In the last two months Bryan Owen attended the SANS ICS Security Summit, DHS ICSJWG, RSA, OSIsoft’s PI World, and LOGIIC (Oil/Gas/Gov consortium). Since most listeners like me aren’t able to attend these events I thought we could find out what’s happening from Bryan.
- Why Bryan attends events. (4:12)
- Is it worthwhile for an ICS security professional to attend RSA? (7:40)
- Mike Assante from the ICS world winning the most prestigious RSA award. (14:00)
- Any difference in ICSJWG given the recent DHS reorganization? (15:25)
- Does it look like DHS will increase it’s ICS security consulting and is this a good idea? (18:36)
- Are 2 ICSJWG events a year too much? Or should there be more? (20:45)
- Government training of ICS resources and what does success look like? (23:00)
- What was the theme of PI World? (31:35)
- Information on the new secure PI System Connector for passing information between PI components (slow RIP 5450). (33:50)
- Will we see a shift away or replacement for the Purdue Model? (36:05)
- Is Oil/Gas in the LOGIIC group rethinking control/safety integration recommendations after TRITON? (49:00)
Links and Info:
The native 3 zone architecture approach is called a PI Connector. Instead of a basic client server approach, PI Connectors come with a purpose built relay as a proxy for deployment in the DMZ. Some of the major US control centers collaborated on the design and year of field trials. PI System Connector is now generally available. All PI Connectors such as Modbus, OPC-UA, etc will include the connector relay. The relay architecture also provides the endpoint for data ingress from our open source project called FogLAMP or any device pushing OSIsoft Message Format (OMF).
PI World links:
Fog Computing On The Plant Floor – Ivan Zoratti
Introduction to FogLAMP – Ivan Zoratti
OSIsoft Extreme PI System Hardening – Harry Paul
This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.
Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.