Introduction. Threats to ICS. ICS Vulnerabilities. Risk Assessment Techniques. What Is Next in ICS Security?
Tyson Macaulay is the security liaison officer (SLO) for Bell Canada. In this role, he is responsible for technical and operational risk management solutions for Bell's largest enterprise clients. Macaulay leads security initiatives addressing large, complex, technology solutions including physical and logical (IT) assets, and regulatory/legal compliance requirements. He supports engagements involving multinational companies and international governments. Macaulay also supports the development of engineering and security standards through the Professional Engineers of Ontario and the International Standards Organization (ISO) SC 27 Committee. Macaulay leadership encompasses a broad range of industry sectors from the defense industry to high-tech start-ups. His expertise includes operational risk management programs, technical services, and incident management processes. He has successfully served as prime architect for large-scale security implementations in both public and private sector institutions, working on projects from conception through development to implementation. Macaulay is a respected thought leader with publications dating from 1993. His work has covered authorship of peer-reviewed white papers, IT security governance programs, technical and integration services, and incident management processes. Further information on Macaulay publications and practice areas can be found online at: www.tysonmacaulay.com. Previously, Macaulay served as director of risk management for a U.S. defense contractor in Ottawa, Electronic Warfare Associates (EWA; 2001--2005), and founded General Network Services (GNS; 1996--2001). Macaulay career began as a research consultant for the Federal Department of Communications (DoC) on information networks, where he helped develop the first generation of Internet services for the DoC in the 1990s. Bryan L. Singer, CISM, CISSP, CAP, is principal consultant for Kenexis Consulting Corporation. Singer has more than 15 years experience in information technology security, including 7 years specializing in industrial automation and control systems security, critical infrastructure protection, and counterterrorism. His background focuses on software development, network design, information security, and industrial security. Industry experience includes health care, telecommunications, water/wastewater, automotive, food and beverage, pharmaceuticals, fossil and hydropower generation, oil and gas, and several others. He has specialized in process intelligence and manufacturing disciplines such as historians, industrial networking, power and energy management (PEMS), manufacturing enterprise systems (MES), laboratory information management systems (LIMS), enterprise resource planning (ERP), condition-based monitoring (CBM), and others. Singer began his professional career with the U.S. Army as an intelligence analyst. After the military, he worked in various critical infrastructure fields in software development and systems design, including security. Singer has worked for great companies such as EnteGreat, Rockwell Automation, FluidIQs, and Wurldtech before joining Kenexis Consulting and cofounding Kenexis Security in 2008. At Kenexis, he is responsible for development, deployment, and management of industrial network design and security services from both a safety and a system architecture perspective. Singer is also the cochairman of ISA-99 Security Standard, a former board member of the Department of Homeland Security's Process Control Systems Forum, member of Idaho National Labs recommended practices commission, U.S. technical expert to IEC, North American Electronics Reliability Corporation (NERC) drafting team member for NERC CIP, and other industry roles.
I had high hopes for this book since Bryan Singer is very
experienced in ICS, ICS security, and IT security — and Bryan and
co-author Tyson McCauley did not disappoint. To date this is
clearly the best book on ICS Security by far. The two best things
about this book are: 1) They got the facts right about both ICS and
IT security. This is not as easy as it sounds as most books have
failed or been simplistic in one area or another. 2) They provided
the background information for a beginner to understand, but
followed that up with significant technical detail and examples.
It’s a good book for a beginner or intermediate in either area, and
even those with years of experience in both areas will learn
something. For me the best new info was the Overall Equipment
Effectiveness (OEE) and Security OEE as a future risk assessment
technique in Chapter 4. … I could go on and on as I highlighted
sentences throughout the chapter and was muttering yes as I read. …
This is clearly the book to get or give if you want to read about
ICS security today.—Dale G Peterson, writing on
www.digitalbond.com
(For the full review, visit:
http://www.digitalbond.com/2012/03/27/4-star-review-for-mccauleysinger-book-cybersecurity-for-ics/#more-11213)
 |
Ask a Question About this Product More... |
|
