WannaCry, NotPetya, and TRITON demonstrate that ICS and IIoT networks continue to be soft targets for cyberattacks, increasing the risk of costly downtime, safety failures, environmental incidents, and theft of sensitive intellectual property.
NIST and the NCCoE recently published a NIST Interagency Report (NISTIR) demonstrating how off-the-shelf, ICS-aware behavioral anomaly detection (BAD) effectively reduces cyber risk for manufacturing organizations, without impacting OT networks, as well as risk from equipment malfunctions.
The report was the product of a close collaboration between NCCoE, CyberX, and other technology providers such as OSIsoft.
In this joint webinar with NIST and CyberX, you’ll learn about:
- Mapping the security characteristics of BAD to the NIST CSF
- Using NIST’s reference architecture for your own ICS & IIoT environment
- How CyberX detected 15 examples of high-risk anomalies in NIST’s testbed environment, including unauthorized devices; unauthorized remote access; plain-text credentials; network scans using ICS protocols; and unauthorized PLC logic downloads
We’ll also discuss how CyberX’s agentless platform helps you:
- Auto-discover your ICS & IIoT assets, protocols, and network topology
- Identify critical OT vulnerabilities and risks
- Prioritize risk mitigation for your most valuable processes (crown jewels)
- Enable rapid ICS threat detection, response, threat hunting, and prevention
- Implement converged IT/OT security in your corporate SOC via certified apps for IBM QRadar, Splunk, ServiceNow, Palo Alto Networks, and other integrations with your security stack
Phil is the VP of Industrial Cybersecurity for CyberX, whose notable customers include 2 of the top 5 US energy providers; a top 5 US chemical company; a top 5 global pharmaceutical company; and national electric and gas utilities across Europe and Asia-Pacific. Prior to CyberX, Phil held executive roles at IBM Security/Q1 Labs, Symantec, Veracode, and Guardium. Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a 1st Degree Black Belt in American Jiu Jitsu.
Michael Powell is a Cybersecurity Engineer at the National Cyber-Security Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) in Rockville, Maryland. His research focuses on cybersecurity for the manufacturing sector, particularly how it impacts industrial control systems.
Mr. Powell joined the NCCoE in 2017. In his previous positions, he was responsible for the management/oversight of building and commissioning US Navy DDG-51 class ships. He also served in the United States Navy for over 20 years, retiring as a Chief Petty Officer. He holds a bachelor’s degree in Information Technology from University of Maryland University College, A Master’s degree in Public Administration from Bowie State University, and a master’s degree in Information Technology from University of Maryland University College. Mr. Powell is currently in the final stages of completing his Doctorate degree in Computer Science at Pace University in West Chester, New York.
Jim McCarthy is a senior security engineer at the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST). He currently
serves as the Federal lead for Energy Sector projects. The NCCoE collaborates with members of industry, government, and academia to build open, standards-based, modular, and practical example reference designs that address cybersecurity challenges in key economic sectors. The center benefits from formal partnerships with market leaders, including several Fortune 50 companies.
Mr. McCarthy joined the NCCoE in 2014, after serving at the U.S. Nuclear Regulatory Commission. He also worked in various cybersecurity roles at the U.S. Department of Transportation. In his previous positions, he was responsible for the management and operation of the cybersecurity incident response teams for these agencies. He also performed security assessments on components of the nation’s critical infrastructure systems. He holds a bachelor’s degree from Providence College and master’s degree from the Johns Hopkins Carey Business School.
Timothy Zimmerman is a Computer Engineer in the Intelligent Systems Division at the National Institute of Standards and Technology (NIST), Gaithersburg, Maryland. His research focuses on cybersecurity for the manufacturing sector, especially its impact on industrial control systems and robotics.
The post SANS Webinar: NIST Recommendations for ICS & IIoT Security appeared first on CyberX.