Industrial Cybersecurity: Raising Our Standards
While much is made of an ‘attack of the robots’ displacing tens of millions of workers from once job-rich industries, but those charged with safeguarding the workings of modern society are preoccupied with another assault – attacks on the robots and other automated cyber-physical systems.
It doesn’t take an engineer to appreciate persistent warnings of a coming “Cyber Pearl Harbor” targeting the automated devices that run critical infrastructure. Hackers employ many methods (including the unnerving Shodan search engine) to worm their way into sensitive industrial control systems – often targeting automation that is running vital infrastructure including power grids, public water systems, oil and gas infrastructure (pipelines, refineries, depots, etc.) and transportation systems.
A tidal wave of increasing connectivity is being driven deeper and deeper into automation to improve operating efficiency and reliability. For this reason, industrial automation networks are in dire need of improved security still allowing them to retain their flexibility and compatibility with existing automation protocols which often have little-to-no communications security features. Fortunately, we now have a standardized means for frustrating the attacks on these systems by securely segmenting communications on top of standard IP protocols. TCG standards can be implemented today to provide increased security and protection from unauthorized ICS access.
When, Not If: Strategies for Responding when your OT network suffers a ransomware attack
OT infrastructures across industrial sectors like manufacturing, transportation, utilities, and oil and gas are increasingly becoming the target of sophisticated cyberattacks. Large or small, cyberattacks are making headlines and elevating executive attention toward cyber resiliency. During this panel discussion, experts will discuss strategies for preparing for, responding to and recovering from cyberattacks as a part of any business continuity plan.
The Coming RAID on ICS/IIOT Cyber Security
Over the next 2-3 years, an emerging set of actors will drive significant new requirements for IIOT/ICS security: R-A-I-D
- Regulators are stepping up their focus on critical infrastructure with the TSA/CISA guidelines for US pipelines
- Attackers are increasingly focusing on these environments as a commercial ransomware enterprise
- Insurers will begin to demand greater transparency and controls into the security in ICS/OT environments prior to the potential policy start date
- Directors are now requiring greater reporting on measurable progress on improving ICS/IIOT security
The intersection of AI & Industrial Controls Systems Cybersecurity Best Practices
This panel will focus on the following:
- People often associate AI in cybersecurity with network anomaly detection tools. Are there other use cases for AI and machine learning in OT cyber security? Isn’t AI expensive? How do I justify the cost of an AI solution?
- What are the guidelines for determining what might be good applications for AI or machine learning in OT settings?
- What is the role of segmentation in security ICS and how can it be enhanced?
- How will cloud adoption impact the future of security for industrial control systems environments?
- How do we build dynamic security maturity throughout ICS industries rather than one-time purchases, audits, or box-checking?
- How can organizations begin to determine what should and should not be automated?
- How is your core business developing secure connectivity into your products and solutions to drive additional value to your customers?
- What assurances do you have that your devices will be secure in the field?
- How is the regulatory landscape changing and what security standards must you follow to continue to sell IoT solutions and grow your business?
- And how can you ensure that you product roadmap includes IoT cybersecurity as a differentiator?
Download Keyfactor data sheet “Design and Build Secure IoT Devices at Scale“.
Why haven’t we solved the Industrial Controls Systems (ICS) Cybersecurity yet?
Supervisory control and data acquisition (SCADA) systems have been at the heart of processes used by many different industries, from the control of machinery in power plants to the management of traffic lights in cities. Because SCADA systems play important roles in very critical processes, an unchecked weakness could cause grave real-world consequences.
As they have taken on more capabilities over the years—both as a product of an increasingly connected world and to meet new demands—it is important to revisit what kind of vulnerabilities have been discovered in SCADA systems and learn how to secure them.