Book Image

Industrial Cybersecurity

By : Pascal Ackerman
Book Image

Industrial Cybersecurity

By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.

Related Content you might be interested in

Current Title:

Small book image
Industrial Cybersecurity
Pascal Ackerman
Oct, 2017 | 456 pages
Small book image
Industrial Cybersecurity
Pascal Ackerman
Oct, 2021 | 800 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Pentesting Industrial Control Systems
Paul Smith
Dec, 2021 | 450 pages
Table of Contents (19 chapters)
Title Page
Title Page
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Industrial Control Systems
Industrial Control Systems
An overview of an Industrial control system
The Industrial control system architecture
The Purdue model for Industrial control systems
Industrial control system communication media and protocols
Summary
2
Insecure by Inheritance
Insecure by Inheritance
Industrial control system history
Modbus and Modbus TCP/IP
PROFINET
Common IT protocols found in the ICS
Summary
3
Anatomy of an ICS Attack Scenario
Anatomy of an ICS Attack Scenario
Setting the stage
The Slumbertown paper mill
Trouble in paradise
What can the attacker do with their access?
The cyber kill chain
Phase two of the Slumbertown Mill ICS attack
Other attack scenarios
Summary
4
Industrial Control System Risk Assessment
Industrial Control System Risk Assessment
Attacks, objectives, and consequences
Risk assessments
A risk assessment example
Summary
5
The Purdue Model and a Converged Plantwide Ethernet
The Purdue Model and a Converged Plantwide Ethernet
The Purdue Enterprise Reference Architecture
Summary
6
The Defense-in-depth Model
The Defense-in-depth Model
ICS security restrictions
How to go about defending an ICS?
The ICS is extremely defendable
The defense-in-depth model
Summary
7
Physical ICS Security
Physical ICS Security
The ICS security bubble analogy
Segregation exercise
Down to it – Physical security
Summary
8
ICS Network Security
ICS Network Security
Designing network architectures for security
Summary
9
ICS Computer Security
ICS Computer Security
Endpoint hardening
Configuration and change management
Patch management
Endpoint protection software
Summary
10
ICS Application Security
ICS Application Security
Application security
Application security testing
ICS application patching
ICS secure SDLC
Summary
11
ICS Device Security
ICS Device Security
ICS device hardening
ICS device patching
The ICS device life cycle
Summary
12
The ICS Cybersecurity Program Development Process
The ICS Cybersecurity Program Development Process
The NIST Guide to Industrial control systems  security
The ICS security program development process
Summary

ICS application patching

After discovering vulnerabilities, the most effective mitigation process is to patch or update the vulnerable applications. If the application was developed in-house, a change request should be send to the development team. If neither a patch nor a fix is applicable, a compensating control should be applied. Compensating controls can consist of adding a firewall rule to block access to the vulnerable service of the application or the decision to shop around for a better product. Sometimes the compensating control can be the decision to do nothing at all. The decision of what to do depends on the criticality of the application and the specifics of the vulnerability.

ICS patch management is a complex process, largely because of the uptime requirements and the sensitive nature of the ICS equipment. Not including those found in level 3 - site operations, applications, systems, and devices in the industrial zone of an ICS are unlikely to be able to receive automatic updates...

Previous Section
End of Section 4
Next Section