The book includes insights from the following experts:
- Agustin Valencia, OT Cybersecurity, Iberdrola, OT Security Requires A Holistic View Of Plant Risk >>
- Gabriel Agboruche, Cyber Security Specialist, Westinghouse Power, Strategies For Securing Digital Assets In Nuclear Power Plants >>
- Scott Saunders, Cyber Security Consultant, Exelon Corporation, Understanding Your Systems Is Key To ICS Security >>
- Spencer Wilcox, Director of Operational Technology Cyber Security, Exelon, For Better OT Security, Control And Monitor Your Environment >>
- Brian Foster, OT/ICS Security Engineer, Portland General Electric, In Critical Infrastructure, Safety Comes First >>
- James Shank, IT and Cyber Security Program Manager, PSEG, Robust ICS Security Requires A Multi-Layered Approach >>
- Everardo Trujillo, Manager, Cybersecurity Operations and Engineering, Sempra Energy, Security Professionals Need To Win The Trust Of OT Engineers >>
This eBook was generously sponsored by PAS.
Kaspersky Lab’s discovery of Stuxnet in 2010 turned the industrial world on its head. As the first known instance of malicious code specifically designed to seek out and interfere with industrial operations, Stuxnet was a serious wakeup call for OT operators, especially those in much of the world’s critical infrastructure.
So how has the OT/ICS community responded to the new reality of OT cyber risk? With generous support from PAS, we asked 20 OT security professionals the following question:
What are the top three pieces of advice you would give a CISO to make the plant OT/ICS environment more secure from cyber attacks?
For OT and IT security people, this is something of a loaded question, largely because OT cybersecurity is still very much a work in progress. For instance, although many contributors stressed the importance of knowing your environment, that in itself is a big challenge that varies from industry to industry and plant to plant. “Asset knowledge” also means different things to different people.
The essays in this eBook provide a wealth of information and present an inside look at an aspect of cybersecurity that is still not well understood. I am certain that anyone responsible for critical industrial operations will benefit from the advice and experiences of those who have contributed to this eBook.
