Industrial Cybersecurity:
Efficiently Monitor
the Cybersecurity Posture of your
ICS Environment

October 2021 – Packt Publishing

With Industrial Control Systems (ICS) expanding into traditional IT space and even into the cloud, the attack surface of ICS environments has increased significantly, making it crucial to recognize your ICS vulnerabilities and implement advanced techniques for monitoring and defending against rapidly evolving cyber threats to critical infrastructure. This second edition covers the updated Industrial Demilitarized Zone (IDMZ) architecture and shows you how to implement, verify, and monitor a holistic security program for your ICS environment.

You’ll begin by learning how to design security-oriented architecture that allows you to implement the tools, techniques, and activities covered in this book effectively and easily. You’ll get to grips with the monitoring, tracking, and trending (visualizing) and procedures of ICS cybersecurity risks as well as understand the overall security program and posture/hygiene of the ICS environment. The book then introduces you to threat hunting principles, tools, and techniques to help you identify malicious activity successfully. Finally, you’ll work with incident response and incident recovery tools and techniques in an ICS environment.

By the end of this book, you’ll have gained a solid understanding of industrial cybersecurity monitoring, assessments, incident response activities, as well as threat hunting.

Industrial Cybersecurity:
Efficiently Secure
Critical Infrastructure
Systems

October 2017 – Packt Publishing

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges. Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.

Modern Cybersecurity Practices:
Exploring And Implementing
Agile Cybersecurity Frameworks and
Strategies for Your Organization

April 2020

Modern Cybersecurity practices will take you on a journey through the realm of Cybersecurity. The book will have you observe and participate in the complete takeover of the network of Company-X, a widget making company that is about to release a revolutionary new widget that has the competition fearful and envious. The book will guide you through the process of the attack on Company-X’s environment, shows how an attacker could use information and tools to infiltrate the companies network, exfiltrate sensitive data and then leave the company in disarray by leaving behind a little surprise for any users to find the next time they open their computer.

After we see how an attacker pulls off their malicious goals, the next part of the book will have your pick, design, and implement a security program that best reflects your specific situation and requirements. Along the way, we will look at a variety of methodologies, concepts, and tools that are typically used during the activities that are involved with the design, implementation, and improvement of one’s cybersecurity posture.

After having implemented a fitting cybersecurity program and kickstarted the improvement of our cybersecurity posture improvement activities we then go and look at all activities, requirements, tools, and methodologies behind keeping an eye on the state of our cybersecurity posture with active and passive cybersecurity monitoring tools and activities as well as the use of threat hunting exercises to find malicious activity in our environment that typically stays under the radar of standard detection methods like firewall, IDS’ and endpoint protection solutions.