Mastering OT/ICS Cybersecurity — Part 2: Building a ROCK SOLID 62443 Cybersecurity Management System

How do we build a ROCK SOLID 62443 Cybersecurity Management System (CSMS)? How do we effectively protect our OT / ICS / SCADA / IACS environments from cyber attacks? In this part, we'll jump start our 62443 learning by covering what OT/ICS cybersecurity is, why it is important to the world and how to defend critical infrastructure environments like power plants and water treatment facilities. After taking a quick look at other standards and frameworks like NIST 800-82, ISO 27001/ISO 27002 and the NIST CSF, we'll dive into the six phases of building a successful OT/ICS cybersecurity management program based on ISA/IEC 62443.

Questions? Drop them in the Comments and I'll be sure to answer!

00:00 Introduction
02:22 Agenda
03:03 62443 Cybersecurity Fundamentals Specialist Certification
06:12 What Are We Protecting?
07:56 Differences Between OT / ICS / SCADA / IACS
11:30 What is OT/ICS Cybersecurity?
19:39 IT Cybersecurity Compared to OT Cybersecurity
23:48 How Does It All Work in Securing Critical Infrastructure?
23:30 OT/ICS Cybersecurity Myths
28:01 Types of Attackers (State Adversaries, Hacktivists, Ransomware Operators)
30:39 Where Do We Go From Here? OT/ICS Attack Timeline
33:00 Why a OT Cybersecurity Management System (CSMS)?
34:45 NIST Cybersecurity Framework (CSF)
39:15 NIST 800-82
47:36 ISO 27001 / ISO 27002
48:42 The ISA/IEC 62443 Standards
50:11 International Society of Automation (ISA) & International Electrotechnical Commission (IEC)
52:26 ISA-99
56:58 The IACS Security Lifecycle
59:12 Phase 1: Assess
1:01:56 Target Security Levels (SL-T)
1:06:25 Phase 2: Develop & Implement
1:09:05 Phase 3: Maintain
1:12:50 ISA-62443-2-1
1:13:23 What Makes a Successful OT CSMS?
1:16:37 Phases of Creating a 62443 OT Cybersecurity Management System (CSMS)
1:17:31 Phase 1: Initiate
1:21:57 Phase 2: High-Level Risk Assessment
1:26:35 Phase 3: Detailed Risk Assessment
1:28:35 Phase 4: Policies
1:33:02 Awareness of Policies & Responsibilities
1:34:57 Phase 5: Countermeasures
1:36:45 Phase 6: Maintaining and Improving the CSMS
1:39:13 Review Questions
1:45:17 THANK YOU!!!

Link to Course Materials: https://drive.google.com/drive/folder...

Thank you for watching!!!

Looking for more on ICS/OT cyber security?

Mike Holcomb
linkedin.com/in/mikeholcomb
mikeholcomb.com
   / @utilsec