Industrial Internet Security Framework v 1.0 | Page 35

Security Framework

5: Managing Risk

Managing IIoT security involves coordinated action within the organization, and focus on rapid
response to ensure timely execution of security tasks.

Figure 5-1 Trustworthiness Management Considerations

There is considerable complexity in orchestrating security responses, and the problem space
quickly becomes a multidimensional challenge. Security measures should be able to adapt as
needed to continually changing threats and system configurations (adaptivity), provide
responses that will minimize the impact on the IIoT system if a security threat does materialize
(responsivity), and enable different organizations work together to ensure the early identification
of security threats (cooperativity). 1
Security must be adaptable to maintain effectiveness over time. Security management must
adapt to the changes in the environment, new threats to which the system is exposed, and new
vulnerabilities that are found. Threats should be dealt with before they materialize.
To achieve this, management, engineering, operations and human resources need to cooperate
continually. In addition to choosing the improvements to make based on systematically
identifying the new threats and other changes to which the system is exposed and assessing the
risks they present, they must establish improvement practices for cyberspace, physical space,
and operational management, and formulate implementation plans based on these
improvement practices. An important factor in this work is risk assessment.
Formulation of a rapid response when an incident occurs, based on an assessment of the scope
of the security threat, is important to protect systems and minimize damage.

1

See [HIT-ISA-65-5] and [IEC-FOTF]

IIC:PUB:G4:V1.0:PB:20160926

- 35 -