The ISA Water/Wastewater Industry Division is pleased to present a seminar on cybersecurity best practices on June 7, 2022. Our speakers will be Norm Anderson, Josiah Long and Hassan Ajami.
Our sessions start at 1PM Eastern (12PM Central, 11AM Mountain, 10AM Pacific).
Registration is free. Register at www.isa.org/events
Here is an overview of the sessions:
Session 1 – Developing an IACS Cybersecurity Program
- An Industrial Automation and Control System (IACS) Cybersecurity Program encompasses management and operation of the entire IACS security and generally encompasses the following key areas:
- IACS Organization
- Policy and Procedure Management
- Document Control Policies
- Change Management Procedures
- Work Order Policies
- Improvement Projects
- Cyber Security Management System (CSMS)
- Why is an IACS Cybersecurity Program needed?
- Develop the Team
- Develop Governance Policy
- Risk Analysis
- Addressing Risk with a Cyber Security Management System (CSMS)
- Monitoring and Improving the CSMS
Session 2 – Physical Security
- Tactics for Defending Cyber Physical Attacks
- Physical and Environmental Protection – NERC-CIP categories
- Overview of Physical Control categories
- Where are your crown jewels?
- What does your site look like?
- Rings of Protection
- Security Vulnerability Assessment
- CCTV system considerations
- Intrusion Detection Device options
- Options for electronic access points
- NERC-CIP’s requirements – CIP-006, CIP-014
Session 3 – How to Build a Cybersecurity Lab
- Monitoring Your Cybersecurity Sandbox
- Key elements of a cyber program
- Cybersecurity Tools
- Basics of your system
- Knowing your Data Flows
- Setting up an Intrusion Detection System (IDS)
- Hardware for a basic cyber lab