2019 ICS Cyber Security Conference | USA

The Energy & Water (E&W) sectors are critical to the economy of every nation and need to be secured. During our investigations we found a certain amount of exposed and unprotected E&W systems online accessible via their exposed HMIs, bringing with them a danger to these Critical Infrastructure (CI). We wish to stress that contrary to many sensationalized stories on the vulnerability of Internet connected CI, our findings were limited to small-to-medium sized organizations within these sectors. Large CI organizations have security firmly in mind, but they still consider their ICS infrastructure susceptible to cyber attacks. However, the exposure of these more mid-tier organizations is still cause for concern for two reasons. Firstly, because of CI interdependencies and the distribution network setups, failures in these mid-tier organizations will have cascading and far-reaching after-effects further up the Supply Chain. Secondly, for would-be attackers these mid-tier players act as the perfect test bed for attack strategies to try out their effects in less risky ways. In this talk we present the following:

• Using OSINT techniques we probe the E&W sectors to see what types of exploitable cyber assets are accessible to would-be attackers
• Findings from past ICS security research papers to highlight the potential threats faced by exposed cyber assets
• An analysis of common SCADA HMI vulnerabilities discovered by Trend Micro’s Zero Day Initiative (ZDI)
• Attempt to identify likely attackers, probe their motives, and assess damage potentials
• Conclude with a discussion about the challenges faced in securing IT-OT environments

Sponsored by: Trend Micro

In order to provide improved predictive maintenance, and head off potential downtime, not to mention possible disasters related to failing equipment, regulations have been put into place to remotely monitor various critical equipment on off-shore drilling rigs. However, off-shore drilling rigs are also a prime example of cyber-physical threat convergence, where cyber threats pose potential safety risks to on-site personnel as well as the surrounding environment. So how can we enable a digital channel for remote monitoring without opening a potential cyber threat vector and exposing the rig to additional risk? This session will outline a real-life case study and implementation of data diode cybersecurity technology to protect and remotely monitor off-shore rig equipment, including the related challenges, benefits, and takeaways.

Many organizations have limited visibility into the potentially malicious activity in their environments, this is especially true in OT environments where many traditional security tools provide little help. In this session we’ll show how IBM Security’s  QRadar, the recognized leader in the SIEM and analytics market, integrates with Nozomi’s SCADAGaurdian which gives deep visibility and insights into activity within your OT environment, drastically improving your ability to detect attacks.

Come grab a bite and see first-hand why the world’s largest industrial companies have made Nozomi Networks the top solution for OT and IoT Security.  See real-time asset visibility, monitoring and threat detection in action.  Learn how you can quickly identify and protect your networks from threats while accelerating digital transformation and IT/OT convergence for your company.

Sponsored by: Nozomi Networks

Smart sensors enable manufacturers and other operators to view and analyze real-time machine performance. By connecting sensor data to centralized monitoring platforms, engineers can optimize operation and perform predictive maintenance through advance notice of potential problems or anomalies. Unfortunately, as the number of cyber-attacks on ICS and related OT systems continues to increase, these connected sensors also represent possible cyber threat vectors into the plant and potentially into the machines themselves. In this session we'll discuss the various technologies, architectures, and best practices to secure smart sensors in industrial machines without compromising on the benefits of connected technologies within ICS.

Safe water and clean water are essential for public health, ecosystem protection and economic strength. Supporting these important functions requires secure information technology (IT) and operational technology (OT).

Gwinnet County Department of Water Resources understood the need to take proactive steps to protect this critical lifeline for their community. They invested in a modernization project to unify their SCADA platforms and bolster their cybersecurity posture across their water plants, waste water facilities and distribution facilities.

During this session, experts from Gwinnet County and Fortinet will

• Share the journey toward SCADA modernization and the implementation of a cybersecurity platform
• Review standard practices used to deploy a standard ICS architecture
• Discuss lessons learned through the modernization journey

Join Sam Paul from Gwinnett County Department of Water Resources as he shares their journey to segment and segregate their OT network – with a vision of standardize and modernizing their SCADA systems – including partnering with IT to embed cybersecurity into their ICS security plan. Hear from Fortinet ICS expert Carlos Sanchez as he speaks to the benefits of the Fortinet Security Fabric to simplify and streamline the cybersecurity needs for industrial control systems.

Many organizations have limited visibility into the potentially malicious activity in their environments, this is especially true in OT environments where many traditional security tools provide little help. In this session we’ll show how IBM Security’s  QRadar, the recognized leader in the SIEM and analytics market, integrates with Nozomi’s SCADAGaurdian which gives deep visibility and insights into activity within your OT environment, drastically improving your ability to detect attacks.

Sponsored by IBM

Many organizations have limited visibility into the potentially malicious activity in their environments, this is especially true in OT environments where many traditional security tools provide little help. In this session we’ll show how IBM Security’s  QRadar, the recognized leader in the SIEM and analytics market, integrates with Nozomi’s SCADAGaurdian which gives deep visibility and insights into activity within your OT environment, drastically improving your ability to detect attacks.

With the rise of the IIoT and cloud platforms interacting with ICS equipment, OT-IT separation is no longer a valid form of security. Internet and cloud connectivity are basic staples, if not requirements in the modern industrial enterprise. Endpoints are spread out across machines, networks, user devices, organizations (for example, cloud vendors, third-party asset owners, and contract manufacturers). Data is being pushed out of the entire organization from IT systems all the way down to devices attached to process equipment. This paradigm shift calls for a new approach – one that won’t fit in the previous layered, separated model. This session will discuss cybersecurity methods and technologies to build a new, secure framework outside and above the traditional models of ICS data communications, to incorporate new platforms and account for the increasing connectivity of systems and devices in today's industrial enterprises.