Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Industrial Cybersecurity

You're reading from Industrial Cybersecurity Efficiently secure critical infrastructure systems

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788395151

Length 456 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Pascal Ackerman

View More author details

Table of Contents (13) Chapters

Preface

1. Industrial Control Systems

2. Insecure by Inheritance FREE CHAPTER

3. Anatomy of an ICS Attack Scenario

4. Industrial Control System Risk Assessment

5. The Purdue Model and a Converged Plantwide Ethernet

6. The Defense-in-depth Model

7. Physical ICS Security

8. ICS Network Security

9. ICS Computer Security

10. ICS Application Security

11. ICS Device Security

12. The ICS Cybersecurity Program Development Process

ICS application patching

After discovering vulnerabilities, the most effective mitigation process is to patch or update the vulnerable applications. If the application was developed in-house, a change request should be send to the development team. If neither a patch nor a fix is applicable, a compensating control should be applied. Compensating controls can consist of adding a firewall rule to block access to the vulnerable service of the application or the decision to shop around for a better product. Sometimes the compensating control can be the decision to do nothing at all. The decision of what to do depends on the criticality of the application and the specifics of the vulnerability.

ICS patch management is a complex process, largely because of the uptime requirements and the sensitive nature of the ICS equipment. Not including those found in level 3 - site operations, applications, systems, and devices in the industrial zone of an ICS are unlikely to be able to receive automatic updates...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at AU $24.99/month. Cancel anytime

Authors (1)

Pascal Ackerman

Pascal Ackerman

Pascal Ackerman is a seasoned industrial security professional with a degree in electrical engineering and over 20 years of experience in industrial network design and support, information and network security, risk assessments, pentesting, threat hunting, and forensics. After almost two decades of hands-on, in-the-field, and consulting experience, he joined ThreatGEN in 2019 and is currently employed as managing director of threat services and research. His passion lies in analyzing new and existing threats to ICS environments and he fights cyber adversaries both from his home base and while traveling the world with his family as a digital nomad. Pascal wrote the previous edition of this book and has been a reviewer and technical consultant of many security books.

See other products by Pascal Ackerman

Other recommended products

Related to this chapter

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m