About the session
The threats to our critical infrastructure continue to evolve. The goal of cybersecurity for a control system should be to protect the safe and reliable operation of the process. If we leave gaps in our cybersecurity programs, we expose the safety of our workforce and our communities to attack. Therefore, we must evaluate our controls for our systems, rather than use a focus on IT security data protection goals or audit and compliance checklists. This session will investigate and report on how the modern, targeted online and removable media threats to industrial cybersecurity fare against the most popular defences deployed to protect critical infrastructure, with special focus on the effectiveness of the three classes of defence – protective, detective, and directive.
