On April 11, 2012, both Phil Grimes and Brent Huston were honored to present on the ICS/SCADA security topics at the Spring Gas Operations Summit in Indianapolis held by the Midwest Energy Association (MEA).
Phil covered the process of scoping security assessments for ICS/SCADA deployments and spent a lot of time with the crowd analyzing various scenarios for how to pick an assessment partner, how often to perform vulnerability assessments, how to closely control and properly use penetration testing and a variety of other topics specific to the crowd’s concerns.
Brent followed that presentation with a talk focused on honeypots in ICS/SCADA. He covered the history of honeypots in ICS deployments, the NIST guidance for honeypots (“canaries”) and the relevant locations and approaches to gathering attack data with them. The crowd also asked great questions about how to use the data from the systems, how to work together to leverage honeypot data as an industry and how to manage data anonymity for detected events.
Further discussions followed, with the MSI team sitting in the crowd as a round table, which went really well. They had excellent conversations about the state of the threat, the reliance on public infrastructures, cellular communication threats, network enclaving, detection techniques and the safety of Internet exposed HMIs.
MSI would like to thank MEA for allowing us to come in and engage with their attendees. It was a very interesting show and we think everyone learned a lot about where ICS/SCADA security is going in the next 1-3 years.