Legacy industrial devices are "insecure by design" and therefore vulnerable to interruption from cyber threats or unintentional network incidents. Risk is increasing as Ethernet networking becomes more pervasive and more complex. Physical security has internet protocol (IP) based cameras and sensors sharing the same network infrastructure. Along with that comes the Internet of Things (IoT) and the Industrial Internet of Things (IIoT). Now your control room coffee pot and refrigerator may be connected to the internet and exposing your network to threat actors, ransomware and bots.
The move to using open standards such as Ethernet, TCP/IP, and web technologies in industrial automation and control systems (IACS), supervisory control and data acquisition (SCADA) and process control networks (PCN) has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. The introduction of complex Windows 7 and 10 operating systems (OS) deployed along with the existing legacy Windows XP OS means that the security risk is even higher.
This presentation provides a high-level overview on how the ISA/IEC 62443 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for IACS, SCADA, and PCN environments.
As part of ISA's continued efforts to meet the growing need of industrial control systems professionals and to expand its global leader outreach into the security realm, ISA has developed a knowledge-based certificate recognition program designed to increase awareness of the ISA99 committee and the ISA/IEC 62443 standards. The ISA/IEC 62443 Cybersecurity certificate program is designed for professionals involved in IT and control system security roles that need to develop a command of industrial cybersecurity terminology and understanding of the material embedded in the ISA/IEC 62443 standards.
- Use the ISA/IEC 62443 standards to secure your control systems
- Discover the five common myths regarding industrial automation and control system (IACS) security
- Assess the cybersecurity of new or existing control systems
- Understand cybersecurity design & implementation & testing of control systems
Wally Magda is an internationally recognized cyber and physical security expert for Industrial Automation and Control Systems (IACS). His deep security experience spans military nuclear missile command and control systems, intelligence agencies and enterprise security.
Wally started out as an Instrumentation, Control and Electrical (ICE) Technician. He then progressed to managing control systems as a process control engineer. Seeing the need for security professionals with a background in control systems he stepped into the enterprise level security realm. He has conducted numerous cyber and physical security assessments for electric, natural gas, chemical, LNG and manufacturing facilities.
Wally brings his passion and unique experience into conducting cyber and physical security training courses and assessments specific to IACS.