Industrial Control Systems Cyber Security Advanced Training

Industrial Control Systems Cyber Security Training   Looking for Industrial Control Systems Cyber Security Advanced Training? Then this Abhisam course is the one that you’re looking for. Composed on several modules that include everything from Basic Concepts of Industrial Control Systems as well as Basic Concepts about cyber security, this Abhisam training course has them all. The Advanced Module of this course includes current topics such as the MITRE ATT&CK for ICS model and how you can use it to evaluate your own Industrial Control System, honeypots, using online services including  SHODAN to locate vulnerable systems and more. You even get to participate in a Red Team/Blue Team tabletop exercise known as the Abhisam Cybersecurity Thriller to have a real world experience and get to know how Industrial Control Systems cybersecurity is affected by other incidents. The recent Colonial Pipelines ransomware attack showed everybody how a cyber attack on critical …

Read more

Supply Chain Attacks in 2021- ICS Security implications

Supply Chain attacks are something to watch out for In the recently published Abhisam Industrial Cybersecurity Report, we had mentioned supply chain attacks, as something to watch out for in 2021. We never imagined that we would be so right. As the year 2021 progresses, we  are witnessing increasing incidents of supply chain cyberattacks. These supply chain attacks are pretty broad in scope and are not just related to the Industrial Control System devices, such as DCS controllers or  SIS Logic Solvers but also COTS IT network components such as Routers, Switches and so on. What are Supply Chain attacks? A supply chain attack happens when the components that make up the IT system (or the OT system), are attacked like the famous Solarwinds attack. Solarwinds is a software company that sells network management tools. Solarwinds own servers got attacked and these servers began updating their customer’s computer systems with …

Read more

NIST Guide to ICS Security- Call for comments

The National Institute of Standards and Technology (NIST) that is a part of the US Department of Commerce has invited public comments to update the existing NIST Guide to Industrial Control Systems (ICS) Security, SP 800-82 Rev 2 to SP 800-82 (Rev 3). The deadline for comments is May 28, 2021. An Initial Public Draft of the update, which will be published as SP 800-82 Rev. 3, is scheduled for a late 2021/early 2022 release. The original document was published in the year 2015 and the threat landscape as well as what we refer to as Industrial Control Systems have changed drastically. What new stuff should be included in SP 800-82? NIST is aware of changes to the threat landscape regarding ICS security and also about what really can be considered as an Industrial Control System. and therefore are in the process of updating this guide. They have invited public …

Read more

Cyber security – Oil and Gas industries

This paper  related to cyber security oil and gas industries, is available as a part of the Abhisam Industrial Cybersecurity report, which can be downloaded now. Author: H Sreedhar. Recent History of Automation in Oil & Gas   The Oil and Gas industry (O & G for short) has been a pioneer in embracing digital technology. It was one of the first industrial sectors to transition to Distributed Control Systems(DCS), from analog electronic control equipment and pneumatic instruments. This transition started in a big way, about 35 years ago, when DCS were a “hi-tech” thing.   O & G is still a tech pioneer, in the era of Industry 4.0 and the Industrial IoT. It quickly embraced concepts like the Digital Oilfield. However, this has led to newer problems related to security. The development of digital control systems and the networking, particularly with the internet, has led to increased risk …

Read more

Industrial Cybersecurity Trends | What to expect from ICS security in 2021 and beyond?

Abhisam recently published a report on the State of Industrial Cybersecurity in the year 2020 and the road ahead in 2021. The report was compiled by contributions from several different experts from various industry segments, who are individually having at least 25 years of experience in their own domains as well as having  deep knowledge about Industrial Cybersecurity. To understand the basics, please see this basic Industrial Cybersecurity guide here. We received feedback from several sources that they highly appreciated the report and found it useful to get a perspective of ICS security trends today. The report can be freely downloaded from the link above. You can use it for any non-commercial use with proper attribution. One of the contributions was from the Abhisam management. We are pleased to post an excerpt from it here, which regards what to expect in the field of Industrial Cybersecurity in the year 2021 …

Read more

Industrial Cybersecurity Report 2020 and the road ahead in 2021

Abhisam has published the much awaited Industrial Cybersecurity Report 2020, that gives you a snapshot of the state of Industrial Cyber security in the year 2020 and the path ahead in 2021. The report can be downloaded by anybody from here https://www.abhisam.com/Reports/IndustrialCybersecurityReport2020.pdf   About the Report The report has been compiled by Abhisam and has articles by Industry professionals from different sectors such as Oil & Gas, Water & Wastewater treatment, Automation System suppliers, Industrial Cybersecurity consulting, Automotive and others. It is a completely vendor neutral document and can be used freely for any noncommercial purpose with due credits. It also includes security insights from the Industrial IoT field, which is seeing more traction today as manufacturing becomes more hi-tech.   Why was this Report made? The main reason for coming out with such a report was that there does not seem to be a lot of publicly available information, …

Read more

ICS cyber security in 2020- and the road ahead in 2021

Update (16 Oct 2020) :We have started receiving contributions/paper submissions for inclusion in this report. If you have not yet sent in your thoughts, please do so at the earliest. We will be publishing this report by end October 2020 or latest by early November 2020. A lot of exciting insights from Industry leaders and professionals will be included. The ICS Cyber security field has seen a lot of happenings this year in 2020 such as : Key ICS Cyber Security Developments 2020 1. US President Donald Trump issuing an Executive Order regarding cyber security of the bulk electric supply and power grid in May 2020. This also included among other things securing the electric power utilities from supply chain attacks (using compromised components with backdoors that can be exploited at some time in future by adversaries). This was after he extended the National Cyber emergency state in March 2020. …

Read more

ICS cyber security training becomes exciting

Now ICS cyber security training has become more exciting than ever. Abhisam has added an assignment module in the Industrial Cybersecurity training program, where enrolled learners take part in an exciting thriller. Background As you know this training program leads to industrial control systems security certifications that you must have, in today’s industrial automation world. Plant Owners, process licensors, utility companies, engineering design consulting companies, EPC contractors and even regulatory authorities have started insisting on plant industrial automation and control systems, as well as safety instrumented systems to be designed in such a manner as to ensure cybersecurity. Cyber attacks on plants and facilities are growing and because these control and automation systems control physical assets (cyber-physical systems), it is all the more critical to ensure that the bad guys cannot break into them and cause havoc. Many of these organizations therefore insist that engineers and specialists, including IT professionals …

Read more

ICS Security training course gets advanced module

Abhisam is pleased to announce that the popular ICS security training course, which is available as an e-course online, will now have an advanced module that can be accessed by all current learners and GOLD members. This will have many sub modules such as concepts of Kill Chains, the MITRE ATT&CK framework for ICS, Honeypots for Industrial Automation and Control systems and more. Cybersecurity is a growing concern for all companies and organizations worldwide. However not many people are aware that IT security and OT Security are two different disciplines. IT security is what is done to make business IT systems secure (think banks, credit card unions or travel portals). OT stands for Operations Technology. Hence OT security refers to those systems that are used in manufacturing plants, storage terminals and similar to control processes and keep them safe. OT systems are primarily Industrial Automation and Control Systems (IACS for …

Read more

Cyber Security Training Online

The best way to get Cyber Security Training online for Industrial Control Systems (ICS), is via Abhisam’s new Industrial Cybersecurity e-learning course. If you are an engineer or technical professional who is working in areas of Instrumentation, Control Systems, Automation or Safety in any kind of industry, then you must understand and be competent in ICS Security. Industrial Control Systems (ICS for short) are used extensively in all kinds of industries and sectors today, not just in manufacturing. You can find these kind of control and automation systems in oil fields, power generation plants, water distribution networks, gas distribution pipelines, waste water treatment plants, building automation systems and more. These systems may be DCS (Distributed Control Systems), PLC (Programmable Logic Controller), SCADA (Supervisory Control and Data Acquisition systems), SIS (Safety Instrumented Systems) or PC based control systems. These could also be specialized systems such as HIPPS (High Integrity Pressure Protection …

Read more