Explore practical attack simulations in Critical National Infrastructure (CNI) through this informative 21-minute conference talk. Delve into the importance of attack simulations and challenge traditional views of Industrial Control Systems (ICS). Examine threat models and typical architectures for field sites, process control, and complete CNI systems. Learn strategies to reduce testing risks, model threat actors effectively, and conduct collaborative whitebox testing. Discover the significance of team selection, finding security champions, and understanding the OT control chain. Gain valuable insights into enhancing security measures for critical infrastructure through practical attack simulations.
Overview
Syllabus
Intro
why bother with attack simulations?
Traditional view of ICS
Threat model
Typical architecture - Field site
Typical architecture - Process control
Typical architecture - Complete picture
Reduce testing risk
Model your threat actor
whitebox and collaborative
Take the ego out of testing
pick your team carefully
Find a security champion
OT control chain
Conclusions
Taught by
WEareTROOPERS
Related Courses
-
Ransomware in ICS - Impacting Critical Infrastructure and Operations
-
Conceptos de OT para Blue Teamers - Santiago Abastante & Matias Manassero - Ekoparty 2021: BlueSpace
-
Effective OT Incident Response for Industrial Control Systems - Webinar
-
The Sum of All Fears - When ICS - SCADA Are Compromised
-
OT Cybersecurity for IT Professionals - Understanding ICS Environments
-
Bringing Zero Trust to Industrial Control Systems
