ICS and SCADA Community ‘Still Lacking’ says Expert

Ahead of SANS’ 2014 European ICS Security Summit, significant security issues are still facing the ICS and SCADA community, “We are starting to see ICS capable threats and a series of incidents that have been specifically targeted against ICS environments,” says Michael Assante, SANS project lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security.

“There is  now a greater ICS connectedness to business, third-party networks and cloud services that can be exploited by attackers [while the sector still] lacks integrated engineering, ICS technical and cyber security specialists to reduce the attack surface and implement monitoring and effective response capabilities,” adds Assante who was previously Vice President and Chief Security Officer of the North American Electric Reliability (NERC) Corporation, where he oversaw industry-wide implementation of cyber security standards across the continent.

In Assante’s opinion, the attacks are becoming more organised as higher profile incidents are being reported and threats discovered.  “The recent Havex trojan had an ICS module and was deployed by compromising ICS supplier webpages.  Industry will need to assign the responsibility of ICS security and develop and equip multi-discipline teams to harden their environments and develop effective security operations,” says Assante, but adds, “many are at the early stage of trying to identify all of their ICS assets and assign responsibility.”

Assante believes that governments are finally “getting their hands around the issues and the reasons why the market is driving certain behaviour” and applauds the free resources available to help develop security efforts. “More can be done in the form of shared research and resources and effectively disseminate information regarding vulnerabilities and threats,” he adds.

As the ICS lead for SANS, Assante is helping to shape the upcoming SANS 2014 European ICS Security Summit taking place in Amsterdam, on September 21st and 22nd. The Summit brings together Europe’s ICS security thought leaders, researchers, and asset owners/defenders who will shed light on new threats, initiatives, and protection strategies.  Attendees will gain practical, technical skills and knowledge which can be immediately applied to help organisations shape a viable ICS security strategy.

At the heart of the event is ICS410: ICS/SCADA Security Essentials, a 5-day training course that provides a foundational set of standardised skills and knowledge for industrial cyber security professionals. The course has evolved considerably since its creation, “The ICS410 course has always had a ‘defenders’ focus, teaching both engineers and cyber security professionals how to build an effective security program that works in the challenging application of control system technology to production environments,” says Assante, “Expert and student feedback has helped the course authors provide detailed methods and specific knowledge to help students overcome real world ICS security challenges.”

“This course is the ideal preparation for the Global Industrial Cyber Security Professional (GICSP) certification.  The GICSP is used to certify ICS security essentials for Engineering, Operating Technology and Cyber security specialists.  These are the teams and right mix of competencies that will make a difference,” Assante concludes.

For more information on SANS’ 2014 European ICS Security Summit or to register, please visit: http://www.sans.org/info/166502

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

ICT - securitybuyer

ICT announces Martin Vermaak as COO

Integrated Control Technology (ICT), a leading provider of intelligent access control, intrusion detection, building automation..
FLIR - security buyer

New FLIR camera for Perimeter Security

FLIR, a Teledyne Technologies company, today released its newest high-resolution visible/thermal security camera for commercial..
Contacta - Security Buyer

Contacta launches Level 8 ballistically-resistant window intercom

Assistive listening specialist, Contacta, has launched the world’s first window intercom system with a Level 8 UL752 approval.
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
SentinelOne & AWS - Security Buyer

SentinelOne Teams with AWS to bring Cloud Security Protection

SentinelOne announced that it is a launch partner for the new AWS Security Hub. The new collaboration builds on a long standing..
Genetec - Security Buyer

Genetec and Hanwha Vision

The latest in our ongoing series introducing Hanwha Vision’s pioneering partners, leads us to Ben Durrant, Account Executive at Genetec Inc.
Altronix - Security Buyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
IFPO x GSA - Security Buyer

New Corporate Members for IFPO

The Global SecurAlliance (GSA)summer meeting on 16 June was held again at the stunning Château de Méry-sur-Oise on the outskirts of Paris.
SB Awards register now advert - Security Buyer

Launching Security Buyer Awards

Honouring innovation, leadership, and success across the global security industry at the Security Buyer Judges’ and Readers’ Awards 2025 
Product Spotlight - HID

Product Spotlight – HID

Access control is evolving into a smart, responsive platform—integrating embedded apps, IoT, and cybersecurity to deliver…
Scroll to Top