Ten years ago, the Internet of Things (IoT) had little meaning within the offices of transportation authorities around the world. By 2020 the IoT will be a 20 billion-device monster growing exponentially. As will the cyber vulnerabilities from being constantly connected to the outside world. Every agency faces the same overwhelming question: How do we secure our operations?
Many cybersecurity vendors are saying they have the solution with their next-gen monitoring tool. Unfortunately, due to the ever-evolving nature of the IoT and threats to it, it’s not that simple. We have to fully grasp the risks involved and the consequences to continuity of operations and safety of life. There are already plenty of examples in various critical infrastructure industries to draw from, including rail.
Do we truly understand the challenges of securing rail operations today? What methods and data are available to secure modern transit networks? What does cybersecurity monitoring really mean? What data is collected? How can it be correlated? How can it be used to track and eliminate threats?
1. Explain the three levels of data which can be monitored for cyber-indicators within a industrial control or safety environment
2. Discuss how to correlate data from the three different levels together to reconstruct an attack and trace its path
3. Understand how data can be received from field/SCADA devices (PLC's, RTU's and etc.), cybersecurity devices (firewalls, IPS/IDS, SIEM) and computer systems to better an organization's chances of recognizing indicators of compromise (IOCs)