Onboarding the ICS Mindset into Cyber Security Controls
- Thursday, August 13th, 2015 at 3:00 PM EDT (19:00:00 UTC)
- Jason Dely
You can now attend the webcast using your mobile device!
Successful deployment of effective cyber security measures requires incorporation and adaptation of the ICS staff. The ICS environment has had 20+ years to adopt COTS and IT standards and repurpose these technology on a separate path from the traditional IT security evolution. Combine that with the activities and responsibilities of the ICS users, introducing cyber security into these environments requires more then simply selecting and tweaking new or existing technologies. Though some preferred methods used within ICS may seem inappropriate, adaptation, when appropriate, to different methods can and will be difficult. Improving cyber security effectiveness involves an exploration into the unique characteristics of the Industrial Control System 'user' with the balance of business risk and operational risk. From real world experience, the 4D's (Determine, Decide, Design and Deploy) describes the development and improvement process uniquely faced within ICS cyber security controls.
- Determining the operations staff needs and activities when planning to improve or add additional cyber security controls.
- Deciding which technologies to use; who will be impacted, what risk will they address, where will they be deployed, when will they be deployed, how will they effect operation.
- Designing and deploying the controls that meets the appropriate overall effectiveness without hinderance to system availability or emergency recovery.
Jason Dely is a critical infrastructure security professional with extensive proven experience in Industrial Controls System security initiatives and solutions. Jason is a leader and contributor in the management, consultation, planning, designing and implementation of a variety of security and infrastructure projects supporting ICS across industrial automation and critical infrastructure environments. Jason has been involved in projects and system improvements within multiple industries including Water Utilities, Oil and Gas, Steel and Chemical. Mr. Dely has multiple knowledge and integration experiences across ICS and IT technologies and is frequently a speaker at various industry events. Jason is an Electronics Engineering Technologist from Niagara College and is a CISSP, CISM and SANS GIAC certified Exploit Researcher and Advanced Penetration Tester (GXPN).