Industrial Control Systems: Understanding the Access Risks and Security Challenges
- LANGUAGE: English DATE: Thursday, November 09, 2017 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
For decades, Industrial Control Systems have evolved completely separately from traditional IT, with their own business drivers, requirements and regulations and proprietary hardware designs and network protocols. Needless to say, security from cyberattacks was never a priority for operational technology units responsible for managing those systems: after all, they weren’t even connected to office networks.
Things have changed dramatically in the recent years: since 2000s, many control systems have switched to commodity hardware and standard networking protocols. The convenience of remote management and monitoring has led to industrial networks becoming increasingly interconnected with corporate IT infrastructures. Also, the growing demand for collecting and analyzing vast amounts of data from sensors and controllers is fueling the growth of the Industrial IoT, which is to a large extent built on low-power computing devices directly connected to the Internet.
Such unprotected ICS and IIoT systems are no longer limited to manufacturing companies or utilities and in fact can now be found across all vertical sectors, including financial services, and cybercriminals are already learning to use them as gateways into corporate IT infrastructures. Unfortunately, people charged with management of those systems still have little or no knowledge of IT security. There is definitely a deficit of security responsibility in this crucial area, further complicated by the traditionally slow upgrade cycles in OT infrastructures, where hardware is expected to remain in service for over 10 years.
This webinar will analyze the risks of unprotected industrial networks, the impact of IIoT applications on control systems and how organizations can successfully manage these risks through effective identity and access management.
The topics we are going to discuss include:
- Why insecure industrial control systems are a common problem across many sectors including financial services.
- Who is responsible for ICS security in your organization and why this is not always properly defined.
- What types of cyberthreats are targeting ICS or using them as a gateway into IT infrastructures.
- How identity and access management applications are key to managing ICS security.
In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will present an overview of various types of industrial control systems and explain various terms like Operational Technology, SCADA, Industrial IoT, and more. He will provide a structured view of specific security challenges for the various types of OT systems. He will also identify which of these systems are targets of which cyberthreat types.
In the second part, Markus Westphal DACH Sales Manager at WALLIX, will introduce how companies can take back control over ICS / SCADA systems by utilizing Privileged Access Management (PAM). The WALLIX Bastion helps companies to prevent threats by providing one-point access to monitor and control all activity within your ICS: control internal and third party access, monitor activity, prevent insider threat and mitigate external threats.
A software company providing cybersecurity solutions, WALLIX Group is a European specialist in privileged account governance. In response to recent regulatory change (NIS/GDPR in Europe and OVIs in France) and the cybersecurity threats affecting all companies today, the Bastion helps users protect their critical IT assets: data, servers, terminals and connected objects.
It is the first market solution to have been awarded first-level security certification (CSPN) by France’s National Cybersecurity Agency (ANSSI) and thus meet all of the criteria for regulatory compliance.
WALLIX accompanies more than 770 companies and organizations on a day-to-day basis. Its solutions are marketed through a network of more than 160 resellers and trained and accredited integrators.
Businesses are increasingly embracing new technologies to enhance existing processes and enable new business models and revenue streams through Digital Transformation. Service-based business IT, however, is not without challenges, particularly around access governance and control. Digital Transformation is all about enabling everyone and everything to connect seamlessly to new digital services, to facilitate value exchange while still ensuring regulatory compliance, faster product innovation, secure remote working capabilities, and multi-channel consumer access despite ever-tightening budgets.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from September 13 - 16, 2021, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 1000 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.