Joe Weiss, Managing Director for ISA99; William Cotter, Systems Engineering Specialist; Delfin Rodillas, Sr. Manager of SCADA
The growing presence of widely known and used Commercial Off-the-Shelf (COTS) systems in Industrial Control Systems (ICS) provides an increased opportunity for cyber attacks against ICS equipment. Such attacks, if successful, could have severe impact to not only process availability but also safety. Patch management is one particular area of cybersecurity which requires special attention when applied to ICS. It is part of a comprehensive cybersecurity strategy that increases cybersecurity through the installation of patches that resolve bugs, operability, reliability, and cyber security vulnerabilities. The ISA-TR62443‑2‑3 technical report, developed by the ISA 99 Working Group 6, addresses the patch management aspect of ICS cyber security. Also part of an effective strategy is the use of compensating cybersecurity controls to protect ICS systems from exploits and malware in between often long patching cycles. Novel network and host based technologies have recently become available to address even zero-day threats which bypass conventional signature-based approaches.
Attendees of this webinar will leave with a better understanding of:
-The unique aspects of ICS that entail a different and more rigorous approach to patch management than that used in business networks
- An overview of the ISA 99 standards efforts with detail review of the main aspects of the ISA-TR62443-2-3 Technical Report on Patch Management in IACS
- Advancements in compensating cybersecurity controls for protecting systems from zero-day threats