What Is a SCADA Security Gap Analysis?
During a gap analysis, an expert will assess an organization’s SCADA security practices against best practices such as those outlined by the National Institute of Standards and Technology in SP 800-82, “Guide to Operational Technology (OT) Security.”
This sort of third-party assessment can help leaders attain a clearer understanding of their vulnerabilities, remove blind spots and improve their security posture. One gap that might be revealed is an ineffective patching process.
“Sometimes, the device as a whole has been updated to a certain level, but then the chip that’s inside that device is out of date,” says Carlos M. González, research manager of IoT ecosystem and trends for IDC. “So, in addition to inventorying their connected assets, organizations should conduct an inventory for their patching processes.”