Back to School Savings: Save up to 30% on print books and eBooks. No promo code needed.
Back to School Savings: Save up to 30%
Industrial Network Security
Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems
3rd Edition - March 1, 2024
Author: Eric D. Knapp
Paperback ISBN:9780443137372
9 7 8 - 0 - 4 4 3 - 1 3 7 3 7 - 2
As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more… Read more
Purchase Options
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Third Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems.Author Eric Knapp examines the unique protocols and applications that are the foundation of Industrial Control Systems (ICS) and provides clear guidelines for their protection. This comprehensive reference gives you thorough understanding of the challenges facing critical infrastructures, new guidelines and security measures for infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.
All-new real-world examples of attacks against control systems such as Trisis, Industroyer, Incontroller, and more
New information on Risk Management to better address cyber-physical systems and the risks associated with cyber-physical attacks
Includes all-new content on OT attack methodology, USB security, OT Cyber Kill Chains, Incident Response lifecycles, and more
Provides improved guidance for implementing security controls and risk mitigation strategies, including expanded coverage of network segmentation, monitoring, and threat detection
Includes new coverage of network spans, mirrors, and taps, as well as asset discovery, log collection, and industrial-focused SIEM solution
Information security professionals, Computer Science analysts, consultants, and researchers in academia and industry. Electrical Control System operators, SCADA system operators, and IT professionals in the following verticals: electricity, water, gas, chemical, oil, and smart grid. DoE and NIST staff, policy makers, and people working on the corporate side of power companies and utilities.
Chapter 1: Introduction
Book overview and key learning points
Book audience
Diagrams and figures
The smart grid
How this book is organized
Conclusion
Chapter 2: About Industrial Networks
Abstract
The use of terminology within this book
Common industrial security recommendations
Advanced industrial security recommendations
Common misperceptions about industrial network security
Summary
Chapter 3: Industrial Cyber Security History and Trends
Abstract
Importance of securing industrial networks
The evolution of the cyber threat
Insider threats
Hacktivism, cyber crime, cyber terrorism, and cyber war
Summary
Chapter 4: Introduction to Industrial Control Systems and Operations
Abstract
System assets
System operations
Process management
Safety instrumented systems
The smart grid
Network architectures
Summary
Chapter 5: Industrial Network Design and Architecture
Abstract
Introduction to industrial networking
Common topologies
Network segmentation
Network services
Wireless networks
Remote access
Performance considerations
Safety instrumented systems
Special considerations
Summary
Chapter 6: Industrial Network Protocols
Abstract
Overview of industrial network protocols
Fieldbus protocols
Backend protocols
Advanced metering infrastructure and the smart grid
Industrial protocol simulators
Summary
Chapter 7: Hacking Industrial Control Systems
Abstract
Motives and consequences
Common industrial targets
Common attack methods
Examples of weaponized industrial cyber threats
Attack trends
Dealing with an infection
An introductory discussion of attack vectors and surfaces in Industrial Networks
New attack methods including USB threats, HID attacks, rogue access points, and cyber physical attacks
Discussion of specific more recent attacks including Trisys, Pipedream, and others
Summary
Chapter 8: USB Security (NEW chapter)
The three types of USB threat
Preventing Malware exposure via USB
Preventing USB hardware attacks
Preventing data loss via USB
Chapter 9: Risk and Vulnerability Assessments
Abstract
Cyber security and risk management
Methodologies for assessing risk within industrial control systems
System characterization
Threat identification
Vulnerability identification
Risk Classification and Ranking
Risk reduction and mitigation
Summary
Chapter 10: Establishing Zones and Conduits
Abstract
Security zones and conduits explained
Identifying and classifying security zones and conduits
Recommended security zone separation
Establishing security zones and conduits
“Beachhead” systems, and how to use them to add extensive monitoring and detection
Summary
Chapter 11: Implementing Security and Access Controls
Abstract
Network segmentation
Implementing network security controls
Implementing host security and access controls
How much security is enough?
Deep-dive on network spans, mirrors, and taps; how to use them, what to avoid, etc.
Summary
Chapter 12: Exception, Anomaly, and Threat Detection
Abstract
Exception Reporting
Behavioral anomaly detection
Behavioral Whitelisting
Threat Detection
Add considerable content around network anomaly detection, which has become popular in ICS over the past few years
Summary
Chapter 13: Security Monitoring of Industrial Control Systems
Abstract
Determining what to monitor
Successfully monitoring security zones
Information management
Log storage and retention
asset discovery section (active vs. passive, manual assessments, etc.)
Add considerable detail around Log collection - what to collect, how to collect it, and what to do with that data.
Update the SIEM section - include screenshots of newer, industrial-focused SIEM solutions
Add a mention under the subheading of “incident response” to tease the next, entirely new chapter
Summary
Chapter 14: Closing the Gap – Discussing OT Cyber Kill Chains, and the lifecycle of an incident response from detection to recovery
Minimizing detection-to-response times
How IT departments and OT can work together to facilitate response
When and where to focus detection efforts
How to operationalize security controls to make the most of the tools you have
Chapter 15: Standards and Regulations
Abstract
Common standards and regulations
ISA/IEC-62443
Mapping industrial network security to compliance
Industry best practices for conducting ICS assessments
Common Criteria and FIPS Standards
Summary
Appendix A: Protocol Resources
Appendix B: Standards Organizations
Appendix C: NIST Security Guidelines
Glossary
Index
No. of pages: 500
Language: English
Published: March 1, 2024
Imprint: Syngress
Paperback ISBN: 9780443137372
EK
Eric D. Knapp
Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London.
Affiliations and expertise
Director
Strategic Alliances for Wurldtech Security Technologies