Industrial Network Security
Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems
- 3rd Edition - March 26, 2024
- Imprint: Syngress
- Author: Eric D. Knapp
- Language: English
- Paperback ISBN:9 7 8 - 0 - 4 4 3 - 1 3 7 3 7 - 2
- eBook ISBN:9 7 8 - 0 - 4 4 3 - 1 3 7 3 8 - 9
As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more im… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteAs the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Third Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems.
Author Eric Knapp examines the unique protocols and applications that are the foundation of Industrial Control Systems (ICS) and provides clear guidelines for their protection. This comprehensive reference gives you thorough understanding of the challenges facing critical infrastructures, new guidelines and security measures for infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.
- All-new real-world examples of attacks against control systems such as Trisis, Industroyer, Incontroller, and more
- New information on Risk Management to better address cyber-physical systems and the risks associated with cyber-physical attacks
- Includes all-new content on OT attack methodology, USB security, OT Cyber Kill Chains, Incident Response lifecycles, and more
- Provides improved guidance for implementing security controls and risk mitigation strategies, including expanded coverage of network segmentation, monitoring, and threat detection
- Includes new coverage of network spans, mirrors, and taps, as well as asset discovery, log collection, and industrial-focused SIEM solution
Information security professionals, Computer Science analysts, consultants, and researchers in academia and industry. Electrical Control System operators, SCADA system operators, and IT professionals in the following verticals: electricity, water, gas, chemical, oil, and smart grid. DoE and NIST staff, policy makers, and people working on the corporate side of power companies and utilities.
- Chapter 1: Introduction
- Book overview and key learning points
- Book audience
- Diagrams and figures
- The smart grid
- How this book is organized
- Conclusion
- Chapter 2: About Industrial Networks
- Abstract
- The use of terminology within this book
- Common industrial security recommendations
- Advanced industrial security recommendations
- Common misperceptions about industrial network security
- Summary
- Chapter 3: Industrial Cyber Security History and Trends
- Abstract
- Importance of securing industrial networks
- The evolution of the cyber threat
- Insider threats
- Hacktivism, cyber crime, cyber terrorism, and cyber war
- Summary
- Chapter 4: Introduction to Industrial Control Systems and Operations
- Abstract
- System assets
- System operations
- Process management
- Safety instrumented systems
- The smart grid
- Network architectures
- Summary
- Chapter 5: Industrial Network Design and Architecture
- Abstract
- Introduction to industrial networking
- Common topologies
- Network segmentation
- Network services
- Wireless networks
- Remote access
- Performance considerations
- Safety instrumented systems
- Special considerations
- Summary
- Chapter 6: Industrial Network Protocols
- Abstract
- Overview of industrial network protocols
- Fieldbus protocols
- Backend protocols
- Advanced metering infrastructure and the smart grid
- Industrial protocol simulators
- Summary
- Chapter 7: Hacking Industrial Control Systems
- Abstract
- Motives and consequences
- Common industrial targets
- Common attack methods
- Examples of weaponized industrial cyber threats
- Attack trends
- Dealing with an infection
- An introductory discussion of attack vectors and surfaces in Industrial Networks
- New attack methods including USB threats, HID attacks, rogue access points, and cyber physical attacks
- Discussion of specific more recent attacks including Trisys, Pipedream, and others
- Summary
- Chapter 8: USB Security (NEW chapter)
- The three types of USB threat
- Preventing Malware exposure via USB
- Preventing USB hardware attacks
- Preventing data loss via USB
- Chapter 9: Risk and Vulnerability Assessments
- Abstract
- Cyber security and risk management
- Methodologies for assessing risk within industrial control systems
- System characterization
- Threat identification
- Vulnerability identification
- Risk Classification and Ranking
- Risk reduction and mitigation
- Summary
- Chapter 10: Establishing Zones and Conduits
- Abstract
- Security zones and conduits explained
- Identifying and classifying security zones and conduits
- Recommended security zone separation
- Establishing security zones and conduits
- “Beachhead” systems, and how to use them to add extensive monitoring and detection
- Summary
- Chapter 11: Implementing Security and Access Controls
- Abstract
- Network segmentation
- Implementing network security controls
- Implementing host security and access controls
- How much security is enough?
- Deep-dive on network spans, mirrors, and taps; how to use them, what to avoid, etc.
- Summary
- Chapter 12: Exception, Anomaly, and Threat Detection
- Abstract
- Exception Reporting
- Behavioral anomaly detection
- Behavioral Whitelisting
- Threat Detection
- Add considerable content around network anomaly detection, which has become popular in ICS over the past few years
- Summary
- Chapter 13: Security Monitoring of Industrial Control Systems
- Abstract
- Determining what to monitor
- Successfully monitoring security zones
- Information management
- Log storage and retention
- asset discovery section (active vs. passive, manual assessments, etc.)
- Add considerable detail around Log collection - what to collect, how to collect it, and what to do with that data.
- Update the SIEM section - include screenshots of newer, industrial-focused SIEM solutions
- Add a mention under the subheading of “incident response” to tease the next, entirely new chapter
- Summary
- Chapter 14: Closing the Gap – Discussing OT Cyber Kill Chains, and the lifecycle of an incident response from detection to recovery
- Minimizing detection-to-response times
- How IT departments and OT can work together to facilitate response
- When and where to focus detection efforts
- How to operationalize security controls to make the most of the tools you have
- Chapter 15: Standards and Regulations
- Abstract
- Common standards and regulations
- ISA/IEC-62443
- Mapping industrial network security to compliance
- Industry best practices for conducting ICS assessments
- Common Criteria and FIPS Standards
- Summary
- Appendix A: Protocol Resources
- Appendix B: Standards Organizations
- Appendix C: NIST Security Guidelines
- Glossary
- Index
- Edition: 3
- Published: March 26, 2024
- No. of pages (Paperback): 518
- Imprint: Syngress
- Language: English
- Paperback ISBN: 9780443137372
- eBook ISBN: 9780443137389
EK
Eric D. Knapp
Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London.
Affiliations and expertise
Director
Strategic Alliances for Wurldtech Security TechnologiesRead Industrial Network Security on ScienceDirect