Introduction to Industrial Cyber Security

Jul 31, 2024

Getting Started with Industrial Cyber Security Notes

Introduction

  • Host: Mike Hul
  • Purpose: To provide information on starting in industrial cyber security.
  • Disclaimers:
    • Information is for educational purposes only.
    • Knowledge should be used for good, not for malicious activities.
    • Content shared is personal opinion, not affiliated with any organization.

Course Overview

  • Aim: To educate on cyber security attacks against industrial control environments and defend against them.
  • Importance of collaboration between IT and OT (Operational Technology).
  • Key Influencers:
    • Rob Lee (CEO of Dragos) and Michael Assante (pioneer in the field).

Course Structure

  1. Introduction to the Course:
    • Background of the presenter and course objectives.
    • Overview of different modules covered in the course.
  2. Background of Mike Hul:
    • Fellow for cyber security at Fluor, an engineering and construction company.
    • Experience in IT and OT cyber security since 2010.
    • Active in local cybersecurity groups and has taught cybersecurity courses.
  3. Importance of Cyber Security in Industrial Control Systems:
    • Increase in attacks due to technological changes, notably since the Colonial Pipeline breach.
    • Ransomware is now a primary threat.
    • Emphasis on protecting critical infrastructure (Power, Water, Telecommunications).

Course Content Breakdown

  • Unit 1: Introduction to Industrial Cyber Security.
  • Unit 2: Understanding control system cyber security and its significance.
  • Unit 3: Overview of various types of control systems (PLCs, HMIs, SCADA).
  • Unit 4: Secure network architecture for IT and OT communication.
  • Unit 5: Asset registers and inventory for control systems.
  • Unit 6: Threat and vulnerability management.
  • Unit 7: Penetration testing in industrial environments.
  • Unit 8: Incident detection and response strategies.

Cyber Security Certifications

  • ISA 62443: Recognized as the standard for cybersecurity programs in control systems.
    • Four major courses leading to certifications.
  • GICSP: Entry-level certification in control systems.
  • Additional Resources:
    • CISA offers free online courses for industrial cyber security.

Additional Resources and Recommendations

  • Mandatory Reading:
    • Verizon Data Breach Investigations Report.
    • Dragos Year in Review Report.
  • Podcasts:
    • Control Loop, UNS IED Response, Protect OT Cyber Security Podcast.
  • Conferences:
    • SANS IC Summit, S4 Conference, local BSides events.

Conclusion

  • Encourage students to engage with resource materials and participate in discussions.
  • For further questions, Mike can be contacted via LinkedIn.
  • Next Steps: Proceed to Unit 2 for deeper exploration into industrial control cyber security.