I’m pleased
to call your attention to what promises to be a very good ICS (industrial
control systems) supply chain security conference in Chicago on April 10. The sponsor
of the event is the Digital Manufacturing
Institute, a Chicago-based initiative funded by the Department of Defense,
other federal departments, and a number of major companies, to innovate and promote
use of digital manufacturing technologies.
Of course, a
major component of this effort is cyber security, and – as we all should know
by now – supply chain security is almost without a doubt the biggest cyber
threat facing the industrial sector, and especially the electric power industry,
nowadays. The Institute was named DoD’s hub for cyber security in manufacturing
a year ago. As you probably know, DoD buys lots of manufactured products and
operates its own manufacturing facilities. For obvious reasons, they are extremely
concerned about securing their own supply chain, as well as that of American
businesses.
The conference itself is being organized by Verve Industrial Protection, a company you should get to know if you don't already.
The conference itself is being organized by Verve Industrial Protection, a company you should get to know if you don't already.
You can read
about, and sign up for, the event here
(there’s a $150 fee, unless your organization is already a member of the
Institute). I will be speaking on a panel in the morning with three others, one
of whom is Eric Byres, one of my heroes. He is the founder of Tofino Security
and inventor of their technology (now sold under the Belden name) for ICS
firewalls. He is now the CEO of aDolus Inc., a research company investigating
security technologies to aid in the detection of malicious and counterfeit
software in “smart devices” used in the industrial, aerospace, and medical
fields.
Of course,
the power industry is just one “manufacturing” industry, but it has a special
concern about supply chain security now because the current Russian
attacks on the industry are coming through the supply chain. I’m told that
a person particularly knowledgeable about those attacks will be presenting
about them at the conference. Hope to see you there!
Any opinions expressed in this blog post are strictly mine
and are not necessarily shared by any of the clients of Tom Alrich LLC.
If you would like to comment on what you have read here, I
would love to hear from you. Please email me at tom@tomalrich.com. Please keep in mind that
if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP issues or
challenges like what is discussed in this post – especially on compliance with
CIP-013. To discuss this, you can email me at the same address.
No comments:
Post a Comment