As industrial control systems (ICS) and process control network (PCN) environments become more connected, “security by obscurity” is no longer an adequate strategy. Sophisticated adversaries have begun to take notice of vulnerabilities found in today’s operational environments. The ICS/PCN Cybersecurity Assessment evaluates technology and network defense processes to measure the overall corporate risk, identify risk mitigation opportunities, and improve control system security.
2016 saw cyber criminals continue to become ever smarter, more efficient and increasingly successful at penetrating industrial networks. Industrial control systems (ICS) operators reported more security incidents to their governing authorities than in any year to date. In this video, we talk to cyber security experts about the biggest problems they perceive in the arena now and in the near future, for the critical infrastructure that underpins so much of daily life.
In February 2017, two researchers at the Georgia Institute of Technology simulated a cyber attack on a water treatment plant. Using ransomware, the academics managed to access programmable logic controllers (PLCs) to shut off valves, increase the chlorine content of water and show false information on computer displays.
The ICS world is riddled with weaknesses that are ready to be exploited by switched-on wrongdoers for currency and chaos. In this analysis we look at the most dangerous roots of ICS breach and how to best prevent them.
Cyber security solutions are already in place in various sectors to secure ICS from attacks, but assaults keep happening. This poses now the challenge to assess whether these solutions are enough to protect both digital and physical assets.
Ahead of the ICS Cyber Security conference, we recently surveyed more than 350 experts on their views on the maturity of their cyber security and balanced their answers with an expert insight from Professor Chris Hankin, co-Director of the Institute for Security Science and Technology at the Imperial College London and speaker at the conference.
Cyber security solutions are in place for industrial control systems, and yet the gap between OT and IT is not addressed, leaving a risk for organisations' cyber security. The challenge now is to mitigate it, by improving the communication between these two departments and assess who is liable for the cyber security.
Ahead of ICS Cyber Security 2018, we had the opportunity to discuss with Andy Oliver, current Project Manager for OT Cyber Security at a major pharma company and speaker at the event, on the need for a OT/IT convergence and what strategy organisations need to implement to ensure the digital safety of their organisation.
UK government to fine critical organisations up to £17m if they fail to put in strong cyber security
On the 28th January 2018 the UK government announced that organisations working in critical services like energy, transport, water and health can be fined up to £17 million ($24 million) as a “last resort” if they fail to demonstrate that their cyber security systems are equipped adequately against attacks. Read the full press release here.