Thursday, 30 April 2015

Why don’t they get it?’ Understanding the View from the Other Side of the Firewall

Pre Conference Workshop announcement: Why don’t they get it?’ Understanding the View from the Other Side of the Firewall

Industrial Control Cybersecurity Europe, September 28th hosted by Tim Harwood, Managing Director, HS and T Consultancy, a veteran of the security world and has been providing information security guidance and expertise to corporate clients, the UK Government and the UK military for over 30 years.

Overview:

Traditionally, IT and OT teams have been separated by the firewall. However, nowadays with everyone and everything connected to the internet such as theInternet of Things (IoT) in fourth generation SCADA computing and the greater use of COTS in ICS. These two teams, from different technology perspectives need to understand the other’s viewpoint and start talking the same language. IT and OT are completely intermingled in our technology driven global business. Even in terms of simple discussions around ‘Risk Impact’ the IT team may view the worst-case scenario as large loss of data whereas theOT team may consider the worst case as loss of lifeSecurity posture, risks, incident response and recovery are vastly different between the two similar technologies and teams.
It is only when teams come together and begin talking the same language will we be better prepared to face the external and internal threats as well as understanding the full extent of our vulnerabilities. Through discussions and interactive breakout sessions, the workshop will examine common mistakes and misconceptions made by teams when considering the ‘other side’ and help attendees to leave with a better understanding of how to take this back to their parent companies and put together a strategy for common understanding useable by all. To effectively monitor, report, strategize and respond to every day and emerging threats a good understanding of general risks from both sides of the perimeter and IT vs. ICS must be explored.
Risks, policies, regulations, legal requirements, hardware, protocols, etc…. are different between IT and ICS technologies, although similar and in many cases sharing the same network resources. Each must be approached differently. The current threat landscape has changed, traditional ICS security by obscurity or head in sand IT Security defense is no longer viable. Nor are old fashioned approaches and attack techniques and tools are evolving at a much faster rate than SCADA equipment can be manufactured much less replaced with new hardware capable of facing today’s industrial, nation state or cybercriminal or hacktivist threats.
In this workshop, you will be given a taste of what ICS and IT incident response look like on both sides of the firewall.
Workshop 9am – 13:10pm28TH SEPTEMBER 2015
09:00 — 09:15
Introductions
Victoria
09:15 — 10:15
Discussion regarding terms, technologies, risks and risk impact with focus on Before and IT/OT incident
Exercise: 10 minute quick exercise tabletop in the UK, based on EU/UK regulations and in USA changed to NIST and US/North American regulations
Victoria
10:25 — 11:25
Discussion regarding terms, technologies, risks and risk impact with focus on During and IT/OT incident.
Exercise: 10 minute quick exercise tabletop in the UK, based on EU/UK regulations and in USA changed to NIST and US/North American regulations
Victoria
11:45 — 12:45
Discussion regarding terms, technologies, risks and risk impact with focus on After and IT/OT incident.
Exercise: 10 minute quick exercise tabletop in the UK, based on EU/UK regulations and in USA changed to NIST and US/North American regulations
Victoria
12:55 — 13:10
Wrap Up
Victoria
Based on a mix of real world, ENISA and ICS-CERT information and scenarios. Role playing, one person runs the exercise, the other instructor keeps to time, rules, support.

No comments:

Post a Comment