Industrial cyber threat landscape

The document discusses cyber security challenges for industrial control systems (ICS) and SCADA networks. As ICS were connected to networks and the internet, it increased opportunities for remote hacking and destruction. The disconnect between traditional IT security practices and operational needs of ICS led to vulnerabilities. Common security strategies like network isolation are no longer effective due to widespread connectivity. Recent attacks have shown that hackers can compromise ICS equipment directly and cause physical damage. The document argues industry must adopt new security technologies and policies tailored for ICS in order to address growing threats.

This document summarizes a presentation on cyber security in real-time systems. It discusses threats to industrial control systems and SCADA systems, and the differences between traditional IT and industrial control system cultures. It provides examples of attacks on industrial control systems and poor monitoring of SCADA systems. It suggests that security operations centers may provide common ground between IT and ICS. Finally, it discusses recent media reports relating to hacking of rail signaling systems and aircraft systems.

The document discusses upcoming security challenges for the Internet of Things (IoT) and introduces Warden, an autonomous security solution developed by Delve Labs. Current security strategies are insufficient for IoT due to a shortage of security professionals and incomplete asset visibility. Warden uses artificial intelligence to autonomously perform continuous vulnerability assessments without human supervision, scaling to cover all IoT assets. It aims to mimic expert methodology while reducing false positives through deep learning. Warden generates data to help prioritize issues and integrate with other tools via APIs.

This document is a draft version 0.4 of The IAONA Handbook for Network Security published by IAONA e.V. It was contributed to by various parties and organizations. The handbook aims to provide guidance on securing industrial automation networks, which require high availability and have more serious consequences from disruptions than typical office networks. It covers remote access methods, defining security terms and categories, descriptions of common network protocols and services, and a security survey.

This document discusses 10 important reports for managing vulnerabilities. It begins by explaining the importance of vulnerability management and having an accurate inventory of IT assets. It then describes the top 10 reports: 1. The Network Perimeter Map report provides a graphical view of the network topology and discovered devices. 2. The Unknown Internal Devices report lists devices discovered on the network that have not been approved, to identify rogue devices. 3. The SANS Top 20 Vulnerabilities report identifies the most common and critical vulnerabilities based on the SANS list. 4. The 25 Most Vulnerable Hosts report prioritizes remediation of the most at-risk devices. 5. The High Sever

This document summarizes 10 cyber security trend reports for 2019. Common trends identified across the reports include rises in crypto mining, state-sponsored attacks, security skills shortages, Internet of Things risks, cloud provider attacks, supply chain attacks, phishing as the primary attack vector, and increased regulations. The reports also highlight the importance of user awareness, basic IT hygiene, incident response readiness, and having adequate security resources.

The document discusses Darktrace's Enterprise Immune System technology, which takes inspiration from the human immune system to provide cyber defense. It uses unsupervised machine learning and advanced mathematics to learn what normal network behavior looks like and detect anomalies indicating threats. This self-learning approach can identify new threats that traditional signature-based tools miss. The system also automatically responds to threats with targeted digital responses. Darktrace's technology represents a new approach to cybersecurity that is better suited to today's sophisticated and unpredictable threat landscape.

Explore common vulnerabilities in building automation systems (BAS), how these vulnerabilities could be exploited, and steps that organizations can take to improve the cybersecurity of their BAS.

Using a smart building as their case study, Forescout Research Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. Key findings from our research include: • How the IoT is impacting the organizational threat landscape • The additional risks that IoT devices introduce • How to evolve your cybersecurity strategy for the age of IoT

Yokogawa offers a range of cyber-security solutions for control systems, including network security assessment, network and firewall design, PC/server and network device hardening, antivirus and patch management, backup and recovery systems, and network management systems. By seamlessly integrating these solutions with its proven control system solutions, Yokogawa is also aiming to meet its customers' needs for control system security management. Read more about Yokogawa’s approach to cyber security in this whitepaper.

Despite the amazing technologies available today in cybersecurity, organizations still struggle with the most fundamental challenge that has been around for decades: understanding all the devices, users, and cloud services they’re responsible for, and whether those assets are secure. These slides—based on the webinar hosted by leading IT research firm EMA and Axonius—explain why solving asset management for cybersecurity is becoming increasingly important, and why something so fundamental has quickly risen to the top of CISOs priority lists.

This document discusses cyber security for critical infrastructure and the importance of identifying unknown or zero-day vulnerabilities. It describes how fuzz testing, a technique that involves feeding unexpected input to a system to trigger crashes or failures, can be used to find these unknown vulnerabilities before attackers discover and exploit them. The document outlines a process for conducting unknown vulnerability management that involves identifying targets, testing devices using various fuzzing methods, and generating detailed reports of any issues found to facilitate rapid remediation. Fuzz testing maturity models are also discussed as frameworks for conducting comprehensive fuzz testing programs to systematically uncover previously unknown vulnerabilities in networks and devices.