There is typically a 15:1 ratio of industrial devices to enterprise devices within a manufacturing plant. The industrial internet of things presents opportunities for growth but also increased risks of disruption through threats like theft, natural disasters, unauthorized access, and malware. A defense-in-depth security approach is recommended, incorporating physical security, network segmentation, firewalls, authentication, and monitoring to protect industrial control systems.
This document provides lessons learned from implementing Active Directory domains in control system environments. It covers topics like time synchronization, DNS, Active Directory replication, domain controller maintenance, backup and restore, user and group guidelines, and ICS group policy. The key lessons are: accurate time sync is critical; DNS configuration on domain controllers must include the loopback address; Active Directory replication links need to be properly configured; flexible single master operations roles should be transferred before domain controller maintenance; individual user accounts should be used instead of shared administrator accounts; and group policy can be used to apply security settings to control systems. The presentation provides guidance on best practices, common problems encountered, and their solutions.
This document discusses an investor opportunity involving auditing industrial control systems (ICS) for security compliance based on the NIST SP 800-82 framework. It highlights the standard's 16 sections for assessing ICS security and provides brief explanations of requirements under sections like planning/policy/procedures, administrative controls, access control, and network architecture. The document promotes CyberDNA as a trusted partner that can help organizations meet the various technical and policy requirements for securely auditing and protecting their ICS environments.
This document summarizes a research paper that implemented a SCADA-based firewall to protect data transmission from external hacking devices. The paper first discusses a case study where an industrial control system was hacked 46 times. It then provides an overview of industrial firewalls and the differences between industrial and IT firewalls. The paper describes configuring a Tofino industrial firewall with SCADA-HMI and PLC assets. It tests the firewall by simulating scenarios without and with the firewall, showing the firewall prevents an attacker from accessing the PLC simulator based on communication protocols. The paper concludes customized industrial firewalls are needed and protocols must be regularly updated as cyber attacks evolve.
This webinar will help you get more informed on PenTesting in SCADA and also best practices and methods used on risk assessment. Learning about the criticality in industry, makes you more flexible to boost the skills. Main points covered: • The SCADA ICS function in critical infrastructure industry • Risk exposure of IT vs. SCADA ICS from Cyber Security Perspective • Do's and don’ts of Vulnerability Assessment and Penetration Testing in SCADA ICS Environment Presenter: This webinar was presented by Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS, and PECB Certified Trainer. Link of the recorded session published on YouTube: https://youtu.be/icq-RTwusZ8
This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that are being deployed to protect the safety and reliability of industrial control systems. Learn why the technology is truly unidirectional based on physics and different ways it can be used in SCADA and DCS. Many practitioners find parts of the spectrum to be counter-intuitive. Further, some parts of the spectrum are straightforward to deploy, and others require that practitioners take some care to ensure that the results really are as strong as they should be. Technologies and techniques covered include unidirectional gateways, secure bypass, temporary/programmed gateway reversals, opposing gateways, secure remote access, and parallel operations and IT WANs.
This document summarizes a presentation on protecting industrial control systems (ICS) and SCADA networks. It discusses challenges with ICS including legacy equipment, long lifecycles, limited space and power, and life safety dependencies. It recommends understanding network flows, using the Purdue model for segmentation, and controlling removable media and configurations. Logging and disaster recovery are also important. While some enterprise IT concepts apply, ICS has differences in patching, applications, and dependencies on services. Remote access requires security, and training blends information security with ICS sensitivities.
Industrial control systems (ICS) are used to control industrial processes and manufacturing equipment. They face unique security challenges compared to traditional IT systems due to their real-time operation and custom hardware and software. This document discusses several past ICS cyber attacks and identifies vulnerabilities in ICS security architecture, configuration management, patch management, and change testing. Proper ICS security requires a cross-functional team approach and careful management of the specialized ICS environment.
In today’s connected world, cyber security is a topic that nobody can afford to ignore. In recent years the number and frequency of attacks on industrial devices and other critical infrastructure has risen dramatically. Recent news stories about hackers shutting down critical infrastructure have left many companies wondering if they are vulnerable to similar attacks. In this webinar we will discuss the most common security threats and unique challenges in securing industrial networks. We will introduce the current standards and share some useful resources and best practices for addressing industrial cyber security. Key Takeaways: 1. Gain perspective regarding common security threats facing industrial networks. 2. Learn about the relevant standards governing industrial cyber security. 3. Increase understanding of some best practices for securing industrial networks.
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
This document provides an overview of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS), including fundamentals, evolution over time, vulnerabilities, security frameworks, good practices, and resources. It defines SCADA/ICS, describes how they have become more interconnected, lists vulnerabilities like outdated systems and remote access, outlines security standards like NIST and NERC, recommends practices like segmentation and patching, and provides example frameworks and resources.
This presentation was given at BSides Las Vegas 2015. The modern times that we live in, the gentle shift that we are making towards the Internet of Things (IoT) is slowly but surely getting a grip on our day to day lives. The same goes for securing our Industrial Control Systems (ICS). We see that the demand for ICS security is raising and governmental regulations are being established and implement. However, this also means that the need for ICS security professionals is raising as well. More and more security professionals/firms are starting to perform security assessments such as penetration testing on an ICS level. Two years ago I got the question if I was up for the challenge, converting myself from a ‘normal’ security professional to a ICS specific security professional. The purpose of this talk would be to provide a starting point for security professionals that want to make the shift towards ICS Security, just like I did two years ago. While the term starting point might be a bit misleading, the goal would be to provide an ICS 001 talk instead in contrast to an ICS 101 talk.
The Nozomi Networks solution improves ICS cyber resiliency and provides real-time operational visibility. Major customers have improved reliability, cybersecurity and operational efficiency using our technology. Learn more about our solutions and technology here and how they can bring immediate benefit to your industrial control system (ICS)
A joint presentation of Yokogawa and NextNine about a 60-site global cybersecurity deployment, including what went right, what went wrong, necessary changes to the processes and technology, and the new technology was developed.
Presentation on findings of the annual survey of ICS Security professionals. Includes participant demographics, greatest ICS security threats, and security initiatives.
The document discusses securing industrial control systems (ICS) infrastructure for compliance with NERC CIP standards and beyond. It outlines the network security challenges for bulk power systems in meeting compliance standards while balancing performance and costs. Real-world security vulnerabilities are described from assessments done by the GAO and Department of Energy. The paper then explains how a unified threat management approach using a single security platform can help simplify NERC compliance by providing firewall, VPN, antivirus, IPS, and authentication capabilities required without needing separate point products. This integrated solution secures the infrastructure while maintaining performance.
The document discusses cyber security challenges for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems used in petroleum production. It notes that ICS/SCADA systems are no longer isolated and were not designed with security in mind, making them vulnerable to threats. It outlines potential threats from both external hackers and internal actors seeking to harm operations or steal information. The document then proposes a holistic cyber security approach including governance, technical safeguards, physical security, and crisis management to help mitigate risks. It acknowledges challenges in securing remote sites and ensuring security solutions work with ICS/SCADA systems and protocols.
The document discusses cybersecurity for modern industrial systems. It outlines the history of control systems from early humans to modern technology. It notes current risks and threats that exploit weaknesses in these systems. The rapid growth of internet-connected devices poses challenges to ensuring stability. While virtually all cyber assets are vulnerable, cybersecurity expertise is in short supply. Achieving reliable safety requires standards, regulations, best practices, visibility of systems and sharing knowledge across industries and nations.
The document provides an overview of network security threats and countermeasures. It discusses various types of threats like viruses, denial of service attacks, and spoofing. It recommends a defense-in-depth approach using multiple layers of security like firewalls, intrusion detection systems, antivirus software, and encryption. Specific security measures are examined, including network monitoring, access control, and securing servers and applications.