RECAP: OT NETWORKS VISIBILITY AND SECURITY WEBINAR
ATS has recently concluded its first webinar as a certified Cisco IoT Advantage Specialization Partner.
Participating in Cisco’s IoT Advantage Specialization Partner program and adding Cisco’s solution to our OT cyber security solutions portfolio, has enabled ATS to widen our cyber security strategy playbook and approach the prevailing issue of industrial cyber security issue head-on.
This certification has also allowed ATS to affirm our position as leading industry experts when it comes to custom tailored solutions and services for the energy, defence and the government sector.
The growing threat of attacks on industrial sites, and ways of its detection and prevention, were therefore the central topics of our webinar.
The conversation was expertly moderated by Samer Abu Arisheh, Cisco’s IoT Regional Sales Lead, and the two speakers were Mohamad Aboulniaj (Director of Operations and Head of OT Cybersecurity at ATS) and Pascal Eymin (Business Development Specialist at Cisco).
The agenda of ATS’ and Cisco’s OT Networks Visibility and Security webinar covered:
- An introduction to ATS
- An overview of Cisco Cyber Vision’s uses and capabilities
- An introduction to ATS Lab
- Explanations of potential attack scenarios
- Presentation of Cisco Cyber Vision’s intrusion monitoring efficiency
- Industrial technology protection solutions and recommendations.
The event numbered more than one thousand registered attendants, out of which 131 listened to the expert speakers’ conversation live.
Our attendants came from top companies in the fields of Technology, Manufacturing, Energy, Chemical and Financial Services from the UAE, Middle East, Europe and the USA.
CISCO CYBER VISION
One of the central topics of the webinar was Cisco Cyber Vision – and how this OT visibility and threat detection solution can be integrated with existing industrial security protocols. This part of the webinar was performed by Cisco’s Pascal Eymin.
What Cisco Cyber Vision wishes to bridge is the still existing barrier between OT and IT in many critical infrastructure sites, which leads to gaps in terms of security.
In this precarious moment for the oil and gas industry, when work is being done to transition from traditional automated systems to a process of industrial operations that leans on cloud networking and Industrial Internet of Things (IIoT) – the future of smart industry – the convergence of OT and IT leaves ICS in a state of vulnerability, opening the door for all kinds of cyber threats.
As Eymin stressed during his presentation, the market of industrial cyber security has quickly become one of the company’s top priorities precisely for this reason.
Cisco Cyber Vision provides protection in the present by looking toward the future – emphasizing digitization and network solutions.
The product’s functions and capabilities were briefly presented: from important ICS asset inventory audits and dataflow maps, to potential future solution integrations.
Finally, the intent of Cisco is to offer the best integrated cyber security solution that will encompass a four-point plan of operations: from preliminary assessment, custom solution design, product deployment, and response services.
The discussion of Cisco’s end to end cyber security plan concluded Pascal Eymin’s presentation.
ATS LAB
This part of the webinar covered the integration of Cisco Cyber Vision with ATS’ proposed gas pipeline component and operational solution.
Overview of Cisco’s Cyber Vision components:
- Sensor (hardware or network)
- Appliance (hardware or software).
The sensor collects traffic and shares with the ‘brain’ of the system, which is the either appliance- or virtually-based Cyber Vision Center.
Functions of Cisco Cyber Vision which were discussed include:
- Asset inventory: build your own database of all connected devices and map all communication
- Identify vulnerabilities: automatic detection of protection gaps
- Operational insights for the OT team
- Drive compliance with detailed reports: component lists, activities lists, communication lists, etc.
After the closer look taken at Cisco’s security solution, two ATS lab simulations were presented in video form:
(1) a gas pipeline components and operational procedure presentation, and
(2) an oil pipeline components and operational procedure presentation.
In these examples it was shown how to integrate Cisco’s product into industrial operation, showcasing the systems of both gas and oil pipeline OT and IT protection solutions ATS offers.
Both of these presentations were split into two parts, once before a malware attack was simulated, and once after. The attack chosen to be simulated in this particular presentation was the Man in the Middle (MITM) attack for the OT environment, a strategy which was thoroughly explained before its demonstration.
This type of cyberattack represents a form of network infiltration in which communication and data flow between two devices are intercepted and possibly altered in order to affect damage to the target.
While one possible use of MITM is to just collect data that is being transferred, during ATS’ presentation this attack was used to actively disrupt industrial operation by controlling OT – in the first instance going for the pipeline valve, and in the second for the pipeline motor.
Once this internal system network intrusion was performed, Cyber Vision’s value was demonstrated in its quick and accurate detection of all critical events that occurred.
SOLUTIONS AND RECOMMENDATIONS
The webinar rounded off with a section on protection solutions and recommendations for the contemporary critical infrastructure OT environment.
ATS’ list of recommended cyber security solutions, all of which are part of our portfolio, covered:
- Endpoint protection
- Centralized backup solution
- Industrial Firewalls
- ICS Hardening.
The webinar was concluded with a round of Q&A, expanding on technical details such as human machine interface (HMI) backend, the viability of pipeline air gap strategy, system integrations, and vulnerability checks.
This quick Q&A session closed the webinar in an informative key.
Did you miss the ATS Webinar on OT Networks Visibility and Security?
To watch the webinar replay on BrightTalk click the button below.