How to start your career in OT/ICS security? (Part-2)
Manjunath Hiregange
OT/ICS Cybersecurity Lead | Industrial Automation & Control Systems | GICSP | ISA/IEC 62443 Certified
In Continuation with my previous article on how to start your career in OT/ICS security, here is the further list of resources which you can keep it ready reference and save it on your bookmarks.?
SANS ICS Security Library:?
This is one of the best places to look for ICS security related blogs, webcasts, videos, whitepapers, Cheat sheets, posters and many more.
Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.
The SANS ICS Curriculam provides hands-on training courses focused on Attacking and Defending ICS environments. These courses equip both security professionals and control system engineers with the knowledge and skills they need to safeguard our critical infrastructures.
Some useful links to bookmark:
STANDARDS/GUIDELINES RELATED TO OT/ICS SECURITY:
There are various standards, rules, frameworks and guidelines are available based on the Industrial Sector (oil & gas, marine, energy industry, manufacturing etc.,) and Nation (geographical location).
However, certain Standards and Guidelines, best practices are widely used in OT security domain as listed below:
The World’s only?Consensus-Based Automation and Control Systems Cybersecurity Standards. The ISA/IEC standards set cybersecurity benchmarks in all industry sectors that use IACS, including building automation, electric power generation and distribution, medical devices, transportation, and process industries such as chemicals and oil and gas. https://www.isa.org/standards-and-publications/isa-standards/isa-iec-62443-series-of-standards
This document covers details specific to OT systems. Readers of this document should be acquainted with general computer security concepts and with communication protocols such as those used in networking. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.ipd.pdf
The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid.??All current and draft guidelines can be found at the links below. ? https://www.nerc.com/comm/Pages/Reliability-and-Security-Guidelines.aspx
Building on CISA’s?“Securing Industrial Control systems: A Unified Initiative,” published in 2020, CISA’s efforts to reduce cyber risk to control systems center around four core priorities - Defend ICS environments, Find and defeat adversaries, Equip critical infrastructure owners and operators and cyber defenders?with the technologies and tools and Sustain operational resilience
https://www.cisa.gov/protecting-critical-infrastructure https://www.cisa.gov/ics https://www.cisa.gov/publication/cybersecurity-best-practices-for-industrial-control-systems https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
Securing key infrastructures across the Union. ENISA provides state-of-the-art advice and counsel to EU national authorities on safeguarding critical infrastructure such as power grids, telecoms and mass transportation systems essential to the national and cross-border security of essential services.
https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/?tab=publications
领英推荐
Guidance on how to apply the security best practices found in CIS Critical Security Controls to Industrial Control System environments.
ATT&CK for ICS?is a knowledge base useful for describing the actions an adversary may take while operating within an ICS network. https://collaborate.mitre.org/attackics/index.php/Main_Page https://collaborate.mitre.org/attackics/img_auth.php/3/37/ATT%26CK_for_ICS_-_Philosophy_Paper.pdf
OT/ICS SECURITY CERTIFICATIONS LIST
Other Certifications on OT security domain:
CSSA (Certified SCADA Security Architect) by The?Information Assurance Certification Review Board?(IACRB). However there is no proper information found on the web. Hence I did not consider this on my list.
ICS/SCADA Cybersecurity by EC Council – this is less recognized compared to others as it is recently launched program on ICS security. https://www.eccouncil.org/programs/ics-scada-cybersecurity/#module-5--standards-and-regulations-for-cybersecurity-
If you ask my personal opinion, out of the above, ISA/IEC62443 cybersecurity certifications would be ideal ones to start with. GICSP is quite expensive comparatively. GCIP and GRID are more for the END users. Though Exida certifications are comparatively lesser in price, it is not that familiar in the Industry job market compared to others. Also, one need to know and research on the prerequisite before taking Exida certifications.?
My final thoughts on the certifications list:
ISA/IEC62443 (GICSP/GRID/GCIP depending on your job profile) --> CISSP --> CISM (Though CISSP and CISM are IT centric security certifications, it is ?helpful when you move up the ladder in your professional life). Also I would suggest you to pursue cloud related certifications such as MS Azure security specialty, CCSP as ?Industry is moving towards Digital transformation and Industry 4.0 (Industry 5.0 is going to hit us soon).?
TOOLS & OTHER USEFUL RESOURCES:
Control Things - open source linux distribution specifically for ICS cyber security teams. https://www.controlthings.io/ , https://www.controlthings.io/platform https://www.controlthings.io/tools
Security Tools for the Industrial Control System Environment https://www.osti.gov/servlets/purl/1376870
OPENPLC Editor - It is a IEC 61131-3 compliant PLC editor totally free and open source. You can use it to upload PLC code directly to any board or system running OpenPLC Runtime. https://openplcproject.com/
Top 20 Secure PLC Coding Practices - Provide Guidelines for engineers who develop the software in ICS. https://plc-security.com/
https://industrialcyber.co/ - This is one place where you will get the latest information on OT/ICS security.
ICS Security Tools on github:
https://github.com/cisagov/ICSNPP, https://github.com/ITI/ICS-Security-Tools, https://github.com/ITI/ICS-Security-Tools/blob/master/guides/roblee.md https://gbhackers.com/industrial-control-system-ics-security/ https://github.com/nsacyber/GRASSMARLIN https://www.cisa.gov/uscert/ics/Downloading-and-Installing-CSET
I hope I have covered enough material to start your career and enhance your knowledge in OT/ICS security.
Note: OT/ICS Cybersecurity is a vast field. There are many opportunities ahead of us. Continuous learning and upgrading our skills are the key to grow in this domain. There are ample job openings expected in the coming years. There are numerous job openings expected in the coming years!
I wish you all the best!! Happy Learning!! Share and support OT/ICS Security community.?
Stay tuned for more articles on OT/IIOT Security.
OT/ICS Cybersecurity Lead | Industrial Automation & Control Systems | GICSP | ISA/IEC 62443 Certified
2 年https://us-cert.cisa.gov/ics/Calendar The following events are currently being supported by the DHS Cybersecurity and Infrastructure Security Agency (CISA) and may be of interest to Control System individuals involved in security. There will be at least one training event conducted every month. However, the schedule of future dates are tentative and subject to change.
Information Security Enthusiast || ICS/OT Security Aspirant || Lifelong learner
2 年thanks again
OT/ICS Security Senior Architect / Consultant (Bilingual JLPT N2 Certified) at Ideal Route Consulting Japan| Ex-Deloitte | Ex-Wipro | Ex-Quest(Toshiba)| Ex-Yokogawa | Nozomi-NNCE certified | ISA Senior Member
2 年Excellent Work Manjunath Hiregange ????
Cybersecurity Thought Leader, Keynote Speaker & Heavy Metal Enthusiast?? - 2X Exits
2 年Excellent collection of resources!
Framatome Cybersecurity: I help organization to lead safe digitalization through tailored IT and OT Cybersecurity solutions I CLUSIF I GIMELEC I TFTP I My Opinions are my own.
2 年Great job Manjunath!! ?? Additional question: are you aware if there is well known Universities where you can study especially OT / ICS cyber?