2023 Solutions Track: ICS Security

  • Monday, 01 May 2023 10:30AM EST (01 May 2023 14:30 UTC)
  • Speaker: Dean Parsons

The Industrial control system (ICS) / operational technology (OT) security environment require different security skills, technologies, and methods to manage the different risks, as they have mission and risk surfaces that set ICS/OT apart from traditional IT enterprise networks. ICS/OT networks are also seeing different attacks beyond traditional intrusions commonly seen in enterprise networks.

Adversaries in critical infrastructure networks have illustrated knowledge of control system components, industrial protocols, and engineering operations. Detecting, and preventing modern threats to our critical infrastructure requires modern ICS specific technology solutions.

Year over year we are seeing more impactful attacks. Such as CRASHOVERRIDE[1] in the electric sector, human machine interface hijacking through remote access[2] in water management, ICS specific ransomware[3] in manufacturing and energy sectors, targeted attacks on SIS (safety instrumented systems) in the oil and gas sector, and the more recent PIPEDREAM/Incontroller[4] advanced scalable attack framework targeting multiple ICS sectors, to name a few. ICS/OT attacks are more disruptive with the possibility of physical destructive capabilities. Industrial security defenders across all sectors must address new challenges and face serious threats.

The focus of the event is to illustrate the challenges, the risks, impacts of incidents in control systems, as well as actionable achievable methods we can meet these challenges head-on, and show ICS-specific trained defenders can step up to protect and defense the critical infrastructure we all rely on in our daily lives.

Presentations will be a combination of thought leadership and technical use-case examples with actionable takeaways facilities can start considering to immediately deploy where it suits their safety and industrial security defense goals.