ICS Cyber Security: Assessing & Protecting Critical Infrastructure
This webinar will aim to provide an overview of ICS security by reviewing several important lessons learned. Watch our ICS SCADA free webinar, addressing the threats, risks, state-of-the-art security practices and relevant standards related to critical infrastructure!
Presenters: Razvan Venter, Senior Certification Specialist & Jos Wetzels, independent security researcher specializing in embedded systems security.
Industrial Control Systems (ICS) have been historically built to last for a long time while keeping their performance parameters at a high level. As a result of this, cybersecurity issues related to the manufactured and deployed systems were not strongly considered until recently. In the context of Industry 4.0, where the systems and components are more and more connected to each other and to the Internet, cyber-attack vectors have multiplied enormously. Security simply cannot be ignored anymore, also considering the high risks and impacts associated with these systems, as well as the organizations which are deploying and making use of them.
ICS security lessons learned and concrete follow up
A history of the most relevant ICS security developments and attacks will be provided. Building on these facts, the threat landscape of ICS systems and components will be derived. Based on the possible threats, various attack scenarios, together with their associated impacts, will be presented. Once a good understanding of the risks associated with ICS technology is in place, designing, implementing and mitigating security controls is a must. The webinar will briefly go over various types of controls, explaining the benefits and complexity of implementing them in practice.
Standardization to increase ICS cyber security maturity
The last part of the webinar will go towards the standardization and regulation environments related to ICS security. In the absence of uniformly enforced regulations, manufacturers and users of ICS systems and components have serious issues in ensuring the completeness, correctness and sufficiency of the security controls which they implement. What can be done to solve this issue? Internationally recognized standards addressing security features, requirements, procedures and processes can be followed in order to improve security and create a common language among stakeholders. The webinar will present the state of the art with respect to relevant standards, while focusing especially on the IEC 62443 family, as the most relevant for addressing the security needs of the whole ICS supply chain.