CySER Virtual Seminar – Industrial Cybersecurity: Ask Different Questions
About the event
Title: Industrial Cybersecurity: Ask Different Questions
Speaker: Andrew Ginter
Abstract: Industrial Control Systems (ICS) and Operational Technology (OT) differ from Information Technology (IT) systems in many ways – both deep differences and superficial. The deep difference cybersecurity-wise is consequence – worst-case consequences of cyber compromise of ICS/OT systems are very often completely unacceptable, and this drives cybersecurity decision making in ways that can seem alien to enterprise security practitioners. The world’s most consequential and most secure industrial sites ask different questions, and so get different answers, when it comes to security. In this seminar we take a lightning tour of the ICS/OT cybersecurity space – from the superficial (what are ICS/OT systems and how they work) to the fundamental (what are engineering-grade protections and where must we use them to mitigate threats to public safety and national security). Along the way we look at recent state changes in the OT threat environment, perennial IT/OT integration problems, and the latest thinking in the space – Cyber Informed Engineering.
Speaker Bio: Andrew Ginter is VP of Industrial Security at Waterfall Security Solutions and is the author of three books on industrial security, a co-author of the Industrial Internet Security Framework and UITP Guide to Rail System Cybersecurity Purchasing, and co-host of the Industrial Security Podcast. He spent a decade developing industrial control system products and half a decade developing middleware products that connect control systems to SAP. That middleware resulted in a lot of OT networks connected to IT networks and thus contributed to the cybersecurity problems that now plague many industries. He wound up CTO at Industrial Defender, leading development of the world’s first industrial SIEM. Now at Waterfall Security, Andrew leads a small team of experts who work with the world’s most secure industrial sites. He and his team contribute regularly to cybersecurity standards and best-practice guidance.
Learn more about CySER: cyser.wsu.edu