As Operational Technology (OT) environments become increasingly interconnected and smarter, organizations face significant digital transformation challenges. The business demand for the raw data and information produced by OT systems is growing exponentially both from an internal and external perspective. As the demand for data increases, so has the volume of cyber-attacks specifically aimed at OT system. Cyber-attacks are becoming more advanced and have the potential to impact a number of aspects of a company’s business including safety, health and environment, production operations, information integrity, financial performance and reputation.
For a company looking to harden their OT environment, identifying where to begin can often be a confusing and difficult process. Before embarking on an OT hardening project, for example by either implementing costly technical solutions or introducing new OT specific policies and procedures, leaders need take a step back and ask themselves if they understand, or have thought about, the “BASICs” of OT.
In this session, Leidos Cyber Expert, Scott Keenan, will explain Leidos’ view of OT “BASICS” which provides organizations with the foundation necessary to build a OT hardening project.
This September in London and October in Sacramento, we learn from Honeywell why USB devices are still the #1 source of malware in ICS. This discussion will help you understand how USB devices can pose a threat even without malware, including:
o Surprisingly effective HID attacks
o More advanced threats posed by rogue network devices, serial adapters and more
Participants in London and Sacramento will see real examples of the impact these attacks can pose to ICS, plus Eric Knapp, Global Director of Cyber Security Solutions and Chief Cyber Security Engineer for Honeywell Process Solutions asks “Are these really advanced? Do you even have to worry about this?”
This year all critical national infrastructure are invited to join both shows free as an initiative to further cyber resilience in both public and private domains!
Contact Daryl Fig for your free guest pass for your team at firstname.lastname@example.org
4th Annual Industrial Control Cyber Security Europe
Millennium Gloucester Hotel
London United Kingdom
Headline Sponsors Leidos
Co Sponsors Honeywell
Associate Sponsor Verve Industrial Protection
Associate Sponsor Airbus
Network and share best practice with leaders from Nuclear, Water, Oil and Gas, Chemical, Automotive and Smart Grid sectors
4th Annual Industrial Control Cyber Security USA Summit
The Sutter Club
Further events you won’t want to miss from the Cyber Senate:
European Rail Cyber Security Working Group, September 11/12th London
Aviation Cyber Security Summit, November 21/22 London United Kingdom
On September 12th the Cyber Senate will be hosting the European Rail Cyber Security Working Group in a roundtable format with discussion groups in the morning and outcomes presented in the afternoon. Capped at 70 participants, this face to face knowledge sharing exercise is specifically designed to assist all stakeholders in the rail ecosystem with an opportunity to assess their security posture, and collaborate with their industry counterparts.
Already confirmed table leaders include the Rail Delivery Group, Deutsche Bahn, and the ERTMS Users Group. More announcements will be made shortly.
The cyber attacks from the last week have affected entities globally, from telecommunication infrastructure to medical facilities across the UK to European utilities as well as multiple other types of industries and consumers. The WannaCry ransomware will go down in history for setting an example of how malicious software can disrupt global networks, leaving systems crippled until demands are met.
This highlights so many issues we at the Cyber Senate have been working so hard to bring to our forums. We believe there is so much work to be done to fully understand how we can better develop a culture of awareness within our organisations, and how we address the skills gap in our industry. We Tneed to have a better understanding of the risks of 3rd party applications and the supply chain, as well as better educate procurement. There is still much work to do in developing synergies between IT and OT divisions wrestling with convergence, in understanding that compliance doesn’t equal security and that just because “you’re not connected to the internet” that you’re cyber secure. That is just a few areas we need better insight. On another note, how many ICS systems are still running a unpatched version of Windows XP?
Cyber attacks that impact critical national infrastructure can ultimately cost lives. That is why these discussions are so important. These events are built to facilitate public and private information sharing, to assist you and your team in understanding how your industry counterparts are meeting the challenge, what you are doing right, wrong, and to help define “what is best practice?”
We hear a lot about vendor accountability and disclosure which is another piece of this puzzle that needs to be addressed. We, however, believe people are the most important factor in the cyber kill chain. Technology will never tick all the boxes, it can and does fail and so do humans. It is how we get up, respond, move forward and learn from these lessons that count.
We hope to meet you in 2017. If we can help you bridge the gap, do not hesitate to reach out.
The NCSC issue guidance on Ransomware
‘The NCSC are aware of a ransomware campaign relating to version 2 of the “WannaCry” malware affecting a wide range of organisations globally.
NCSC are working with affected organisations and partners to investigate and coordinate the response in the UK. This guidance will be updated as new information becomes available.
From investigations and analysis performed to date, we know that the malware encrypts files, provides the user with a prompt which includes; a ransom demand, a countdown timer and bitcoin wallet to pay the ransom into.
The malware uses the vulnerability MS17-010 to propagate through a network using the SMBv1 protocol. This enables the malware to infect additional devices connected to the same network.”