Loading…
Welcome to the Interactive Agenda for SecurityWeek’s 2018 ICS Cyber Security Conference! (View the full conference website here)  (You can Register for ICS Cyber Security Conference Here
View analytic
Monday, October 22 • 11:00am - 5:00pm
Hands-on Workshop: Protecting ICS and SCADA Networks (1/2 Day)

Sign up or log in to save this to your schedule and see who's attending!

Presented by Palo Alto Networks & CyberX

Securing ICS/SCADA systems in industrial and critical infrastructure environments can be a daunting task. Network defenders face multiple challenges including a larger attack surface resulting from IT/OT convergence, an increasingly sophisticated APT landscape, and legacy devices that are difficult to patch and were developed years ago when security was not a primary design consideration.

During this free, 1/2-day hands-on workshop, practitioners will learn how to apply best practices and the latest technologies to more effectively secure their ICS/SCADA environments using the Palo Alto Networks Security Operating Platform and its integration with CyberX’s purpose-built ICS cybersecurity platform.

Palo Alto Networks Lab Activities
Learn how Next-Generation Firewall and Advanced Endpoint Protection technologies can be used to control ICS protocols, block network threats with native IPS/IDS functions, and stop unknown threats on ICS hosts such as HMIs, engineering workstations, and automation servers.

Activities will include:
  • Overview of ICS/SCADA security basics and the Palo Alto Networks Platform
  • Setup virtualized ICS/SCADA infrastructure (HMI, PLC, Firewall, Kali)
  • Securing legacy environments with VLAN insertion
  • Whitelisting of ICS protocols using App-ID and custom App-IDs
  • Applications for user-level controls in ICS with User-ID
  • Securing ICS hosts (HMIs) with advanced endpoint protection
  • Exploit prevention using integrated IPS/IDS

CyberX Overview
In this workshop, CyberX will demonstrate how its out-of-the-box, API-level integration with Palo Alto Networks Next-Generation Firewalls and Panorama central management provides automated asset tagging and real-time response to ICS-specific threats.

We’ll look at the following scenarios using CyberX’s passive monitoring technology that has zero impact on OT networks:
  • Auto-discovery of all ICS devices and OT network topology by the CyberX platform, including detailed information about device types (manufacturer, model, protocols, etc.) and how devices are communicating with each other
  • Dynamic policy creation for ICS devices, leveraging rich, device-level information and context provided by CyberX to dynamically create and assign granular NGFW policies to devices via “Tags” and “Dynamic Access Groups” (DAGs)
  • Automated ICS threat modeling by CyberX to prioritize and simulate mitigation of attack vectors on critical “crown jewel” OT assets and processes 
  • Continuous monitoring with CyberX using patented, ICS-specific behavioral analytics and self-learning to rapidly identify suspicious or unauthorized activities
  • Automated prevention leveraging CyberX’s integration with Palo Alto Networks to rapidly block or contain malicious activities and devices, such as devices performing cyber reconnaissance, infected with destructive malware, or issuing unauthorized “PLC STOP” commands

Requirements
• Students need to have basic knowledge of ICS/SCADA environments and security concepts, particularly firewalls. No knowledge of Palo Alto products is required.
• Students just need a laptop with WiFi connectivity and browser to participate.

Monday October 22, 2018 11:00am - 5:00pm
Solutions Theater (Trippe I & II)