Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Industrial Cybersecurity

You're reading from Industrial Cybersecurity Efficiently secure critical infrastructure systems

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788395151

Length 456 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Pascal Ackerman

View More author details

Table of Contents (13) Chapters

Preface

1. Industrial Control Systems

2. Insecure by Inheritance FREE CHAPTER

3. Anatomy of an ICS Attack Scenario

4. Industrial Control System Risk Assessment

5. The Purdue Model and a Converged Plantwide Ethernet

6. The Defense-in-depth Model

7. Physical ICS Security

8. ICS Network Security

9. ICS Computer Security

10. ICS Application Security

11. ICS Device Security

12. The ICS Cybersecurity Program Development Process

The ICS security bubble analogy

An analogy I like use during conversations with customers is what I call the ICS security bubble strategy:

The idea is that in order to defend systems that are either too old to be updated with the latest security controls or systems that cannot handle security controls because of limited device resources, it helps to visualize the security strategy for such devices to placing them in a soap or glass bubble. The systems and devices in the bubble trust each other and are allowed to communicate unrestricted among each other. In order to be placed inside the bubble, systems must be verified to be free of malicious content and of importance to the ICS function. Systems outside of the bubble will have to use controlled and monitored conduits to communicate with systems inside. Any attempts to penetrate the bubble will cause it to pop or shatter, which is an easily detectable occurrence.

In this analogy, these are the observations:

The bubble represents the security...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Pascal Ackerman

Pascal Ackerman

Pascal Ackerman is a seasoned industrial security professional with a degree in electrical engineering and over 20 years of experience in industrial network design and support, information and network security, risk assessments, pentesting, threat hunting, and forensics. After almost two decades of hands-on, in-the-field, and consulting experience, he joined ThreatGEN in 2019 and is currently employed as managing director of threat services and research. His passion lies in analyzing new and existing threats to ICS environments and he fights cyber adversaries both from his home base and while traveling the world with his family as a digital nomad. Pascal wrote the previous edition of this book and has been a reviewer and technical consultant of many security books.

See other products by Pascal Ackerman

Other recommended products

Related to this chapter

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m