Mike Holcomb’s Post

New to ICS/OT cyber security? It can be very confusing at first, especially for those coming from the traditional IT side of the house. The sheer volume of new acronyms in a new world can be daunting! Here are a few tips on getting started: 1. Don't Worry & Take Your Time While there are A LOT of new acronyms, do not worry. Start learning at your own pace, even if you are only focused on learning one a day. 2. Start with What Each Stands For From a practical sense, you do need to learn what each acronym stands for. Thankfully, once you do, the meaning behind an acronym can help you remember what that "thing" does. For example, with SCADA (Supervisory Control and Data Aquisition), once you understand what SCADA is and how it operates within an environment, remembering what the acronym stands for can help you remember what it actually does. 3. Think Like an Engineer This is especially important if you are coming from the IT world where we can think in terms of systems with IP addresses that need to be protected. It is important to go further, much further, than that. Think like an engineer in learning exactly what the "thing" behind the acronym does and how it fits into the big picture. As an example, with a PLC (Programmable Logic Controller), you need to understand not only that it is an asset to be protected, but you need to know how the PLC is designed within the site, what it controls in the physical world and the other systems that it talks to. Simply knowing what an acronym stands for and that system needs to be protected, is only a start in an ICS/OT environment. You need to understand what the asset is responsible for within the site and the real-world physics behind it. Like with IT cyber security, there are a lot of new acronyms, terms and concepts to learn. When you are just starting out, it can be very confusing, but it can also be very exciting as we learn more and are able to start to put the puzzle pieces together. P.S. You will also need to understand how PLCs are programmed, but that is another story for a different day! #cybersecurity #power #safety #petrochemical #refinery #cyber #utilsec #icssecurity #otsecurity #icscybersecurity #otcybersecurity #engineering #it #ot #ics

What is the main focus for cyber security between ICS/OT and IT? Both IT and ICS/OT environments can be VERY SIMILAR and VERY DIFFERENT at the same time. When I am working in IT: -> I am sitting in a cubicle -> I am in a conference room -> I am at my desk working from home -> I am always comfortable without concern -> I am physically safe and not worried about getting hurt When I am working in OT: -> Walking through a mine, there is real physical danger -> Walking through a power plant, there is real physical danger -> Walking through a petrochemical refinery, there is real physical danger -> Walking through any industrial control site, there is a real physical danger IT cyber security focuses primarily on one thing: ---> Confidentiality: Keeping data safe from unauthorized access! ICS/OT cyber security focuses primarily on one thing: ---> Physical safety: Making sure everyone goes home at the end of the day! Safe and sound. I do not want a cyber security incident to be the reason that someone did not go home to their family. P.S. What should I add? __________________________________________ Interested in learning more about industrial (ICS/OT) cyber security? Join 1,100+ subscribers of my weekly newsletter - Guarding the Gears! Sign up today at https://lnkd.in/gsYk_gtv! Thank you to all that have already signed up!!! #CyberSecurity #Automation #Engineering #ICS #Technology

The analysis of electric power systems' (EPES) cybersecurity focuses on defining key steps for an effective system, emphasizing the organizational environment in critical infrastructure. EPES is becoming increasingly digitized and reliant on complex control systems. This connectivity introduces new vulnerabilities that malicious actors can exploit. Vulnerabilities can exist in various components, such as SCADA (Supervisory Control and Data Acquisition) systems, smart meters, and even the software used for control and monitoring. To enhance the resilience of EPES against cyber threats, various recommendations can be taken, including implementing robust cybersecurity practices, conducting regular risk assessments, continuous monitoring, regular software updates, employee training, and developing incident response plans. Read more: https://lnkd.in/dQcYjHsd

One of the ways to strengthen and update your knowledge around #criticalinfrastructure Security is to dig into Training Courses, Tools exploration and Research papers Readings. As most of today’s critical services are driven by Operational Technology fueled with Digital transformation, a visible trend for the #convergence of IT/OT systems can be seen. The operational complexity and interdependencies among systems have led to the rise of #threats Landscape, so it is highly recommended to go for state-of-the-art trainings with industry leaders. Thanks to Mike Holcomb for running an interactive training course on ICS/OT Cyber Security. I must say he is an amazing instructor with ability to engage learners. Had the opportunity to attend this interactive training course along with ICS security Researchers and professional across the globe. Some of the modules covered: ICS/OT Cyber Security  Types of Control Systems & Protocols (PLCs, HMIs, SCADA and Protocols) Secure Network Architecture (Building block for rest) Asset Registers and Control Systems Inventory (Quite in-depth) OT Threats & Vulnerability Management (CVEs, CERTs, Vulnerabilities across Purdue Architectural Levels and System assets) OSINT for Industrial Control Systems Incident Response across IT/OT #ictsolutions #otcybersecurity #strategy #skills #network #plc

🔐 𝗔𝗱𝘃𝗲𝗿𝘀𝗮𝗿𝘆-𝗖𝗲𝗻𝘁𝗿𝗶𝗰 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗲𝘀𝘁𝗶𝗻𝗴: 𝗕𝗿𝗶𝗱𝗴𝗶𝗻𝗴 𝘁𝗵𝗲 𝗜𝗧-𝗢𝗧 𝗚𝗮𝗽 🛡️ Safeguarding Critical National Infrastructure (CNI) from cyber threats is paramount. Operational Technology (OT) systems in CNIs have unique characteristics, posing challenges in skill transfer between domains. 🛡️ Unlike Information Technology (IT) systems that manage data, OT systems ensure the success of operational processes – think PLCs, SCADA, DCS, and ICS. 🛡️ Adversary-based security testing is gaining traction for bolstering cyber resilience and incident response. Expert teams simulate actual cyber attacks, uncover vulnerabilities, and enhance response strategies. 🛡️ While IT environments readily embrace adversary-based testing, OT environments lag behind. Challenges arise due to differences; tools suitable for IT might disrupt poorly-configured OT systems. 🛡️ This whitepaper delves into a comprehensive comparison of OT and IT systems' cybersecurity aspects. It underscores how differences impact security tests, emphasizing the need for tailored approaches. 🛡️ Sections encompass background, related work, a cybersecurity-focused OT vs. IT comparison, insights into adversary-based testing, evaluation through penetration techniques, and glimpses of future work. 🔗 Bridge the gap between IT and OT security to fortify defenses for critical systems. Stay updated with insights and resources on OT security by following Shiv Kataria. 🔔 Don't miss updates – hit the bell icon! 📢 #Cybersecurity #OTSecurity #AdversaryTesting

One thing I have noted working in ICS/OT cyber security is a lack of awareness in the industry on the different ways that PLCs can be successfully attacked and compromised. Because of that, when it became time to decide on my Master’s thesis topic, I knew exactly what I wanted to cover in my research. While building out my ICS/OT lab for the research, including a newly purchased Schneider Modicon PLC, I could still remember tracing cables in a power station and thinking of how vulnerable the PLCs were. A lot of individuals assume that the PLCs are “immune to attack” since they reside in such a lower layer of the network (think based on the Purdue model), and are much more isolated than their high layer counter parts of engineering workstations, data historians and HMIs. And yet, if history tells us anything, is that PLCs are not immune to attack and can be successfully targeted such as in 2010 with Stuxnet to the capabilities highlighted in the recently discovered PIPEDREAM ICS/OT attack framework. If you have any suggestions, I would love to hear them, especially on various attack vectors and related TTPs for targeting PLCs. I’m also open to exploring other options for PLCs to add to the lab for testing! Please feel free to leave a comment below or DM me. I appreciate all of the feedback! #otsecurity #icssecurity #cybersecurity #otcybersecurity #icscybersecurity #ics #criticalinfrastructure

#Digitalization is the process of collecting data and information about the process then analysis done to extract some valuable information to present it to management  which help in increasing #efficiency , #productivity ,#optimization and #quality control of the process and products & help in predictive #maintenance of all field devices and machineries. #Digitalization requires connections for data transfer between #IT and #OT which enlarge attack surface on OT network and impose new #cyber risks that could affect its #availability and #integrity . ➡ From this point air gap between OT and IT become impossible. #iec62443 #otcybersecurity #icscybersecurity #icssecurity #iacsecurity #oilandgas #industrialautomation #cyber #oilandgas #ics   #ot #instrumentation #instrumentationandcontrol #cyberawareness #automation  #cyberriskmanagement #TahseenSaber