Talk on Industrial Cybersecurity Challenges/priviledged access management
Vienna 2020
Highlighting the challenges of industrial cybersecurity with a focus on Identity and Access Management
Highlighting the challenges of industrial cybersecurity with a focus on Identity and Access Management
Industrial Control Systems are increasingly getting interconnected with IT systems, motivated by enhanced productivity, extended component lifetime and optimized maintenance cycles. This talk provides insights in the cyber security challenges we are facing by adopting Industry 4.0 and the (Industrial-) Internet-of-Things.
MindSphere is an open cloud platform which stores operational data from production lines, and makes it accessible via MindSphere applications like vehicle fleet management or predictive maintenance. This involves many services developed, maintained, and operated by various teams around the globe all acting as potential gateways for hackers to break into the system. This talk focuses on how we at Siemens smoothly integrated security initiatives into our diverse and distributed development teams, working on MindSphere core components and applications, as well as their development lifecycles. Furthermore, the talk focuses on common pitfalls and misconceptions when transitioning to a secure development methodology.
Talk on security testing, unfortunately the content is internal/restricted and cannot be provided here.
Information Technology and Operational Technology were operated in two different silos, using independent networks following different objectives and being operated by different people. Teams working on IT and OT collaborated occasionally for selected projects, but in general cooperation between IT and OT was not seen as an opportunity. This is changing now: The industry strives for increased productivity, extended component lifetime and optimized maintenance cycles.
These capabilities can only be provided by bridging the gap between IT/OT and is seen as a key success factor for the industry. This talk provides insights in opportunities as well as challenges emerging from the convergence of two very different worlds. Specifically when it comes to cyber security these two worlds have diverse objectives which need to be respected.
This site is open-source - here's the source code repository.