This is a (long overdue) followup post of the talk I gave at the SANS ICS Summit in 2021 - a recording of this talk can be found on youtube: https://www.youtube.com/watch?v=Qpl8eI8Tn0s I suggest you to first look at the recording of the talk before reading further about some questions I have received during the talk.… Continue reading Cybersecurity testing for ICS – pitfalls and wins
Tag: SCADA
Resources to get into #ICS security
Recently I received some questions on what resources I would recommend within the ICS security space to learn more about this. So the question was more specifically about discussion groups, courses, books, certificates and so on... This was also a twitter thread from a while ago to which I responded with some information I share… Continue reading Resources to get into #ICS security
Security testing for ICS Owners – Back to Basics …
Why “Back to basics” regarding security testing? Well... during several previous security assessments that I have performed, I have run into a lot of the issues mentioned within the presentation I have given on this years CS3STHLM conference in Stockholm. Sometimes I also have the feeling that too much attention is given to technical and… Continue reading Security testing for ICS Owners – Back to Basics …
Operator Jail breakout
In 2018, I gave a presentation at the CS3STHLM conference together with Frank Lycops on Operator Jail breakouts. Operator Jails are meant to prevent process operators from having access to the underlying operating system (OS), so all access to the OS not required for the daily task is shielded from them ... or at least… Continue reading Operator Jail breakout
Importance of data integrity for safety in industrial environments
It is well known that the most important factor within the process industry is the availability of the systems and environment. The plant must be running at all times. That’s why most security improvement efforts are made in that area. However, the integrity of the information and data within the industrial control systems environment can’t… Continue reading Importance of data integrity for safety in industrial environments