Tuesday, 12 February 2013

Protection from cyberattack!

Book reveals proven ways to protect national infrastructure, production capabilities etc from cyberattack

A new book from the ever expanding ISA stable outlines clear and proven security principles, practices and standards that, when properly applied, can safeguard nations’ critical infrastructure, defence establishment, and production capabilities from the risks of cyberattack.

Industrial Automation and Control System Security Principles by Ronald L. Krutz, Ph.D., P.E., CISSP, ISSEP, a scientist and consultant specializing in cybersecurity services, illustrates that while cyberwarfare presents considerable challenges to essential national assets—such as refineries, chemical plants, manufacturing operations, power plants and pipelines-- there are highly effective, structured defences against such aggression.

Dr. Krutz’s book reveals a practical, implementable cybersecurity formula that incorporates the fundamentals of information system security while addressing the unique requirements of industrial automation and control systems.

Dr Krutz has also coauthored the following books published by Wiley.
The CISSP Prep Guide
The Wiley Advanced CISSP Prep Guide
The CISSP Prep Guide, Gold Edition
The Security + Certification Guide
The CISM Prep Guide
The CISSP Prep Guide, Second Edition
Mastering CISSP and ISSEP (Information Systems Security Engineering Professional)
The Network Security Bible
The CISSP and CAP (Certification and Accreditation Professional) Prep Guide, Platinum Edition (Mastering CISSP and CAP)
The Certified Ethical Hacker (CEH) Prep Guide
Cloud Computing Security
Web Commerce Security
“While there are numerous and worthy publications that discuss the protection of computer-based systems in a wide variety of implementations, these documents focus more on general terms, mostly in the area of risk analysis, and apply to disparate areas of applications,” he says. “In my book, I focus on in-depth treatment of proven, clearly identified cybersecurity principles, practices and standards, and how they can be tailored and applied to the special environments of industrial automation and control systems.”

For cybersecurity solutions to be effective, he emphasizes, "they must be practical instruments that can be clearly understood by practicing control system professionals and straightforwardly applied in real-world situations.”

In separate chapters of the book, Dr. Krutz also highlights the importance of staying up to date on technological trends affecting future industrial automation and controls systems, and providing the necessary training to cybersecurity-related personnel. At the end of all chapters are review questions. Answers are provided in the appendix.

Dr. Krutz is Chief Scientist for Security Risk Solutions, Inc. in Mount Pleasant, South Carolina. He has more than 30 years of experience in industrial automation and control systems, distributed computing systems, computer architectures, information assurance methodologies and information security training.

Dr. Krutz has served as: a Senior Information Security Consultant at Lockheed Martin, BAE Systems, and REALTECH Systems Corporation; an Associate Director of the Carnegie Mellon Research Institute (CMRI), which he founded; founder and director of the CMRI Computer, Automation and Robotics Group; a professor in the Carnegie Mellon University Department of Electrical and Computer Engineering; and a lead instructor for (ISC)2 Inc. in its Certified Information Systems Security Professionals (CISSP) training seminars.

He authored the book, Securing SCADA Systems, and three textbooks on microcomputer system design, computer interfacing and computer architecture. He holds seven patents in the area of digital systems, and has published more than 30 technical papers.

Dr. Krutz also serves as consulting editor for the John Wiley and Sons Information Security Certification Series (see box), and is a Senior Fellow of the International Cyber Center of George Mason University.

He is a bachelor of science, master of science, and doctorate degrees in electrical and computer engineering, and is a Registered Professional Engineer in the state of Pennsylvania (USA).

• For more on cyber security see our Cyber Security Page and our index of papers/articles since Stuxnet: ICS & Scada Security!

No comments:

Post a Comment