With the increasing use of technology for the purposes of providing more cost efficient services to consumers; electricity, natural gas, and water utilities have to deal with the cyber security risks associated with technology. Industrial Control Systems are found in many environments, not just with utilities and are very pervasive. In addition, there has been the convergence of Control Systems with Information Technology and risks associated with doing so need to be addressed. In order to better understand this topic, a high-level overview of industrial control systems functionality is provided along with why vulnerabilities exist in these systems and what remediation steps can be taken to lessen risks against these systems. With industrial control system security weaknesses in the limelight, every IT professional should understand the important ramifications of insecure control systems even in their own environments. This presentation explores those risks, vulnerabilities in control systems, subsequent threats, and provides solution ideas to mitigate the risks.
- Control Systems affect everyone including IT environments
- Risks can be mitigated and be overcome
- Operational Technology (Controls) and Information Technology are not that different
About Leonard Jacobs
Leonard Jacobs is President/CEO of Netsecuris Inc., a Managed Cyber Defense and Incident Response Provider specializing in cyber security protections to businesses. He has 37 years of hands-on technology management experience including over 21 years in cyber security. He has spoken on many cyber security topics at conferences around the world. Leonard is considered an expert in Industrial Control System cyber security. He is currently studying for a MS degree in Cybersecurity Technology from University of Maryland; with graduation in December 2018. He holds a MBA degree from University of Phoenix, CISSP certification and Certified SCADA Security Architect certification from IACRB. He is an Instructor at the MN Cyber Range. He teaches cybersecurity certification exam prep courses at Metropolitan State University. He has participated as an advisor in two nationwide National Guard cybersecurity exercises. He has provided ICS cyber security training to many organizations and venues.