2022 Industrial Cyber Security

Monday, October 24, 2022 — 8:00 AM- 4:30 PM

This ever-changing technology landscape provides a fertile battleground for cyber threats and attacks.

Agenda

8:00 am
Int’l Soc. of Automation: ISASecure intro & overview of ISA/IEC 62443 solution sets for Systems (3-1, 3-2, 3-3) and Components (4-1, 4-2)

Andre Ristaino, Managing Director, ISA

Mr. Ristaino oversees three consortiums related to cybersecurity for ISC, an ANSI accredited standards development organization (SDO) and publisher of the international ISA/IEC 62443 cybersecurity standards for automation and control systems. The IEC designated ISA/IEC 62433 as a “technical horizontal” standard and it is now the de-facto standards for securing critical infrastructure in the U.S. and globally. His presentation will cover the history of those standards and its current status.

9:00 am
Idaho National Labs (INL) Overview of Cybersecurity Research, ICS COP w/focus on Cyber-CHAMP©

Dr. Shane D. Stailey, Organizational Cybersecurity Development & Training Strategist, Idaho National Laboratory
Glenn Merrell, Owner & Freelance Consultant, Industrial Control System Security

There is a pervasive talent deficit in the cybersecurity industry that prevents employers from being able to effectively fill their open positions  and upskill existing employees to work in or maintain appropriate levels of cyber competency within their organizations. Without an understanding of those deficits, companies can struggle to efficiently plan, develop, and deploy effective security programs.

The Cyber-Competency Healthy and Maturity Progression (Cyber-CHAMP©) aims to help. The model provides a customized solution for businesses to:

• Understand their security program and personnel gaps
• Bring focus to  closing current security gaps
• Align education and training needs to  address security gaps in personnel competency
• Continually monitor and improve by having at the ready, cybersecurity workforce development visuals, metrics, and measurements

Cyber-CHAMP© provides several visual products, metrics, and measurements to help an organization build their current and target risk profiles and helps build a structure to examine competencies across an organization’s workforce. It also offers recommendations and roadmaps for improvement across the organization to increase the organization’s cybersecurity via improving the cyber cognizance and competency of individuals across the organization.

10:00 am
Cyber Ranges – For Gaining the Valuable Experience Needed now and Henceforward

Craig Cocciola, VP Cyber Range Operations, ABL Cyber Range and Academy|
Susan Morris, SVP, Co-Owner, ABL Cyber Academy and Cyber Range

The job roles in both OT and IT Cybersecurity require the highest levels of competency and proficiency in situational awareness, critical thinking, and job role task specific actions. Cyber ranges provide great hands-on learning opportunities in many areas of cyber security, such as:

• INL’s Consequence-driven Cyber-informed Engineering (CCE)
• ISA/IEC 62443 series of standards, developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC)
• NIST Framework 800-82 Rev. 3 – Guide to Operational Technology (OT) Security
• NICE recommendation for the use of cyber ranges in cybersecurity education and training

Cyber ranges differ in terms of quality, price, and customization. New ranges pop up often, requiring due diligence to ensure you’re choosing the correct one for your needs. The most valuable offer learners industry specific training relevant to the job role being performed. The range design must have:

• Learning experiences are consistently updated to meet threat actors’ ever-changing APT strategies and tools
• Influence and persuasiveness, ensuring the learner chooses to invest the effort in acquiring new skills
• Use of digital twin technology to provide virtualized representations of real-world scenarios. (Not sure what this means?)
• Capability to map job role skills’ development using the NICE Framework Mapping Tool
• Ability to meet the needs of the 16 Critical Infrastructure Sectors
• Dynamic learning for ongoing, rapid upskilling and verifiable transfer of skills to the job
• Actionable metrics and proficiency reporting to verify competency of industry standards
• Skills and tools to scan systems and devices for vulnerabilities, more efficient recognition, mitigation, and obstruction of attacks
• Nexus of multi-level learning for:
  • New hires and all incumbent levels
  • OT workforce pipeline to gain job role experience during critical OT/IT education at colleges, universities, and inside organizations
  • Filling organizational job role skills gaps identified from, for example, Cyber-CHAMP©

11:00 am

International Society of Automation (ISA) Deeper Dive: Working Group 10 Details and new Technical Report Rollout

Glenn Merrell, Owner & Freelance Consultant, Industrial Control System Security
Dr. Shane D. Stailey, Organizational Cybersecurity Development & Training Strategist, Idaho National Laboratory

Problem Statement:
Non-control system professionals may feel application of the ANSI/ISA/IEC 62443 program and lifecycles are somewhat burdensome and/or confusing, certainly those with a discipline in Information Technology.

Dissertation:
Extreme Risk injected into your IACS Security Lifecycle may not be hackers, but rather from the absence of cognizance, knowledge, and recognition training of the risks inherent in the IACS/ICS.

Without proper focused training of the physical vulnerabilities that can endanger or restrict control system functions, a control system cannot be properly secured.   Techniques and methods of securing control systems that do not address field device, instrumentation, and measurement, such as vibration, temperature, and pressure, leave significant vulnerability open to exploit.

The upcoming ANSI/ISA TR62443-1-4 Program, Lifecycles and Use Cases proposes a deeper review of the application of ANSI/ISA/IEC 62443 explaining its program’s, its lifecycle’s, and  reference application examples through various use cases.

This Technical Report explains why a properly designed, instituted, deployed, and practiced security management system is critical to the success of securing control system functions.

In addition to identifying differences in risk between ITandOT cybersecurity, an outline overview of the upcoming Standard series Technical Report; TR62443-1-4 Program, Lifecycle and Use Cases will be presented covering this in-development Technical Report, progressing toward release in early 2023.

11:50 am
Strategy Break

1:00 pm

ABL Virtual Cyber Range Implementation Details

Susan Morris, SVP, Co-Owner, ABL Cyber Academy and Cyber Range
Craig Cocciola, VP Cyber Range Operations, ABL Cyber Range and Academy

Each organization, college, and university require an implementation plan, unique to their sector, OT or IT systems, and current state of cyber OT and/or IT workforce competence.

The foundational tenet of a range implementation plan is the alignment of supporting organizations who interconnect for success assurance.

The common steps for a range implementation across industries and sectors will be presented and discussed in three basic steps:

• Step 1:  Preparation 
• Step 2:  Initial deployment
• Step 3:  Ongoing maintenance and update training content

Subordinate steps will change based on the organization’s and/or educational institution’s current and desired state of skills offerings and workforce development strategies and paths.

A Cyber Range may be out of reach for many SMB’s (Small-Medium Businesses) and ABL has implemented a Virtual Cyber Range configurable to most IT scenarios and now growing into OT. Cybersecurity for Critical Infrastructure.  This subscriber service is a flexible model enabling customized content creation.  Please join us to learn more and make a connection.

2:00 pm

State of the Art IoT Cybersecurity

Joel Hollenbeck, Office of the CTO, Head of Engineering, Check Point Software Technologies, Ltd.

This session will discuss where cyber security efforts are at today, what needs to be done to improve cyber security efforts and improve how cyber security efforts are applied to the world of IoT. Everything from Industrial Control Systems to SmartWatches represent nuanced and unique infrastructure diversity challenges that make the application and development of tool sets, and control of said cyber security environments different from those in traditional IT environments.

3:00 pm

Securing IT and OT Convergence is a Team Sport

Bryan Gillson, Head of Vertical Strategy, Ordr

For decades, manufacturing, utility operations, and transportation have relied on operational technology (OT systems) for daily functions. These systems have stood apart from the traditional IT and IoT structure, and placed reliability, production output and safety as foremost. Two forces are upsetting the status quo – the drive towards digital transformation and the ever-aggressive attacks on security that can bring operations to a halt.  

In this session, Bryan Gillson, Head of Vertical Strategy at Ordr, discusses the considerations for a secure path towards digital transformation. Connected devices now span IT, IoT and OT, and increase the risk landscape. At the same time, IT and security teams may have differing priorities from OT leaders. Bryan will share considerations for a security strategy to protect the converged environment, and tactics to align IT, IoT and OT teams.

4:00 pm

Dunwoody Presentation:  New Cybersecurity Initiatives

E.J. Daigle, Dean of Robotics & Manufacturing, Dunwoody College of Technology
Julie McFadden, Director of Computer Technology Problems, Dunwoody College of Technology

Cybersecurity, compliance, and risk have become the world’s most pressing issues. Lack of shared norms, rampant cybercrime, uneven knowledge and competency, and the threat landscape of connected devices create pressing challenges for the future.  Drawing on Dunwoody College of Technology’s national acclaim, expertise, and programs in both Information Technology (IT) and Operational Technology (OT), the New Cybersecurity Initiatives steps into this landscape, highlighting the recent teaming of Dunwoody’s computer and industrial automation programs to bridge the gap between IT and OT cybersecurity.  This session will include a demonstration of Dunwoody’s newest educational asset, the Process Controls & Instrumentation Lab, that provides students and educators the opportunity to play out real-world scenarios, preparing the next generation of cybersecurity graduates and practitioners for immediate impact across industries and critical infrastructure.

Thank you to our Seminar Supporters

Thank you to our Program Co-chairs

Tom Smertneck, Energy Aspects LLC
Paul Veeneman, Beryllium InfoSec Collaborative

Sponsorship Opportunities

To learn about available sponsorship opportunities, contact Jennifer Churchill at 763-548-1306 or jennifer.churchill@eventshows.com.

---

Click here to go back to the 2022 Virtual Summit site.