure

In several of its control mechanisms for cyber readiness, the guide explicitly refers to Level 0 monitoring as a key element to manage, detect and eventually overcome cyber incidents that may affect the control systems. Among these control measures, one may find level 0 monitoring in these categories:

  • Unidirectional connectivity
  • Advanced Access Control
  • Sealed Access Control
  • Prevention of malicious malware (IDS anomaly detection)

This guide proves yet again, that more and more regulatory agencies acknowledge and refer to Level 0 as an integral part of their cyber perception and methodologies. Level 0 allows safe remote monitoring, safe access control and out-of-band authentication that Industrial Control Systems are operating as intended. Without Level 0 monitoring, one is only as strong as its network is, while networks were proven time and time again to be vulnerable. if you want to be safe, start with Level 0.