Hi [[ session.user.profile.firstName ]]

SCADA Security: Why is it so hard?

SCADA security and advance persistent threats have now taken center stage. While the industry has some success in dealing with IT security, when it comes to industrial control systems or SCADA systems, we still have enormous challenges. This session will discuss why implementing SCADA security is s
SCADA security and advance persistent threats have now taken center stage. While the industry has some success in dealing with IT security, when it comes to industrial control systems or SCADA systems, we still have enormous challenges. This session will discuss why implementing SCADA security is so difficult, and discuss strategies to meet these challenges. I will discuss my experience working with large organizations with control system installations, and present how SCADA security can be deciphered.

The session will include:
- A very brief technical introduction to SCADA and industrial control systems
- SCADA systems under the hood, including SCADA protocols like MODBUS and DNP3 at the packet level
- Attacks on RTU, PLC, HMI, FEP, SCADA slaves and master stations
- Real world examples of successful and not-so-successful implementations of securing control systems and SCADA systems.
- How to use security tools, technical solutions and a change in mindset to address SCADA security
- Pointers on using the free open-source SCADA scanning tool

This presentation will help organizations trying to implement security measures for their controls systems and SCADA systems. It identifies hurdles that organizations face and will help avoid them, from mistakes made by others. It will help attended try out some tools and techniques when they get back from the conference. It will also help security vendors as well as vendors of SCADA systems to align their solutions to achieve a common goal. For attendees who are not familiar with in-depth SCADA security, the presentation will be an excellent introduction and fast forward to effective SCADA security implementation.
Recorded Feb 27 2012 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Amol Sarwate
Presentation preview: SCADA Security: Why is it so hard?
Recommended for you:
  • Date
  • Rating
  • Views
  • How do you reveal unknown risks on your network and enforce your security and compliance policies? What’s required to reduce your attack surface, detect and block advanced threats and rapidly respond to security breaches? Good Questions!

    Join us and learn the answers to these real-world problems and discover how ForeScout and FireEye’s joint solution reduces the threat landscape and automates security management and response, allowing you to:
    · Identify devices—including Internet of Things endpoints—the instant they connect to your network
    · Quickly detect advanced threats
    · Scan for indicators of compromise (IOCs)
    · Contain infected endpoints and automate threat response
    · Limit malware propagation and break the cyber kill chain

    Register today and learn to improve your company’s defenses against advanced threats and automate threat response!

    ---
    Speakers:
    Michael Resong, FireEye Director, Technology Alliances
    Michael has been with FireEye since April 2013. Before joining Technology Alliances, he led various systems engineering and architect teams at FireEye. Prior to FireEye, Micheal performed numerous systems engineering and management functions at McAfee, Secure Computing, Network Appliance and other leading technology companies.

    Amy De Salvatore, ForeScout Senior Director, Strategic Alliances
    Amy currently manages a team focused on a discreet portfolio of technology and go-to-market partners. As one of ForeScout’s top strategic partner liaisons, Amy manages the FireEye alliance, and is responsible for all development, marketing, engagement and delivery aspects of the relationship.
  • SentinelOne CEO and Co-Founder, Tomer Weingarten, discusses the challenges organizations face when trying to protect their endpoints, and why today's common defense systems are not working. Learn how SentinelOne's approach protects against all types of attacks, including exploits, without hogging valuable system resources.
  • Josh Downs, BrightTALK's Information Security Community Manager breaks down 3 must-watch webinars from February's Data-driven Security Summit:

    3. Business-lead and Threat-Focused Cyber Risk Management - Chris Verdonck, Global Cyber Strategy & Peter Wirnsperger, Cyber Risk Services, Deloitte

    2. Making Vulnerability Management Sexy, Again! - Amar Singh, Chair of ISACA's UK Security Advisory Group

    1. (mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success - Nik Whitfield, CEO, Panaseer

    To attend any of the above, see the URLs in the attachments.

    For more insights, follow Josh on @BrightTALK_Josh
  • Josh Downs, BrightTALK's Information Security Community Manager breaks down 3 must-watch webinars from February's Data-driven Security Summit:

    3. Business-lead and Threat-Focused Cyber Risk Management - Chris Verdonck, Global Cyber Strategy & Peter Wirnsperger, Cyber Risk Services, Deloitte

    2. Making Vulnerability Management Sexy, Again! - Amar Singh, Chair of ISACA's UK Security Advisory Group

    1. (mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success - Nik Whitfield, CEO, Panaseer

    To attend any of the above, see the URLs in the attachments.

    For more insights, follow Josh on @BrightTALK_Josh
  • Josh Downs, BrightTALK's Information Security Community Manager breaks down 3 must-watch webinars from February's Data-driven Security Summit:

    3. Business-lead and Threat-Focused Cyber Risk Management - Chris Verdonck, Global Cyber Strategy & Peter Wirnsperger, Cyber Risk Services, Deloitte

    2. Making Vulnerability Management Sexy, Again! - Amar Singh, Chair of ISACA's UK Security Advisory Group

    1. (mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success - Nik Whitfield, CEO, Panaseer

    To attend any of the above, see the URLs in the attachments.

    For more insights, follow Josh on @BrightTALK_Josh
  • Josh Downs, BrightTALK's Information Security Community Manager breaks down 3 must-watch webinars from February's Data-driven Security Summit:

    3. Business-lead and Threat-Focused Cyber Risk Management - Chris Verdonck, Global Cyber Strategy & Peter Wirnsperger, Cyber Risk Services, Deloitte

    2. Making Vulnerability Management Sexy, Again! - Amar Singh, Chair of ISACA's UK Security Advisory Group

    1. (mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success - Nik Whitfield, CEO, Panaseer

    To attend any of the above, see the URLs in the attachments.

    For more insights, follow Josh on @BrightTALK_Josh
  • Rejoignez ce webcast pour découvrir comment anticiper les nouveautés de l’accès mobile et les défis de sécurité avec le nouveau firmware Secure Mobile Access 11.3.

    Nouvelles fonctions :

    •Intégration Dell EMM/DMM : SSO avec conteneur Dell Mobile Workspace (iOS et Android pris en charge)
    •Nouvelle console CMS (Console Management System)
    •Délégation Kerberos contrainte (délégation KCD)
    •Accès sans client à SharePoint
    •Prise en charge de Chrome OS
    •Plus de clients HTML 5 pris en charge
    •Contrôle amélioré des protocoles SSL et Ciphers
  • BYOD poses a curious challenge for security teams – how can you secure enterprise data on a device that you don’t own? And how can you provide the necessary security while still respecting the user’s expectations for privacy? These issues aren’t easily addressed with traditional technology, leading many organizations to a frustrating problem for securing BYOD.

    Join Palo Alto Networks and VMware AirWatch in this special webinar to learn:

    · The security challenges with BYOD
    · The issues and limitations with traditional security architectures in a mobile world
    · Advice on delivering the appropriate security measures to make BYOD safe
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: SCADA Security: Why is it so hard?
  • Live at: Feb 27 2012 6:00 pm
  • Presented by: Amol Sarwate
  • From:
Your email has been sent.
or close
You must be logged in to email this