Guidance for Unidirection, Routable
A Look at NERC CAN-0024
NERC has issued Compliance Application Node (CAN) 0024 for CIP-002R3 "Routable Protocols and Data Diode Devices", which provides guidance to NERC-CIP auditors as to when unidirectional communications equipment or "data diodes" must be considered to facilitate "routable communications." An increasing number of NERC entities are deploying unidirectional communications equipment, because such equipment provides stronger security to protected cyber assets than firewalls are able to provide. The CAN-0024 guidance makes it clear that some such deployments use routable protocols, and other deployments do not. In some cases, this distinction influences which cyber assets must be classified as Critical Cyber Assets. Join us as three industrial security experts explore the guidance in the CAN, and apply that guidance to Waterfall Unidirectional Security Gateways.
Andrew Ginter is the Director of Industrial Security at Waterfall Security Solutions. Andrew's background includes 25 years of experience in the development of both control systems products and industrial cyber-security products. Waterfall Security Solutions is the market leader in unidirectional communications for industrial applications.
Mark Simon has been a senior consultant with Encari since June 2008. Prior to joining Encari, Mark practiced law for nearly 20 years in Chicago where he had his own firm and concentrated in general civil litigation. Mark has a M.Sc., JD and is a CISSP. He was an adjunct faculty member of DePaul University's College of Computing and Digital Media from 2005 until 2011, and is currently located in London. Encari is a focused critical infrastructure protection consulting firm, providing information and control security and NERC CIP compliance consulting services.
Joel Langill is "the SCADAhacker". With more than 25 years experience in designing and implementing some of the world's largest automation solutions, Joel offers a unique approach to securing control systems for critical infrastructure by looking problems in the same manner as a knowledgeable attacker would while target a real-world industrial facililties.
This webinar was originally held on Tuesday, January 24, 2012 at 12:00pm EST.