Security experts from industry, government, academia and elsewhere presented and exchanged their experiences at ICS Cybersecurity Conference 2016, Oct. 24-27 at Georgia Tech University in Atlanta. They represented multiple worldwide industries, government and military defense departments, industrial control system (ICS) suppliers, cybersecurity researchers, consultants and educators.
The keynote address was delivered by Adm. Michael Rogers, director of the U.S. National Security Agency (NSA) and CyberCommand. He addressed many security issues related to control systems, such as tradeoffs of remote access, value of air-gapped systems and the need for educating management. Rogers also asked private industry to work with NSA to help identify precursors to cyber attacks; addressed the recent distributed denial of service (DDoS) attack using IoT botnets; stated that secure control systems need to be designed from the beginning and not use bolt-on security technologies..
Joe Weiss, control system cybersecurity expert and Controlglobal.com's Unfettered blogger, reports this year's event had several main themes
- General lack of understanding about Level 0,1 devices
- Issue of control system incidents not involving network malware (physics issues);
- Continuing cultural and knowledge gaps between ICS and IT security, IT forensics, safety and senior management
- Continuing lack of universally-accepted definitions, particularly “OT” and cyber incidents;
- Ongoing scarcity of ICS cybersecurity information and incident sharing, including no adequate guidance on preventing ICS cyber incidents from recurring; and
- Ability of skilled hackers to compromise ICSs, as well as the latest efforts to identify new ICS zero-day attacks.