Dragos at Ovation Users’ Group Conference 2019

The 2019 Emerson Ovation Users’ Group conference in Pittsburgh, PA, was a busy time for Dragos. Not only did our CEO Robert M. Lee present the day two keynote, but we made a significant announcement about our alliance, conducted a joint presentation with our Emerson Ovation colleagues, and met some great people in our booth. Here’s a brief recap:

Announcement

Emerson and Dragos announced a new global agreement to enable power producers and water utilities to further strengthen the security of their critical assets, with Emerson integrating the Dragos Platform threat detection technology into its Ovation automation platform and Power and Water Cybersecurity Suite.

Highlights of this accord include:

  • Emerson has selected and validated the integration of the Dragos Platform to expand its Power & Water Cybersecurity Suite (PWCS) for industrial cybersecurity.
  • Emerson is augmenting its cybersecurity services with Dragos’ proactive and incident response services to help power and water customers detect and respond to threats.
  • Emerson and Dragos have co-created targeted protocol dissectors and threat analytics to improve visibility and detection of threats targeting Emerson’s Ovation automation technology in power generation and water/wastewater applications.

Together, Emerson and Dragos offer extensive ICS cybersecurity experience, expertise, and support services to enhance visibility into OT networks and detect threats targeting industrial systems in power plants and water treatment facilities.

To learn more, please visit:

Day 2 Keynote

Rob Lee opened Day 2 of the Ovation Users’ Group conference with an update on the cyber threats facing industrial organizations, including power producers and water utilities.

As an industry, we’re finding more, because we’re looking more. And while the threat environment continues to grow and evolve, actual incidents that affect industrial production are still rare.

Rob described the ICS Cyber Kill Chain (PDF) as a two-phase process: first, intrusion preparation and execution; then, attack development and implementation. Since adversaries must understand both the physical process and the safeguards, it takes more steps to conduct the type of attacks that are the most concerning. This leads to longer dwell times, which provides defenders more opportunities to detect and respond to the threat.

Rob concluded by opining that industrial systems are much more defensible against cyber threats compared to IT systems and outlining some of the lessons learned from recent ICS attacks, including changes in architecture & ICS configurations and passive & active defenses.

Practical ICS Security Tips Presentation

Dave Foose (Emerson), Ovation Security Solutions Program Manager, and Matt Cowell (Dragos), Director of Business Development, presented Practical Tips for System Security on Day 2. Their information-dense presentation covered five pragmatic ICS security tips to help practitioners better secure their OT networks and respond to adverse cyber incidents.