ICS Network Segmentation
- Tuesday, June 7th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Brett Young and Dan Morrow
You can now attend the webcast using your mobile device!
The value of segmenting local area networks into security zones is widely recognized yet rarely done well. Many large production environments are susceptible to today's sophisticated attacks due to a focus on perimeter security, leaving internal networks as a "flat" architecture, and difficult to defend from well-designed exploits. Attacks on poorly segmented networks are often the result of Malware having found the easiest path in, then moving to penetrate more valuable assets within the enterprise WAN.
Segmenting into defined security zones improves an organization's defensibility by:
- Reducing attack surface
- Limiting exposure of critical production assets
- Using access controls to restrict movement from segment to segment
- Focusing security monitoring and controls on the zones where they are most effective
- Improving detection and mitigation capabilities tied to Incident and forensics support
Brett Young consults with organizations to increase effectiveness by building and operating a resilient, agile IT environment, using standards such as ISA-99 and ISO2700x. His extensive work in Oil & Gas (O&G) and manufacturing has proven to him that the most valuable input to successful Industrial Control Systems (ICS) security projects is the participating associates' knowledge of the organization and processes. He works to leverage that knowledge with his clients and bring them unique solutions for securing systems and make their large-scale security projects successful, during and following implementation.
Dan Morrow is a Cyber Security Consultant for Lockheed Martinís Commercial Cyber Services business. His background expertise encompasses several areas of networking including architecture, security, and operations. Areas of focus include Security Intelligence Center (SIC) assessment and transformation engagements tied to building out from the foundation or enhancing computer network defense capabilities for organizations through initiatives across people, process, and technology. His client work has spanned several large enterprises from Fortune 10 to Fortune 500 companies across industries in telecommunications, healthcare, utilities, oil and gas, and chemical verticals.