(CS)²AI Online™ Seminar: An Approach To Disaster Recovery in OT
The backend of responding to a cybersecurity incident in OT is recovery, and if the incident is significant, it will spur a larger Disaster Recovery (DR) effort. Currently most Incident Response (IR) focus is around detection, containment, and eradication. However, with OT systems, significant recovery plans often lack detail given a response to any actual or perceived cybersecurity threat that disrupts the environment.
The events of WannaCry are a stark reminder of the importance of having a DR plan where near total environment disruption occurred. To handle such large-scale human made disasters, a DR plan should specify systematic reconstitution activities contingent on different impact scenarios and provide a pathway for rapid recovery.
This talk will introduce a vendor-agnostic framework that aims to parallel well-defined practices in process safety engineering (such as the commonly used four steps of process shutdown, ESD 0 - 3) and apply them to disaster recovery, considering cyber events that trigger a process loss event. Instead of focusing on data and technical recovery alone, commonly the scope of DR plans, the ICS/OT disaster recovery framework will view restoration considering process and control & automation system dependencies and location, following a methodology of 4 levels of automation system compromise. Next, the framework considers different loss scenarios for the individual asset under consideration and develops recovery strategies for the respective functional components of the environment. In turn this framework provides a stepwise functional method to resume operations of automation and process control systems and ensures recovery details are measured and operationalized.
Speaker
Saltanat Mashirova, Product Management Lead (ICS/OT Cybersecurity) at Honeywell Connected Enterprise
https://www.linkedin.com/in/saltanat-mashirova-b88bba193/
## Becoming a paid member is quick and easy (and helps us keep offering these educational opportunities!). Please join now!
## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal
## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.
## If you're interested in speaking at a future (CS)2AI event, having your organization become a Strategic Alliance Partner, or engaging in any of the other ways available, please contact us on our https://www.cs2ai.org/get-involved
## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.
