Industrial control system (ICS) is a general term used to describe the integration of hardware and software with network connectivity in order to support critical infrastructure.
ICS technologies include, but are not limited to, supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLCs), programmable automation controllers (PACs), remote terminal units (RTUs), control servers, intelligent electronic devices (IEDs) and sensors.
In the past, most machinery and engineering components used in industries such as manufacturing or electric grids/utilities belonged to networks that were air-gapped and protected from the outside world. But this has all changed since components of a modern ICS are commonly connected directly or indirectly to the internet.
Thus, as a member of the Internet of Things, an industrial control system today is subject to a multitude of cybercrimes.
Cybersecurity professionals believe it’s essential to implement in-depth cybersecurity plans to help protect industrial control systems (ICSs) against a cyberattack — even more so now with the escalating number of cyberattacks.
Experts emphasize that to protect against external threats, more needs to be done than just strengthening the network. Recommendations include:
Identify threats — Threats can be external or internal and can be categorized as deliberate, intentional and accidental, or unintentional.
Identify ICS security vulnerabilities — ICSs used to be standalone systems, but not anymore. ICSs are vulnerable to external threats primarily because of using commercial off-the-shelf (COTS) technology and being highly connected within a network for various reasons such as businesses offering remote access for employees.
A control system’s top vulnerabilities are inadequate policies/procedures, no defense-in-depth design, inappropriate remote access controls, improper software maintenance, inadequate wireless communication for control, using control bandwidth for on-control purposes, failure to observe inappropriate activity in the system, control network data is unauthenticated and inadequate to support to critical components and systems.
Follow security standards for ICSs — Governments and other industry organizations are developing security standards to provide guidance and suggesting best practices to strengthen systems against potential threats. These standards include:
- ISA99 – Industrial Automation and Control Systems Security /IEC 62443 series of standards
- The National Institute for Standards Technology (NIST) SP 800-82 – Guide to Industrial Control Systems Security standard
- The North American Electric Reliability Council CIP series of standards.
Industrial Control System Cybersecurity Training
Tonex offers ICS Cybersecurity Training, a 4-day course that provides a detailed overview of Industrial Control Systems, typical system topologies and architectures, different types of threats and vulnerabilities to industrial systems, and gives participans a step by step procedure to mitigate the associated risks and maintain the security of a control system.
Who Should Attend
- Control engineers, integrators and architects
- System administrators, engineers who secure ICS
- Information Technology (IT) professionals who administer, patch or secure ICS
- Security Consultants who perform security assessment and penetration testing of ICS
- Managers who are responsible for ICS
- Researchers and analysts working on ICS security
- Information technology professionals, security engineers, security analysts, policy analysts
- Investors and contractors who plan to make investments in ICS
- Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects
–Tonex and its instructors are recognized as leaders in the security industry.
–Tonex presents highly customized learning solutions. For over 30 years Tonex has worked with organizations in improving their understanding and capabilities in topics often with new development, design, optimization, regulations and compliances.
— Ratings tabulated from student feedback post-course evaluations show an amazing 98 percent satisfaction score.
For more information, questions, comments, contact us.