NCCoE Publishes White Paper to Guide Small Manufacturers on Security Segmentation

The National Cybersecurity Center of Excellence of the National Institute of Standards and Technology has published a white paper that offers a six-step approach to guide small manufacturers implementing security segmentation. According to the Security Segmentation in a Small Manufacturing Environment, small manufacturers operate with limited staff and resources, making them vulnerable to cyberattacks. 

The NCCoE introduces security segmentation as a cost-effective and efficient approach to mitigate cyber vulnerabilities, NIST said. The document, authored by cybersecurity engineers Michael Powell of NCCoE and John Hoyt, Aslam Sherule and Lynette Wilcox of MITRE, listed the benefits of security segmentation, including enhanced asset inventory management and network visibility and oversight. 

The six-step approach to implementing the security design is based on the NIST Cybersecurity Framework and the NIST IR 8183 Cybersecurity Framework: Manufacturing Profile. 

According to the paper, small manufacturers should begin with the creation of a tech assets list. After completing the inventory, manufacturers should conduct an informal assessment of the risks associated with hardware assets and create security zones where the assets will be grouped based on their operational functions, mission criticality levels or data sensitivity levels.

The next steps are determining the risk level for each security zone, identifying the communication requirements between security zones, applying zone security controls, and creating a logical security architecture diagram that shows the risk level and notations for security solutions that are implemented within each zone.

According to the paper, security segmentation will prepare manufacturers for additional security strategies like zero trust.