Industrial Control Cyber Security Europe Conference | Cyber Senate industrial control critical infrastructure cyber security conference

Consequence-driven Engineering for Critical Systems – Think like an Attacker, act like an Engineer

Keynote Presentation 5th Annual Industrial Control Cyber Security Europe London November 6/7 2018:
Consequence-driven Engineering for Critical Systems – Think like an Attacker, act like an Engineer
It won’t come as a surprise to anyone in the room that if you are attempting to secure your systems by maintaining good cyber-hygiene alone you are fighting a losing battle. The rise and continued evolution of the industrial internet of things along with a growing overt threat to connected critical infrastructure from top tier, sophisticated attackers, calls for new approaches to security that take into account increased attack and response surfaces and throw out any notion of being able to simply isolate the network.
One approach is to accept that an attacker may get in, but to engineer resiliency into your systems, arming users with the strength in depth needed to detect and respond to any type of attack. Consequence-driven engineering (CCE) has gained traction as a way of providing organisations with the steps needed to identify high-consequence risk within ICS of critical infrastructure, to engineer out cyber risk from the things that must not fail and to stop potentially catastrophic attacks in their tracks.
Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk
The importance of collective resilience, collaboration and information sharing to combat high-consequence risk across the supply chain

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.


Newsletter Text

Stay Up To Date On Everything The Cyber Senate Is Doing. Click Here To Sign Up For Our Newsletter Today!