CS4CA

On Demand Recording:

CS4CA USA Day 1 Presentation – Enhancing Cyber Resilience of Process Control Systems – Lessons Learned from Hardening our OT System – Durgesh Kalya

Resources : PowerPoint Show

Connect / Follow me

LinkedIn: https://www.linkedin.com/in/durgeshkalya

Twitter: https://twitter.com/durgeshkalya

Resources in the presentation:

Safety Moment:

Florida Water Treatment Plant:

https://www.forbes.com/sites/leemathews/2021/02/15/florida-water-plant-hackers-exploited-old-software-and-poor-password-habits/

Colonial Pipeline Hack:

https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

Solarwinds Attack:

https://spycloud.com/solarwinds-attack-breakdown/

2013 Presidential Policy Directive — Critical Infrastructure Security and Resilience

https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil

2017 EXECUTIVE ORDER ON STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

https://www.cisa.gov/executive-order-strengthening-cybersecurity-federal-networks-and-critical-infrastructure

NIST CSF Framework:

https://www.nist.gov/cyberframework/framework

NIST CSF Mapped to ISA-62443 2-1

Road Map:

https://csrc.nist.gov/CSRC/media/Projects/Supply-Chain-Risk-Management/documents/briefings/Workshop-Brief-on-Cyber-SCRM-Standards-Mapping.pdf

Spreadsheet-Mapping:

https://www.nist.gov/document/framework-improving-critical-infrastructure-cybersecurity-corexlsx-1