WORKSHOP: CYBER RISK IN REMOTE VENDOR ACCESS
Friday 27th July 2018 9:00 am – 12:30 pm
There is a need to allow vendors to access critical infrastructure control system sites remotely, to assist with emergency maintenance of their products. Recently, countries across the world have realised that by granting remote access to the vendors, they are putting their critical infrastructure in the hands of a foreign country. While the vendors themselves may be trusted, there remain many other issues including opening connections from the control systems to the Internet, and cross contamination between sites and countries that the vendor provides support to.
This workshop will aim to develop a protocol which allows emergency remote vendor access, while providing heightened security to the SCADA operator. Topics covered and explored in the workshop will include the need for the protocol, concepts for the design of the protocol, and known issues with implementing the finished protocol.
Dr Kaleb Leemaqz, Senior Technical Advisor, Australian Cyber Security Centre, CERT Australia
Dr Kaleb Leemaqz is part of the control systems capability in the Australian Cyber Security Centre. The control systems team provides proactive capabilities such as advice and guidance to industry and government. Kaleb has a strong background in IoT security, ICT security and cryptography, and works towards raising the security maturity of the nation’s critical infrastructure. Control systems information:https://www.cert.gov.au/critical-infrastructure-and-big-business/control-systems-guidance