Question

This week we will be continuing our journey to develop and communicate a cyber-security improvement plan in our case study assignment for PureLand Chemical. During week-4, we’ll be developing and submitting a description of the threats and vulnerabilities facing PureLand Chemical.

1. First, read the document titled,  COMMON VULNERABILITIES IN critical infrastructure control systems.pdf  available in Blackboard or u can directly search in google. This document will provide an overview of common vulnerabilities of ICS systems.

2.Using the information in the common vulnerabilities document in addition to your own knowledge of PureLand Wastewater, write a one page summary of the threats and vulnerabilities for PureLand Wastewater.

3.This threats and vulnerabilities assessment will be a part of your cyber-security improvement plan and you should strive to provide a clear and concise description of threats and vulnerabilities facing PureLand Wastewater with a detailed description of APTs

Submit to blackboard your threats and vulnerabilities document in the assignment thread provided.

Answer 1

Threats & Vulnerabilities for the Pure_Land_wastewater:

As per analysis, there have been different threats and the vulnerabilities which are not reflecting any priority or the severity of the impacts. These are grouped under the following:

The Data:

The sensitivity of the PCS data has been never observed. It has a major secured information with the proper identification of the data into the category of sensitivity. The communication links are mainly to handle the secured connection with the database protection. The category of the vulnerability is based on the default configuration of the OS with the administration setup where there is no saving of the passwords as well as there have been indefinite platform setups and the passwords are not easily shares on this platform.

The security Administration:

For the handling of the different security policies, there is a need to include the integration and the effectiveness of the PCS which is basically directed to the security administration. The policy and the procedures are for implementation, operation and the maintenance. There has been effective policy and also the security atrophies that direct to line the products of the security free legacy environment. There are explorations based on the contribution for the security furthermore as training the workers for the prices and also the different reasons.

Architecture:

The architecture has been supported the together with of the info storage and also the controlling. There are failure points that aren't just for the vulnerability however also for the modern architecture. the security and also the fireplace has been integrated into PCS with the various measure and also the control systems.The combination is mainly for compounding the potential for the intrusion furthermore because the disruption.

Network:

The vulnerabilities rely upon the system with the implementation relying on the protocol setup with the lower bandwidth of the channels of data. The configuration of the passwords are effective with the technology setup just like the local area network, routers and also the firewalls. These have the vulnerability for the administrative deficiency beside insecure configuration and management of the PCS network. the main factor has been the connection between the PCS and also the external network system.

Platforms:

The analysis is based on setting proprietary and non-proprietary with the specifications just like the remote telemetry units and also the intelligent electronic devices with the measurement of the hardware. The devices are set for the specialisation of the hardware with the set functionality with totally different operational requirements. The password control and also the detection is principally supported the accessing of the configurations to the RTUs--Remote telemetry units. These are in the main set for the development and also the deployment of the program software.