Incident Response for Industrial Control Systems
(Room Arena 2)
20 Jun 18
4:00 PM
-
5:30 PM
Tracks:
Arena 2: Cyber Attacks: How Vulnerable are we?
Recent cyber attacks, such as the well-known Wannacry incident, have revealed the challenge an organization faces in responding to the increasing prevalence and sophistication of operational technology (OT) cyber attacks against critical infrastructure. Traditional security measures designed largely to prevent attacks are no longer sufficient to meet this growing challenge. Certainly, solutions for the IT environment are not appropriate for dealing with attacks against industrial control systems. And the widespread practice of avoiding connectivity to remain secure is similarly misguided as it is this connectivity which brings the transparency and visibility needed to ensure security. Rather, organizations that focus first on fundamentals will be best poised to defeat a cyber attack. This means taking a risk-based approach, understanding the assets they have, which are most vulnerable, hardening them, and then monitoring their entire operational environment. Though the probability of a cyber attack against any organization is extremely high, that does not imply accepting this reality by doing nothing to protect themselves. The paper will lay out a holistic and end-to-end strategy an organization should consider as it pursues its own cyber journey.