OT Cyber Security
Education & Awareness: the foundations of Cyber Security
Maybe a (nice) OT Cyber Security Course is better to start protecting my system.
ServiTecno supports the approach of Security by design: just as the tailor would sew a made-to-measure suit, safety must likewise be studied and designed on the individual architecture and/or system.
The training of operators and other company figures therefore cannot deviate from this concept: courses and workshops will be designed ad hoc to better meet the needs of each individual company.
To define a proposal for your company, contact us directly: below is a generic proposal containing the macro-subjects and ready to be refined on the basis of your needs.
In last years we have seen it repeated "cyber incidents" that have had impacts, at times even seriouson the normal operation of industrial plants. The victims were automation, control and remote control systems that manage industrial plants and machinery of automotive companies, glass production companies, food companies and chemical, mechanical and iron and steel industries, but also systems that manage operating blocks in hospitals, large buildings and infrastructures such as airports, aqueducts, etc.
Malware, such as Wannacry, Industroyer and Petya, have affected facilities by exploiting widespread vulnerabilities in OT networks and systems.
Here is the list of some threats, as they appeared in the media and circulated on the net:
WannaCry, also called WanaCrypt0r 2.0, is a Ransomware Worm responsible for a large-scale epidemic that occurred in May 2017. When running, it encrypts files on your computer and asks for a ransom of a few hundred dollars to decrypt them.
Industroyer: it is an industrial malware that automatically and autonomously analyzes the devices connected on an industrial network (such as PC, PLC, etc. via OPC), interrogates the operating parameters, issues operating commands and can destroy critical data. Industroyer (also known as Crashoverride) resurfaced and was identified in June 2017
Petya / NotPetya: it is a piece of malware that appeared at the end of June 2017 which, once in operation, encrypts the PC's master file table (MFT), making the files on the hard disk inaccessible. In fact, once the infection and encryption process is over (about 30/35 minutes), the PC will no longer be bootable and the data it contains will no longer be available.
In the newspapers and television news we have seen real war bulletins, with lists of companies and institutions affected by these attacks and above all plants stopped with consequent damage to production, to the provision of services and ultimately also to the image of the organizations affected.
In the newspapers and on television talkshows we have seen the faces of friends and acquaintances, recognized IT security experts, who have been dealing with these things on a daily basis for years and give explanations and useful advice, often unheard of.
At the same time, a multitude of "specialists" and vendors have also begun to dispense suggestions and protection criteria in technical magazines and web publications, which are often valid for the IT side but not always appropriate and advisable for the OT.
OT (Operation Technology) Security is different from IT (Information Technology) Security!
Hence the idea of (re)scheduling and making available on request a series of courses specifically designed for OT/ICS Cyber Security. From the experience of over 15 years of proposals for the protection of networks and systems from IT risks in industry and infrastructures, here is the course offered by ServiTecno.
