During the second week of February, information security professionals will head over to San Francisco to attend RSA, one of The State of Security's top 13 conferences for 2017. The conference is primarily focused on information security-related topics and typically draws over 45,000 attendees per year, making it one of the largest information security related events in the world. One particular area at RSA are the so called Sandboxes. These offer a range of full hands-on interactive experiences to test your information security skills supplemented with presentations given by industry experts. By combining both hands-on opportunities and presentations, we tend to both demo and discuss on how pervasive computing and connectedness will inevitably lead to a broader threat landscape. The ICS Sandbox covers a topic that is nowadays more often mentioned in the news, namely, the systems that control our Critical Infrastructure. These are defined in the Presidential Policy Directive 21 (https://www.dhs.gov/critical-infrastructure-sectors) and count 16 different Critical Infrastructure Sectors whose assets, systems, and computer/process control networks are considered so vital to the United States that their unavailability or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof because they act as the backbone of our modern society. Its underlying Industrial Control Systems (ICS) has come to the forefront of businesses, governments, and organizations since these are becoming more interconnected with new technologies such as the Industrial Internet of Things (IIOT). In order for the attendees to gain more situational awareness about the do’ and don’t within the realm of IIOT, discussion sessions have been planned under the supervision of security researchers and security professionals, who will share their experience from both the research and in-the-field point of view. At the ICS Sandbox ,we will deep dive upon the challenges we nowadays face by means of hands-on demo environments and supplemented with presentations given by industry professionals. Interesting to note is that an ICS cyberattack simulation will be shown. During that demonstration, we can think/discuss the potential implications of having a more interconnect control systems such as smart cities on the grid. Whilst the attack surface is not completely limited, sessions will provide some more insight on the anatomy of industrial cyberattacks. These threats that define our present threat landscape often define the way by which we tend to defend our organisation. Knowing that not all vulnerabilities can be mitigated means alternative solutions are needed. Moreover, the communication gap between the business and operations remains. Besides the technical aspects, attention will also be given to the organizational point of view on how organizations gradually can improve the maturity of their critical infrastructure. The agenda of the ICS Sandbox consists of following presentations:
- Cyber, an Evolving Ecosystem: Creating the Road for Tomorrow's Smart Cities
- Fact or FUD? ICS Cyberattack Simulation and Impact Analysis Fun for the Whole Family
- Anatomy of Industrial Cyberattacks
- Safety First! Strategic Solutions to Protect the Industrial Internet of Things
- Game Plan for Security: Understanding ICS/SCADA Cybersecurity Threats, Vulnerabilities, Vectors, and Attack Methods
- IIOT vulnerabilities, where do they lie?
- Adding Security to Your ICS Environment? Fine! But How?!
Finally, as with every security conference, we encourage you to engage with both the ICS Sandbox organizers and speakers. Securing our critical infrastructure is not a one woman/man job! Working together, communicating openly, and collaborating with each other will be beneficial to increase our overall maturity level. We look forward to seeing you at the ICS Sandbox! About the Authors:
Larry Vandenaweele (@lvandenaweele) works for a consulting firm in Belgium focusing on Industrial Control System Security. Before beginning his professional career, he did charity work in the Philippines. Larry is co-organizer of the ICS and IoT Village at BruCON which debuted in 2015. He is also co-organizing the World Run by Hackers which is a yearly running event in Las Vegas. He holds a BSc in New Media and Technology with focus areas in security and virtualisation and is currently pursuing a Master's degree in Information Security at Royal Holloway, University of London.
Tom VanNorman (@Tom_VanNorman) Tom has been working in the Instrument and Controls field for the past 20 years. He is currently employed by Counter Hack as a Sr. Technical Staff member and has worked for companies such as Roche Vitamins, CH2M HILL, ImClone Systems, Phoenix Contact and is retired from the Air National Guard. Tom focus area has been working on securing Industrial Control Systems and the networking of such systems. Tom currently holds a Certified Control System Technician certification through ISA , Certified Information Systems Security Professional (CISSP) through ISC(2), Global Industrial Cyber Security Professional (GICSP) and Certified Incident Handler (GCIH). Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
