1660601340864 Ct1912fc294x286

12 days of cybersecurity: Extra helping of cybersecurity resources

Dec. 18, 2019
12 days of cybersecurity: Day 6
Check out the 12 days of cybersecurity mini-series!

Human awareness and back doors

This eight-minute video, "Anatomy of an ICS network attack," is part of the SANS Securing the Human security awareness program, and shows how to make personnel awareness programs more effective. It's accompanied by a 38-minute video, "How threats are slipping in the back door" by Deviant Ollam, security auditor and pen test consultant at the Core Group, highlight some of the exciting and shocking methods his team uses to routinely let themselves in on physical jobs.

SANS Institute

DHS response and ICS-CERT updates

The Industrial Control Systems Cyber Emergency Response Team's (ICS-CERT) website, part of the U.S. Dept. of Homeland Security (DHS), continues to gather and distribute timely threat updates and recommendations for users about protecting their organizations and applications from unauthorized probes, malicious intrusions and cyber attacks. For participants that sign up, notifications are provided directly. 


Two need-to-know videos

These two 20-minute videos, "What do you need to know cybersecurity" by Patrick Boo, product manager at ABB, provide a good overview of cybersecurity dangers faced by industrial producers; discuss industry benchmarks on cybersecurity and potential business impact; and provide examples of how to address cybersecurity in complex organizations, including assessing current state, developing first improvements and engaging multiple stakeholders for successful implementation. They're at www.youtube.com/watch?v=ota_h5ye7bI and at www.youtube.com/watch?v=fkK-SLNivD4


NIST framework and blog

The National Institute of Standards and Technology (NIST) hosts its well-known "NIST Cybersecurity Framework" at its website. It also provides useful cybersecurity documents, as well as a blog with updates on cybersecurity developments from NISTS's perspective. The site also includes FAQs, news, events, workshops and some informative videos.


Cybersecurity program management

This 55-minute webinar-to-video, "Industrial automated control system cybersecurity program management" by David Johnson of exida describes the organizational conflicts surrounding cybersecurity, and how to create policies and coordinate security activities. It also discusses key aspects of an industrial automated control system (IACS) cybersecurity program, provides concrete recommendations for getting started, and delivers references with added insight.


Graphic demo video

This colorful, five-minute video, "Cyber demo for industrial control systems" by Check Point Software Technologies provides a quick overview of cybersecurity challenges, shows how Check Point's technology can detect and prevent them, and is a good description of how anomaly detection methods work.

Check Point ICS

Industrial blog posts

The "Industrial cybersecurity blog" by Nozomi Networks covers the oil and gas and electric utilities, and includes posts from many security experts like Larry O'Brien and Sid Snitkin of ARC Advisory Group, and Chet Namboodri and Andrea Cacano of Nozomi. It also has links to videos and other materials.

Nozomi Networks

Essential security video

This 75-minute video, "Cybersecurity of Industrial Control Systems," is presented by Joe Weiss as part of the Stanford University Center for Professional Development's Computer System Colloquium; covers the cybersecurity of industrial control systems in power plants and water-pumping facilities; and examines the shortcomings of current protocols and regulation in the post-Stuxnet era.

Stanford University

Best of last time

The previous version of this cybersecurity resources column, "Serious cybersecurity sources" by Jim Montague includes links to even more documents, videos and other materials.


Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.