Industrial Control Systems: Understanding the Access Risks and Security Challenges
- LANGUAGE: English DATE: Thursday, November 09, 2017 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
For decades, Industrial Control Systems have evolved completely separately from traditional IT, with their own business drivers, requirements and regulations and proprietary hardware designs and network protocols. Needless to say, security from cyberattacks was never a priority for operational technology units responsible for managing those systems: after all, they weren’t even connected to office networks.
Things have changed dramatically in the recent years: since 2000s, many control systems have switched to commodity hardware and standard networking protocols. The convenience of remote management and monitoring has led to industrial networks becoming increasingly interconnected with corporate IT infrastructures. Also, the growing demand for collecting and analyzing vast amounts of data from sensors and controllers is fueling the growth of the Industrial IoT, which is to a large extent built on low-power computing devices directly connected to the Internet.
Such unprotected ICS and IIoT systems are no longer limited to manufacturing companies or utilities and in fact can now be found across all vertical sectors, including financial services, and cybercriminals are already learning to use them as gateways into corporate IT infrastructures. Unfortunately, people charged with management of those systems still have little or no knowledge of IT security. There is definitely a deficit of security responsibility in this crucial area, further complicated by the traditionally slow upgrade cycles in OT infrastructures, where hardware is expected to remain in service for over 10 years.
This webinar will analyze the risks of unprotected industrial networks, the impact of IIoT applications on control systems and how organizations can successfully manage these risks through effective identity and access management.
The topics we are going to discuss include:
- Why insecure industrial control systems are a common problem across many sectors including financial services.
- Who is responsible for ICS security in your organization and why this is not always properly defined.
- What types of cyberthreats are targeting ICS or using them as a gateway into IT infrastructures.
- How identity and access management applications are key to managing ICS security.
In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will present an overview of various types of industrial control systems and explain various terms like Operational Technology, SCADA, Industrial IoT, and more. He will provide a structured view of specific security challenges for the various types of OT systems. He will also identify which of these systems are targets of which cyberthreat types.
In the second part, Markus Westphal DACH Sales Manager at WALLIX, will introduce how companies can take back control over ICS / SCADA systems by utilizing Privileged Access Management (PAM). The WALLIX Bastion helps companies to prevent threats by providing one-point access to monitor and control all activity within your ICS: control internal and third party access, monitor activity, prevent insider threat and mitigate external threats.
A software company providing cyber security solutions, WALLIX Group is a European specialist in privileged account governance.
In response to recent regulatory change (NIS/GDPR in Europe and OVIs in France) and the cyber security threats affecting all companies today, Bastion helps users protect their critical IT assets: data, servers, terminals and connected objects. It is the first market solution to have been awarded first-level security certification (CSPN) by France’s National Cybersecurity Agency (ANSSI) and thus meet all of the criteria for regulatory compliance
WALLIX accompanies more than 770 companies and organizations on a day-to-day basis.Listed on Euronext under the code ALLIX, WALLIX Group is a leader on the PAM market with a strong presence throughout Europe and EMEA.
Digitalization evolves with the increased use of microcomputers in everyday objects like cars and smart fridges, but also in industrial applications. Therefore, communication between devices is growing accordingly. While connecting devices is supposed to make our lives easier, it poses a great challenge from a security standpoint. Every connection opens a potential backdoor for attackers to slip inside your network.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.
KuppingerCole analysts build upon competencies from comprehensive research, experience from highly topical PAM advisory projects and systematically expanded and advanced best practices. Our analysts and advisors offer a one-of-a-kind, multi-channel approach to modern knowledge transfer: the KuppingerCole Master Class Privileged Access Management. Webinars and webcasts, up-to-date research documents, an all-day classroom workshop with final exam and certification of the acquired skills lay the foundation for establishing the necessary technical and methodological knowledge in your own organization.