The need for visibility and security in ICS networks is growing, as recent incident such as the attack on an Ukrainian electric utility which involved the industroyer malware, or the incident at a middle eastern oil and gas refinery in which the TRISIS malware was identified.
Industrial control networks are not only vulnerable to attacks, but also lack visibility and security controls common in corporate IT networks. Contrary to popular belief, it is not difficult to attack these vulnerable networks. However, they are quite difficult to defend.
In this session we will examine what needs to be done in order to gain the visibility necessary to detect and respond to malicious and unauthorized activities in these networks.