what's the big deal with assessing ics/scada?
TRANSCRIPT
![Page 1: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/1.jpg)
What’s the Big Deal with Assessing ICS/SCADA?
![Page 2: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/2.jpg)
Jim Gilsinn
• 4 Years Senior Investigator, Kenexis Consulting
• 20 Years Electronics Engineer, NIST Engineering Lab
• Got my first certification less than a year ago
• @JimGilsinn
![Page 3: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/3.jpg)
Why Am I Here?
• ICS/SCADA systems are an extension of IT systems
• ICS/SCADA systems are being connected to IT systems
• ICS/SCADA systems don’t behave like IT systems
• ICS/SCADA systems are now being scrutinized
![Page 4: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/4.jpg)
Traditional ICS/SCADA• ICS = Industrial Control Systems• DCS = Distributed Control Systems• SCADA = Supervisory Control And Data Acquisition
![Page 5: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/5.jpg)
Non-Traditional ICS/SCADA or “Control Systems”• Building automation systems• Heating, ventilation, and air conditioning (HVAC) systems• Energy monitoring & conservation systems• Fire monitoring & suppression systems• Physical security systems• Traffic monitoring & control systems• Sensor networks
![Page 6: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/6.jpg)
If You Live Here…
![Page 7: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/7.jpg)
If You Live Here…
![Page 8: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/8.jpg)
If You Live Here…
![Page 9: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/9.jpg)
If You Live Here…
![Page 10: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/10.jpg)
If You Live Here…
![Page 11: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/11.jpg)
What Do A Lot Of Assessors Do?
• Discover ICS/SCADA systems inadvertently!
• Knock things over accidentally!
• Avoid them like the plague!
• There is a better way!
![Page 12: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/12.jpg)
Understand the Risks
![Page 13: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/13.jpg)
Understanding the Risks
• Talk to the customer!
• Very few assessment steps have a “Crater Factor”
• Most problems lead to system downtime
• Unplanned downtime is real $$$
![Page 14: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/14.jpg)
Determine What The Customer REALLY Wants
• Passive Network Assessment
• Vulnerability Assessment
• Penetration Test
![Page 15: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/15.jpg)
Figure Out How To Tailor Tools For Use
• Most are IT tools tailored for ICS/SCADA
• Slow things down
• Don’t be aggressive
• Second guess the tools
![Page 16: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/16.jpg)
Questions To Ask – Pre-Engagement
• PPE = Personal Protective Equipment?
• Safety training?
• Can we actually plug in?
• Logistics of communication?
• Where/how are we allowed to store data?
![Page 17: What's the Big Deal with Assessing ICS/SCADA?](https://reader036.vdocuments.site/reader036/viewer/2022062401/5878e2ee1a28abfa038b4dcd/html5/thumbnails/17.jpg)
Questions To Ask – During Engagement
• What are the risks?
• Walk-down?
• Will someone be monitoring the system?
• How do we report thing?