Firewalls are almost always the first technology investment in a new ICS security program, but are they secure? Firewalls have been with us for more than 25 years now — the good guys and bad guys both know how to break through them. Join us to review 13 ways to break through a firewall, each with between dozens and thousands of examples in the wild. Time permitting, up to five of these techniques will be demonstrated live, on a modern, next-gen firewall. This presentation also reviews seven compensating measures deployed routinely to address firewall vulnerabilities on control system networks, and evaluates each measure against each of the 13 classes of attacks.
Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions and an Assistant Professor at Michigan Technological University. Before Waterfall he led teams developing SCADA system, IT/OT middleware and SCADA security products for a variety of vendors. At Waterfall Andrew leads a team responsible for outreach to schools, standards bodies and industrial control system security practitioners. Andrew is the co-author of the Industrial Internet Consortium's Security Framework, the author of "SCADA Security - What's broken and how to fix it," the co-chair of the ISA SP-99 security technology workgroup, and a frequent writer and speaker on control system security topics. He holds B.Sc. AMAT and M.Sc. CPSC degrees from the University of Calgary, and is located in Calgary, Alberta.
Snacks at 17:30. Meeting begins at 18:00.
Attendance is free for CUUG members, or $10 (cash only) at the door for non-CUUG members.
See the main CUUG web page for general information about CUUG.