Unrestricted / © SiemensAG 2016. All Rights Reserved.

Best Practice for Security.

Organizations should address the following

•

Board level support

•

Security Policy, Security Management ,

Processes, Audits

•

Definition of roles and responsibilities

•

Competence & competency management

•

Inventory of Cyber assets (including

subsystems, network devices, software);

•

Cyber security risk assessment.

•

Implement Security

•

Network segregation into Zones

•

Defence in Depth

•

Maintenance policy to keep system up to date;

•

Backup and host protection (e.g. antivirus,

application white listing) management

•

Patch upgrade management

•

Incident response and disaster recovery plan;

•

Ongoing threat monitoring and response

Manage

Security

Assess

Security

Implement

Security

Manage

Security