Industrial Control Systems: Understanding the Access Risks and Security Challenges
- LANGUAGE: English DATE: Thursday, November 09, 2017 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
For decades, Industrial Control Systems have evolved completely separately from traditional IT, with their own business drivers, requirements and regulations and proprietary hardware designs and network protocols. Needless to say, security from cyberattacks was never a priority for operational technology units responsible for managing those systems: after all, they weren’t even connected to office networks.
Things have changed dramatically in the recent years: since 2000s, many control systems have switched to commodity hardware and standard networking protocols. The convenience of remote management and monitoring has led to industrial networks becoming increasingly interconnected with corporate IT infrastructures. Also, the growing demand for collecting and analyzing vast amounts of data from sensors and controllers is fueling the growth of the Industrial IoT, which is to a large extent built on low-power computing devices directly connected to the Internet.
Such unprotected ICS and IIoT systems are no longer limited to manufacturing companies or utilities and in fact can now be found across all vertical sectors, including financial services, and cybercriminals are already learning to use them as gateways into corporate IT infrastructures. Unfortunately, people charged with management of those systems still have little or no knowledge of IT security. There is definitely a deficit of security responsibility in this crucial area, further complicated by the traditionally slow upgrade cycles in OT infrastructures, where hardware is expected to remain in service for over 10 years.
This webinar will analyze the risks of unprotected industrial networks, the impact of IIoT applications on control systems and how organizations can successfully manage these risks through effective identity and access management.
The topics we are going to discuss include:
- Why insecure industrial control systems are a common problem across many sectors including financial services.
- Who is responsible for ICS security in your organization and why this is not always properly defined.
- What types of cyberthreats are targeting ICS or using them as a gateway into IT infrastructures.
- How identity and access management applications are key to managing ICS security.
In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will present an overview of various types of industrial control systems and explain various terms like Operational Technology, SCADA, Industrial IoT, and more. He will provide a structured view of specific security challenges for the various types of OT systems. He will also identify which of these systems are targets of which cyberthreat types.
In the second part, Markus Westphal DACH Sales Manager at WALLIX, will introduce how companies can take back control over ICS / SCADA systems by utilizing Privileged Access Management (PAM). The WALLIX Bastion helps companies to prevent threats by providing one-point access to monitor and control all activity within your ICS: control internal and third party access, monitor activity, prevent insider threat and mitigate external threats.
A software company providing cybersecurity solutions, WALLIX Group is a European specialist in privileged account governance.
Privileged access management solutions help large and medium-sized enterprises, public organizations and cloud service providers to protect their critical IT assets including data, servers, terminals and connected devices.
Wallix AdminBastion Suite (or WAB Suite) gives the most effective route to security and compliance by reducing its users’ biggest security risk – privileged access to IT – in the shortest possible time.
Customers report that deploying WAB Suite requires only 40% of the time needed for a similar deployment of a leading competitor. This led a leading analyst to conclude “WALLIX offers the fastest route to compliance".
While businesses race ahead with digital transformation, security and identity management are often being left behind. The complexity of modern organizations of all sizes has undermined the traditional concepts of privileged access management (PAM) and privileged account usage. Help desks and IT security teams are often too busy and understaffed to be able to give PAM the attention it deserves.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.
Attend this KC Master Class to learn how to protect privileged accounts of your company. Based on many years of experience, KuppingerCole Analysts will deliver practical knowledge on password management and automatic rotation, enforcement of the least privilege principle, vulnerability identification, risk management, central analysis, session management and monitoring, and efficient, comprehensive auditing. In four chapters, you will receive a multi-channel training including interactive online sessions, up-to-date research documents and an all-day workshop with final exam at the European Identity & Cloud Conference 2020 in Munich, Germany. Step-by-step KuppingerCole Analysts will turn you into a PAM Master that meets and exceeds privileged access management challenges of the 2020s!