Question

Lisa oversees and monitors processes at a water treatment plant using SCADA systems. Administrators recently discovered malware on her system that was connecting to the SCASA system. Although they removed the malware, management is still concerned. Lisa needs to continue using her system and it's not possible to update the SCADA system. What can mitigate the risk?

Answer 1

To mitigate risks presented by malware in a SCADA system that cannot be updated, Lisa could implement a firewall, conduct regular antivirus scans, practice network segmentation, enforce strict access control policies, and engage in continuous monitoring.

Step-by-step explanation:

Lisa's situation involves managing risks associated with a SCADA system that cannot be updated and has been compromised by malware.

Since Lisa needs to continue using her system and updates to the SCADA system are not possible, she can mitigate these risks through several means. First, implementing a robust firewall can act as a barrier to prevent unauthorized access.

Second, ensuring that all other systems that connect to the SCADA network are free of malware through regular antivirus scans and updates can help mitigate risks.

Additionally, implementing network segmentation can protect critical parts of the SCADA system from potential breaches. It is also crucial to establish strict access control policies to limit who can interact with the system and to what extent.

Lastly, a continuous monitoring approach to detect and respond to any unusual activity in real-time is key in maintaining the security of the system.