Industrial control systems cybersecurity: Back to basic cyber hygiene practices

Industrial control systems (ICS)- the backbone of any modern nation’s critical infrastructure (CI) such as the water, energy, transportation and information and communication technology (ICT) sectors-have been subjected to considerable cyberattacks in recent times. This is exacerbated by the gradual convergence of the information technology (IT) and operational technology (OT) domains. This paper sought to establish the basic cyber hygiene practices to stop malicious cyber activities against connected OTs. Cyber hygiene practices refer to knowledge, attitudes and behaviours consistently put into practice to eliminate a few root causes responsible for many cyber incidents. A scoping technique was adopted to review ICS security studies conducted in the past ten years (2012-2022). The key findings indicate that many CI operators have poor password and access control policies for onsite and remote access to networks, do not perform system updates and patching as and when it is necessary to do so, do not actively restrict, segregate and/or separate access to ICS networks and devices, and do not conduct cybersecurity awareness training as frequently as they should. Lastly, due to legacy ICS networks, threat intelligence tools such as extended detection and response and similar others to monitor and detect, in real-time, anomalous behaviour on the networks are rarely utilised for cyber risk assessment on OT networks.