classic | mobile


SA Instrumentation & Control Buyers' Guide

Technews Industry Guide - IIoT 2018

Technews Industry Guide - Maintenance, Reliability & Asset Optimisation


The 5 stages of cybersecurity awareness
October 2018, IT in Manufacturing

Standards committees and other industry groups have developed and promoted several conceptual models that describe a stepwise approach to cybersecurity for industrial control systems (ICS). These models address the people, pro-cess, and technology elements of the cybersecurity response.

Before any of these recommendations can be implemented, managers must first understand and accept the risks they face and the potential consequences. An understanding of human behaviour can help.

The Kübler-Ross model (often referred to as ‘The Five Stages of Grief’), describes a progression of emotional states associated with traumatic events. This model offers an interesting way to understand (and thus better address) these industrial cybersecurity-related challenges.

Applying the Kübler-Ross grief model to cybersecurity

At first glance the Kübler-Ross grief model may appear to have little to do with how we manage the security of automation systems. However, there are parallels between it and acceptance of the growing threat of cybersecurity attacks or compromises of automation systems used in the critical infrastructure.

Stage 1: Denial

When asked about programs and levels of preparedness in the face of potential attacks or compromise, common responses heard include: “We are not a target.” “Why would anyone attack us?” or “We are not connected to the Internet.” The assumption that responsibility for cybersecurity rests exclusively with the IT department is also a form of denial.

Stage 2: Anger

When presented with these realities, it is common for managers to express anger or frustration. This is almost certain to happen in the wake of an actual attack or incident that negatively impacts critical systems. This is evident from the types of questions that responsible managers will pose to their staff. Examples include:

• Why didn’t you warn me about the risk of network connections?

• Can’t we meet the legitimate needs of the business in a secure manner?

• Why have we allowed sloppy practices such as the sharing of portable media to increase the risk to our systems?

Managers may ask questions like these even after previously refusing to heed warnings and provide the resources needed to improve the security of key systems before an incident occurs. This can in turn lead to frustration on the part of cybersecurity professionals whose advice was not taken.

While both responses are understandable, they do little or nothing to address the real problem or improve the situation. Rapid response is necessary not only to address the immediate risk, but also to protect systems in the face of evolving risk. Additional threats and vulnerabilities will emerge over time, possibly resulting in even more serious consequences.

Stage 3: Bargaining

Identifying, analysing, and selecting solutions to improve system security typically includes various types of bargaining. Internal and external discussion and dialog in this phase revolve around a fundamental assertion: “If we take certain steps now, will they increase our protection and mitigate consequences?” Of course, the difficulty is in determining exactly which steps or measures are ‘right’ or most appropriate for the situation.

This may be the most interesting and dangerous stage, as it requires steadfastness in the face of urgency. It is essential to reconcile input, opinions, and proposals from different stakeholders and advisors, each that will bring their own perceptions, biases and agendas.

The most critical need at this stage is for a well-defined and proven process for identifying and evaluating proposed solutions. The key input to this process is a clear set of constraints, expectations, and requirements. Where possible, the latter should be based on or derived from established industry standards and practices.

Stage 4: Depression

Unfortunately, threats and vulnerabilities are constantly evolving, and new attacks are reported regularly. Each new report triggers an exercise to reassess protective tools and processes, leading to further frustration and fatigue. At this stage it is common to become resigned to the inevitability of an attack or some type of cyber-related incident. This inevitability makes it essential to have a plan for response in advance.

To offset the natural discouragement, it is important to remain aware of not only successful attacks or incidents, but also the successes that others have had in mitigating threats or even preventing incidents.

Stage 5: Acceptance

Recognising the fact that virtually all computerised systems are at risk creates an environment for proper cybersecurity management. However, simple acknowledgment is not enough. It is also essential that managers understand that managing cybersecurity risk is no different than that required for any other type of risk, such as personal safety or handling hazardous materials. Many companies already have processes and procedures in these areas, and managers need to accept the need for a sustained cybersecurity response.

What this means for the asset owner

Industrial asset owners face a daunting challenge in defending and protecting the integrity of their automation systems. One of the first and perhaps most important milestones in successfully meeting this challenge is to understand and accept what can and cannot be changed.

Technical expertise is essential, but not sufficient. Experts must also have practical experience in industrial or operations environments to be most effective and avoid potential misapplication of specific solutions. They must be able to collaborate and work closely with their counterparts in other disciplines, such as automation and process safety.

Finally, members of the cybersecurity team must be able to effectively communicate with management and other non-technical personnel to help them understand the nature of the possible risks, the required response and the need for any changes in their behaviour.

For more information contact Paul Miller, ARC Advisory Group, +1 781 471 1141,,

Share via email     Share via LinkedIn   Print this page

Further reading:

  • New performance management ­solutions for intelligent valves and pumps
    January 2019, IT in Manufacturing
    While digital transformation has been getting its fair share of hype in recent years, end-users in the heavy process industries actually began digitising their plants decades ago with the introduction ...
  • Rockwell Automation drives digital transformation
    January 2019, Rockwell Automation, IT in Manufacturing
    New FactoryTalk InnovationSuite, powered by PTC, accelerates digital transformation strategies.
  • Flexible standardisation for data centres
    January 2019, Schneider Electric South Africa, IT in Manufacturing
    Schneider Electric has created flexible standardisation for data centre operators that allows the company to support the different sized deployments its customers require, while eliminating inconsistencies ...
  • Personalised, portable content with SKF Shelf app
    January 2019, SKF South Africa, IT in Manufacturing
    Digitalisation is changing industries and opening up new possibilities. We now have a wealth of information from a multitude of sources at our fingertips. But is it reliable? Having fast access to a trustworthy ...
  • Key digital transformation IT concepts for operations
    December 2018, IT in Manufacturing
    Rather than focus on the digital transformation IT concepts through a technical lens, this article looks at them in terms of their implication on industrial operations.
  • Data centre management as a service
    December 2018, IT in Manufacturing
    DMaaS aggregates and analyses large sets of anonymised customer data that can be enhanced with machine learning.
  • Operator guided solutions
    December 2018, Adroit Technologies, IT in Manufacturing
    At parts assembly production sites, where parts are picked from stock, it is almost inevitable that picking mistakes will occur. As parts become more complex and their component types increase, the problem ...
  • Software for low voltage distribution planning
    November 2018, ElectroMechanica, IT in Manufacturing
    New software from Hager facilitates planning and configuration of low voltage switchgear.
  • SKF ups the digital ante at ­Göteborg plant
    November 2018, SKF South Africa, IT in Manufacturing
    Swedish group, SKF, has been implementing digital transformation since 2015, investing close to €19 million to carry out its digital revolution at the Göteborg plant which has, for over a century, been ...
  • 3D software eliminates ­programming
    November 2018, ASSTech Process Electronics + Instrumentation, IT in Manufacturing
    More and more industrial users are discovering the potential of three dimensional software-aided object measurement. With the VisionApp 360 software, Wenglor now offers a smart tool that makes 3D object ...
  • Advanced data management from Siemens
    November 2018, Siemens Digital Factory & Process Indust. & Drives, IT in Manufacturing
    Siemens is innovating its data management software for process analytical technology (PAT) with Simatic Sipat version 5.1, which allows users to monitor and control the quality of their products in real-time ...
  • How adding services to products could start your journey towards an Industry 4.0 solution
    October 2018, Absolute Perspectives, This Week's Editor's Pick, IT in Manufacturing
    For manufacturers, digital transformation involves understanding a range of new technologies and applying these to both create new business and to improve the current operation. Industry 4.0 provides ...

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual


    classic | mobile

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.