From 7 to 9 March 2018, the Emerson Global users Exchange 2018 takes place in the World Forum, The Hague. Hudson Cybertec, the cyber security solution provider for the OT domain, will present “An inconvenient Truth About Vulnerability Analysis In IACS”. Thousands of participants from around the world gather at this annual event, from engineers to senior management. Together they visit over 180 sessions, mostly where industry peers share their experience. The event furthermore hosts a 5000m2 expo, where participants can obtain hands-on experience with innovative technologies.
Each year, the number of vulnerabilities in industrial automation and control systems (IACS) increases dramatically. Developments such as IIoT (Industrial Internet of Things) and LoRa (Long Range data communication) provide a greater exposure in this “hyperconnected” world. Threats such as ransomware and DDoS attacks will have a significantly increased impact.
To protect your industrial automation and control systems (IACS) and networks from malicious influences, it is important to investigate vulnerabilities regularly in a structured manner. A cyber security assessment is the best way to achieve this. An assessment gives organizations insight in the actual security situation, so they know where they stand. Often performing a pen-test comes to mind. But is running a pen-test within your IACS domain (e.g. your ICS and SCADA systems) appropriate? A good assessment gives attention to people, process and technology, the aspects that have an effect at cyber security within organizations. An assessment is the necessary first step to a responsible cyber security policy.
This presentation gives insight into different misconceptions regarding vulnerability analysis within the IACS domain. This presentation covers the differences between IT (Information Technology) and OT (Operational Technology) in the field of vulnerability analysis. These environments each have their own characteristics and must be approached differently to avoid adverse effects on your primary process. Especially for the IACS environment the IEC 62443 cyber security standard was developed and takes into account the specific circumstances of this environment. This standard helps your organization to mitigate specific IACS cyber security risks.
The presentation by Hudson Cybertec will give participants insight in several misconceptions regarding vulnerability analysis within the IACS domain.
For more information about the event, visit http://www.emersonexchange.org/emea/
