Singapore ICS Cyber Security Conference | 2019

Today’s manufacturing, oil & gas and utilities for the most part involve standardized, layered systems with in-depth production rules, guidelines, and regulatory oversight. While connecting processes, networks, and applications promises to drive significant economic benefits for manufacturers, this interconnection also creates new cyber threat attack surfaces, including the possibility of safety concerns, operational disruptions and downtime, and costly physical damage to equipment and products. However, majority of operational systems cannot support best practices from IT security.  They can’t be patched routinely, they run outdated versions of operating systems, and their host networks enable unfettered movement for malware and human attackers.  In some cases connections to the corporate network provide a pathway to OT via lateral movement.   Different protocols and systems use enterprise networks and the plant’s operational technology, making them difficult to secure. In 2019 we will face a new set of sophisticated attacks on critical infrastructure.  The elite hackers emerge: well-funded and highly skilled, making it almost impossible for all manufacturing companies to protect themselves.  Hoping you are not targeted is not a proactive security measure.
In this session the attendees will learn from Andres Andreu, CISSP-ISSAP and CTO of Bayshore Networks, what can we do to better protect critical infrastructure with active OT protection, security beyond viability. Adding security to a production environment, while not violating the bounded latency constraints the environment needs to adhere to, is not easy. Modern day ethernet networks operate within boundaries where the traffic flow of data is indeterminate. This means that intervening devices (i.e. security devices) can delay stream data and generally speaking the delays are acceptable. IIoT/OT networks have no such luxury yet need security functionality in order to properly protect their resources and productivity. There is a great and unique challenge in finding that middle ground.

In this session Andres will dive into the impact of active protective action and what happens or the lack thereof is rapidly growing. The session will cover ICS/SCADA mitigation measures and vulnerability assessments and how active enforcement will need to take place to actually secure resources in manufacturing (and most other IIoT environments for that matter) and why Critical infrastructure protection requires active OT security to all endpoints.