Security Check Proces Automatisering:
Get Aware to Get Secure
Jacco van der Kolk,
Digital Trust Center
Johan de Wit,
Siemens Smart Infrastructure
ICS, OT, SCADA, PCS, DCS, IACS………..
OTICS-
SCADA
IACSPLC
DCS
OT: Operational Technology
ICS: Industrial Control System
IACS: Industrial Automation and Control System
SCADA: Supervisory Control And Data Acquisition
DCS: Distributed Control System
PCS: Process Control System
PLC: Programmable Logic Controllers
BMS: Building Management System
BMS
Welcome!
Jacco van der Kolk,
Digital Trust Center (DTC)
Part of
Ministry of Economic Affairsand Climate
Welcome!
CyberSecurity Alliance
Samen werken aan eenweerbaar en digitaal veiligNederland
door middel van publiek –private samenwerkingen
IT vs OT
Referentie:
TNO for GCCS 2015, Cyber Security of Industrial Control Systems, 2015
“Industrial Control Systems (ICS) and (office ) IT have historically been managed by separate organizational units.”
“ICS people do not consider their ICS to be IT.”
“ICS People lack cyber security education. The IT department, on the other hand, is unfamiliar with the peculiarities and limitations of ICS technology.”
IT <> OT, main differences
IT Systems vs OT systems
Component lifetime 3-5 Years
Availability requirements Medium, delays accepted
Real time requirements Delays accepted
Physical security High (for critical IT)
Patching Regular/scheduled
Anti-malware Standard/widely used
Security testing/audits Scheduled and mandated
Security Awareness High
Security Standards Existing and implemented
Up to 20 Years
Very High
Critical
Very much varying
Slow/not at all
Uncommon/hard to deploy
Occasional
Growing (we work hard on this)
Available/not widely used
“When it comes to policy on
critical infrastructure, focus more
attention on
the chains and networks that
support key processes.”
De tool: Wat heb JIJ eraan?
“There are large differences in cyber resilience
between organizations.”
“SME’s do not have the expertise and resources to
raise their cyber resilience.”
“Experts fear that these differences will widen in
the upcoming years.”
“To raise cyber resilience and close the gap we
need public-private initiatives.”
De tool: Wat heb JIJ eraan?
Top Related