Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices. • Check it out!

  • English
    • Deutsch
    • Español
    • Français
    • Italiano
    • Português
    • 中国人
    • 中國人
    • 한국인
  • Why Claroty
  • Products
    • Platform
      • Comprehensive Platform Overview
      • Claroty Edge
      • Continuous Threat Detection
      • Secure Remote Access
      • Request A Demo
    • Integrations
      • Firewalls
      • Network Access Control
      • SIEM
      • SOAR
      • CMDB
      • OEM
  • Industry Solutions
    • Energy
    • Consumer Products
    • Critical Manufacturing
    • Pharmaceutical
    • Water Utilities
  • Partners
    • Claroty Focus Program
    • Find a Partner
    • Become a Partner
    • Partner Login
  • Resources
    • Biannual Report
    • Case Studies & Use Cases
    • Whitepapers
    • Data Sheets
    • Integration Briefs
    • Support
    • Podcasts
    • Events & Webinars
  • About
    • Leadership
    • Careers
    • Contact Us
    • News
    • Press Releases
  • Blog
  • Team82
  • Contact Us
  • English
    • Deutsch
    • Español
    • Français
    • Italiano
    • Português
    • 中国人
    • 中國人
    • 한국인
  • Why Claroty
  • Products
    • Platform
      • Comprehensive Platform Overview
      • Claroty Edge
      • Continuous Threat Detection
      • Secure Remote Access
      • Request A Demo
    • Integrations
      • Firewalls
      • Network Access Control
      • SIEM
      • SOAR
      • CMDB
      • OEM
  • Industry Solutions
    • Energy
    • Consumer Products
    • Critical Manufacturing
    • Pharmaceutical
    • Water Utilities
  • Partners
    • Claroty Focus Program
    • Find a Partner
    • Become a Partner
    • Partner Login
  • Resources
    • Biannual Report
    • Case Studies & Use Cases
    • Whitepapers
    • Data Sheets
    • Integration Briefs
    • Support
    • Podcasts
    • Events & Webinars
  • About
    • Leadership
    • Careers
    • Contact Us
    • News
    • Press Releases
  • Blog
  • Team82

Aperture Podcast: Justin Searle on Pen-Testing ICS

Share:

By Michael Mimoso | Claroty Editorial Director | Jan. 26, 2021

As industrial cybersecurity matures, more and more governance programs are being built around control networks. That includes not only personnel dedicated to managing risk around industrial control systems (ICS) and processes, but also introducing the need for security assessments and penetration testing to ICS.

In this episode of Aperture, Justin Searle, a two-decade veteran of the industry, shares his experiences pen-testing control networks, focusing on the distinct challenges surrounding this practice, which is markedly different from security assessments conducted against IT networks.

Download this Episode of Aperture Here.

“We’re starting to see more companies consider at least some lightweight, safe penetration testing,” said Searle. “I think the really hardcore penetration testing really is being driven more by vendors who are testing their individual products in labs before and after they go to market, as well as owner/operators who are doing testing before they do the implementation.”

Missing from that scenario, of course, are pen tests against production environments. Much like the challenges around vulnerability management and patching production equipment, there is little tolerance for downtime in the ICS domain. Operators are also hesitant to allow third-parties, for example, to test the resilience of a production environment for fear of affecting processes, especially in critical infrastructure markets.

“It’s not a rarity; it is actually occurring to some degree,” Searle said. “I think what’s being done often makes me more nervous than it does make me feel better. I’m a proponent of actually doing more penetration testing in our production networks. However, we need to do that in a very safe manner.”

Searle—who is the director of ICS security at consultancy InGuardians and a senior SANS Institute instructor—covers a number of other areas of pen-testing during this extensive conversation, including:

  • What organizations can do to prepare for a security assessment—including architecture reviews, asset inventories, and establishing an understanding of communication protocols before allowing network captures
  • What ICS penetration tests look like
  • Organizations’ readiness to act on the final assessments they are handed
  • The effects of digital transformation and IT/OT convergence on threats to ICS and operational technology (OT) networks
  • What actual threats to ICS and OT networks look like today

Subscribe, rate, and review the Aperture podcast on all the major platforms, including Apple Podcasts and Spotify.

Share:
Claroty 2022
Terms & Conditions
Privacy Policy

Products

  • Comprehensive Platform Overview
  • Continuous Threat Detection
  • Secure Remote Access
  • INTEGRATIONS
  • Firewalls
  • Network Access Control
  • SIEM
  • SOAR
  • CMDB
  • OEM

Industry Solutions

  • Energy
  • Consumer Products
  • Critical Manufacturing
  • Pharmaceutical
  • Water Utilities

Partners

  • Claroty Focus Program
  • Find a Partner
  • Become a Partner
  • Partner Login

Resources

  • Resource Library
  • Case Studies & Use Cases
  • Data Sheets
  • Integration Briefs
  • Videos & Webinars
  • Whitepapers

About

  • Leadership
  • Careers
  • Contact Us
  • News
  • Press Releases
  • Events and Webinars
  • Advanced Services Terms & Conditions