Industrial Cybersecurity Webinars

Full recordings are located on our Cybersecurity Knowledge Center (CKC).  *Some videos require membership to view.

Auditing and Optimizing your OT firewalls*

Preview: Businesses are realizing the significant benefits of converging Information Technology (IT) and Operational Technologies (OT) to meet evolving business requirements. However, as a result, the attack surface of the OT environment is expanding. At the same time, persistent and targeted cybersecurity attacks against Industrial Controls System (ICS) are on the rise. The first line of defense is often a firewall at the perimeter between the business network (IT) and the OT network (a.k.a. process control network). Having a firewall installed is great but it may be providing you with a false sense of security if it hasn’t been properly configured, optimized, and regularly audited. This webinar will discuss the firewall configuration lifecycle, the role of audit, firewall rule rationalization techniques, common firewall misconfigurations and how to remediate them, and will wrap up with a couple of case studies. Watch the full presentation on the Cybersecurity Knowledge Center.

Building a Cybersecurity Program*

Preview: With the present situation in the United States and across the world, our typical method of advancing cybersecurity initiatives has been affected. The OT Cybersecurity conferences and gatherings have been canceled or postponed. I am sure we all have taken steps in our own lives to mitigate the risk to our families, while trying to balance our work objectives. Traditionally, our industry tends to concentrate on the assessment and implementation of recommendations; however, a cybersecurity program is much more than assessment and implementation of deliverables. The Industrial Cybersecurity team at aeSolutions feels there are specific deliverables for an asset owner’s cybersecurity program that can currently be completed to advance their OT Cybersecurity program even with the current travel and social distancing advisories in place. However, it requires a methodical approach in defining, structuring and developing the correct balance of Policies, Standards, Procedures, Job Aids, Checklists and Training. The aeSolutions 5 Pillar Cybersecurity program model is the best-in-class approach to sustain an asset owner’s cybersecurity program, while ensuring the lowest cost to serve over time. Our upcoming webinar will walk asset owners through the ae Solutions 5 Pillar model, its attributes and the interaction within the model. Specific content will be shared in the form of templates ,best practices, checklists and job aids as we discuss our program model with our aeSolutions end-user community. Watch the full presentation on the Cybersecurity Knowledge Center.

Building Cybersecurity into a Greenfield Project Industrial Control System Project

Preview: This presentation is a case study on a capital project to build a greenfield facility and the efforts taken, under the direction of the CISO, to integrate cybersecurity into the project. The presentation will discuss the project justification, the business challenges, the process of integrating cybersecurity into the industrial control system (ICS) project lifecycle as well as the benefits and critical success factors. While not without its challenges, the result was a system that was designed, implemented, documented and tested for security before it left the factory floor and before it was commissioned onsite. Watch the full presentation on the Cybersecurity Knowledge Center.

Design and Implementation of PCN DMZ

Preview: An enterprise wide Industrial Control Systems (ICS) landscape consists of a large array of applications, tools and endpoints spread across multiple facilities at the very core of plant management and manufacturing. This dependency on automation systems mandates companies to develop specific criteria to adequately protect the infrastructure that supports their production processes. Creating strong boundaries between business networks and process control networks (PCN) potentially minimizes the number of vulnerabilities and attack paths that an internal or external attacker may use to manipulate certain critical systems and gain unauthorized access. A PCN Demilitarized Zone or DMZ is considered one of the key security protection mechanisms in the isolation and segmentation of client networks from the underlying OT networks. This presentation will highlight key concepts on how to effectively design and implement a PCN DMZ, based on various use cases across multiple plants and sites as well as any functional specifications crucial to the design and implementation of this security control. Watch the full presentation on the Cybersecurity Knowledge Center.

Digital Transformation and IIoT​ : Cyber-Safety Challenges and Opportunities

Preview: Please join us for the special Live Webcast as we discuss Digital Transformation and IIoT "Cyber-Safety Challenges and Opportunities" to aid, advance, and provide a significant shift in managing the risk of cybersecurity and safety within your organization.

On this webcast, we'll be considering how the technologies and platforms have evolved. We will discuss the high-level goals of Digital Transformation or IIoT programs and projects and how their project execution typically unfolds. We will also discuss how these programs can create unintended consequences within the OT environment if cybersecurity and safety are not evaluated.

This presentation will put forth 5 simple areas of focus for plant personnel when impacted by Digital Transformation or IIoT projects or programs. The 5 areas of focus ensure a fundamental work process and approach to mitigating plant cybersecurity and safety risks. Watch the full presentation on the Cybersecurity Knowledge Center.

Evaluating Cybersecurity Risk from an Operational Reliability and Process Safety Perspective: The aeCyberPHA® Method

Preview: There is has been a wide degree of variability in how industry defines and performs OT/ICS cybersecurity risk assessments. Many of the approaches in use today fail to capture the true risk to operations because they don't "drill down" to study the actual consequences if the facility's control and safety systems were to be compromised by a cyber incident. For example, some methodologies overstate the risk by not taking "credit" for existing safeguards and countermeasures. Other approaches understate this risk because they don't consider health, safety, environmental (HSE) or other operational consequences such as lost production, off-spec product, interruption of service, equipment damage, etc.

The aeCyberPHA methodology solves this problem. aeCyberPHA is a standards-based, proven methodology to assess industrial control system cybersecurity risk by using well established practices and lessons learned from process safety process hazard assessments (PHAs). It provides a realistic representation of risk because it integrates information from PHA’s with a detailed cybersecurity risk assessment of the control system and related IT infrastructure.
Watch the full presentation on the Cybersecurity Knowledge Center.

ICS Asset Inventory and Network Diagrams*

Preview: Most people would agree with the statement, "You can't secure an asset if you don't know it exists". In other words, ICS asset inventory is fundamental to assessing, protecting, monitoring and maintaining your ICS systems and networks. Furthermore, since ICS assets are typically part of a networked system, it is also critical to understand how these assets are networked and interact with one another. So, in addition to asset inventory, network diagrams are also fundamental. However, developing and maintain accurate ICS asset inventory and drawings is much easier said than done.

Join us for a two-part webinar on ICS Asset Inventory and Network Diagrams. In Part 1 we will discuss a variety of tools and techniques to gather and maintain an ICS Asset Inventory. In Part 2 we will talk about types of ICS Network Diagrams and present a variety of tools and techniques to develop and maintain them.
Watch the full presentation on the Cybersecurity Knowledge Center.

Maritime Cybersecurity: Addressing Cyber Risks at MTSA Regulated Facilities

Preview: In this presentation, Marco Ayala of aeSolutions is joined by a United States Coast Guard representative to speak about the cyber risks to maritime industry including ports, terminals and offshore operational assets. They discuss recent real-world cybersecurity attacks focused on maritime targets, followed by a presentation of the current regulations and guidance that have been published by the Coast Guard to address cybersecurity as it relates to the maritime industry under the Maritime Transportation Security Act, including the latest release of Navigation and Vessel Inspection Circular (NVIC) 01-20. Marco is also joined by John Cusimano, aeSolutions VP of Cybersecurity, and Greg Villano, Industrial Cybersecurity Senior Principal Specialist for aeSolutions. Watch the full presentation on the Cybersecurity Knowledge Center.

OT Cybersecurity Products: Evaluating, Selecting and Deploying*

Preview: Several OT cybersecurity products are available today featuring targeted functionality to address the unique requirements around asset management, intrusion detection, patch management, configuration management, threat intelligence, etc. While these products offer valuable insight into the real-time security posture of their ICS networks, asset owners are struggling with determining if, when and how they might deploy these technologies across their fleet of ICS systems. Grappling with these issues can be an incredibly complex challenge for organizations with multiple facilities and diverse ICS platforms. In this presentation we will share our experience working with asset owners and vendors on a structured process of selecting, testing and deploying OT cybersecurity products. We will also present typical requirements checklist, sample vendor questionnaire and other collateral during the presentation. Watch the full presentation on the Cybersecurity Knowledge Center.

PLC/SIS Security Are You Leveraging Available Technology to Ensure System Integrity?*

Preview: In the recent years, as the demand for real time analytics, predictive maintenance, and system monitoring technologies has risen in the Industrial Controls System (ICS) environment, Information Technology (IT) and Operational Technologies (OT) have been rapidly converging. In the past, OT has assumed on proprietary networks and air gapped systems were sufficient security measures. However, with the rise in targeted attacks on ICS environments and safety system controllers, it is more important than ever to incorporate PLC/SIS controller security solutions into your ICS defense in depth strategy. Vendors are beginning to provide better device level security solutions, but are you properly leveraging and deploying the available technology to meet your security needs? Watch the full presentation on the Cybersecurity Knowledge Center.

Using Bowtie to Graphically Visualize CyberPHA Results*

Preview: To assess the Cyber Risk to an industrial facility, a proven methodology called Cyber PHA has been developed and applied to conduct ICS cyber risk assessments throughout process industries. The results from a Cyber PHA provides valuable information such as the highest risk scenarios and practical solutions to mitigate the risk, however, the tabular format of this information may be difficult for leadership to interpret. A graphical depiction of the high-risk scenarios that shows the pathways from cause to consequence enables easier understanding of the Cyber PHA results.

Please join us for this webcast where we will describe the Bowtie methodology with examples to show the power of graphically portraying the range of causes and consequences of a cyber event. We will also demonstrate how to visualize “before and after” – the progression of a cyber event without countermeasures in place, and the same scenario shown with barriers. Watch the full presentation on the Cybersecurity Knowledge Center.

Discovering Vulnerabilities on Windows based IC Workstations

Preview: This webinar will focus on tools and techniques to discover security vulnerabilities in Windows-based ICS workstations and servers (e.g. engineering workstations, operator stations, application servers, tag servers, etc.). The webinar will also address different types of applications used for the discovery of Settings, Services, Network Interfaces, Portable Media, Peripherals, and Application Inventory as well as Patch Levels to determine possible vulnerabilities and security risks. To round the discussion out the team will show reports from a specific tool that delivers ICS Workstations information for analysis to determine vulnerabilities. The discussion will conclude on the topic of vulnerability management and how the ability to discover and manage vulnerabilities is essential, as part of a defense in depth strategy and gain visibility to known vulnerabilities within ICS workstations. Watch the full presentation on the Cybersecurity Knowledge Center.

Cybersecurity Challenges in the Water and Wastewater Industry

Preview: There is a renewed focus on securing the nation’s water and wastewater critical infrastructure from a potential cyber-attack due to heightened awareness from cybersecurity incidents impacting industrial control systems (ICS). Several published standards, guidance, and best practices are available for this industry sector, but the community still lacks a cohesive and consistent approach to ICS cybersecurity. Adherence to standards, such as IEC 62443, raise many questions about roles and responsibilities and application requirements. Our presentation will highlight some of these major challenges facing the water and wastewater industries in developing good cybersecurity policies and practices.    This webinar will break down some of the different standards guiding this industry sector and how to apply them in a manner consistent with the goals and objectives of the utility.  We will discuss various assessment methodologies including gap analysis, maturity models, Security Levels, and risk analysis in the context of a typical water and wastewater plant cybersecurity lifecycle. Watch the full presentation on the Cybersecurity Knowledge Center.

Implementing an ICS Vulnerability and Patch Management Program*

Preview: Applying critical security updates and patches issued by Microsoft for Windows-based hosts is fundamental to any ICS cybersecurity program. What makes this seemingly mundane task so complicated? While Microsoft tests and approves patches for the various Windows OS versions, control system vendors must also test and validate those patches for compatibility with their systems. Once the vendor has approved the patches, the asset-owner needs to obtain them, do their own evaluation, schedule deployment, deploy, verify and document. Adding to the challenge is the difficulty of gaining access to these systems due to the infrequency of scheduled shutdowns and maintenance turnarounds. Despite these challenges, there is real urgency to improve the patching of OT computers driven by the alarming increase of ransomware attacks on industrial operations and the frequency of critical security vulnerability alerts that impact OT systems. Join us as we co-present with our industry partner, Panacea Technologies, and highlight tools, work processes and patch management products available to meet this urgent need. Watch the full presentation on the Cybersecurity Knowledge Center.

ICS Secure Remote Access

Preview: Industrial Control Systems (ICS) often utilize remote access for maintenance, troubleshooting, and vendor support as well as to enhance productivity through collaboration with subject matter experts. While there are many benefits, remote access into the ICS environment can introduce significant risk, especially if it has not been properly implemented. There are a myriad of technical solutions available. The challenge for many users is evaluating and selecting the best technical solution for the application that complies with corporate policies as well as industry standards and best practices. Identity and access control, least privilege and separation of duties are critical requirements that must be established and incorporated into the design. Beyond the technology, it is also critical to implement policies, procedures and training to ensure that personnel are aware of and are complying with acceptable use policies. Watch the full presentation on the Cybersecurity Knowledge Center.

ICS Application Control

Preview: Application Control (aka ‘Whitelisting’) is widely recognized both as a method for maintaining an inventory of approved applications as well as a crucial malware prevention control. Virtually all the industry cybersecurity standards include or require it. The US National Security Agency (NSA) considers it one of the ‘top four cybersecurity controls.’ With recent destructive-malware events costing companies literally hundreds of millions of dollars, it’s time to take a serious look at application control for ICS. The good news is that many companies have successfully implemented application control products and practices within their ICS systems – in both greenfield and brownfield sites. Owners, vendors and integrators have come to embrace application control as a safe and reliable method for managing ICS software and protecting ICS systems and devices. In fact, in many ways ICS systems are the ideal candidates for application control. In this webinar we’ll provide an overview of ICS application control, and then review our real-world experiences, best practices and lessons learned from helping our clients evaluate, plan and implement application control within their ICS systems. Watch the full presentation on the Cybersecurity Knowledge Center.

Identifying and Addressing Process Control Network Misconfigurations to Reduce Risk*

Preview: Over the last few decades companies have expanded and transformed their Process Control Networks (PCNs) by modernizing them with newer digital technologies, and integrating them with other parts of the business – both horizontally (e.g. unit-to-unit or cell-to-cell) and vertically (e.g. operations to business). Typically, these transitions evolved over time, often resulting in large, flat, multi-vendor, multi-generational networks that are organically extended, inadequately configured, poorly documented, and difficult to support and maintain. Common misconfigurations found in today’s PCNs threaten Availability, Security, Operations and potentially introduce additional risk to organizations.

This webinar will discuss how addressing these misconfigurations does not have to be a daunting task, and in many cases, they can be addressed without shutting down operations. At the end of the presentation, a case study will be presented to provide an example from an operating facility that had many of these common misconfigurations that were identified and mitigated, resulting in a more resilient PCN. Join us as we discuss the most common PCN misconfigurations, how these vulnerabilities can be identified, and how to go about reducing the risk. REQUEST ACCESS

Top 20 ICS Cybersecurity Practices*

Preview: One of the challenges that many companies face is the number of industrial cybersecurity standards and best practices, that have hundreds of requirements, can be overwhelming at times. Because of this, it can be very difficult to develop and manage an OT cybersecurity program. This webinar will discuss some tips and tricks and distill these requirements down into a list that can be leveraged to address gaps within your existing cybersecurity programs. We refer to this list as the aeSolutions Top 20 ICS Cybersecurity Practices. We will define the purpose and scope of these Top 20 ICS Cybersecurity Practices . We will also address how they were defined, and how to leverage this list across all aspects of the Cybersecurity lifecycle including, Assessment, Design, Implementation and O&M. Lastly the webinar will discuss how a role-based training program can be developed from the Top 20 ICS Cybersecurity Practices. We will discuss cybersecurity training challenges, the scope of role-based training, and the opportunities to develop and deliver a role-based training program. REQUEST ACCESS

Cybersecurity Acceptance Testing for Industrial Control & Safety Systems*

Preview: ICS cybersecurity standards such as IEC 62443 provide many requirements including access control, hardening, physical security, patch management, network segmentation and malware protection. aeSolutions refers to a core group of these as the Top 20 ICS Cybersecurity Practices which are fundamental to an effective Cybersecurity Management System. Included in this Top 20 is Security Testing. This testing is performed to verify that a new or upgraded ICS is implemented and commissioned according to the security requirements set forth in the design. This testing typically takes place in two phases in the project lifecycle: CFAT (Cyber Factory Acceptance Testing) and CSAT (Cyber Site Acceptance Testing). The challenges of cyber acceptance testing include the type and timing of the testing and how to align these efforts project requirements, budget, and schedule. Additional challenges include equipment and site access during the current global pandemic and how to effectively execute and manage remote testing, if required. Today’s webinar will discuss the 2 types of cyber acceptance testing, CFAT and CSAT, and at what point in the ICS project lifecycle this testing occurs as well as outline their benefits. We will highlight the different approaches to CSAT and CFAT, tools deployed, typical test protocols and illustrate the concepts through case studies and lessons learned. Watch full recording

Building a Robust ICS Backup and Recovery Program*

Preview: Trusted, available operational technology (OT) information is critical to the safe, reliable and profitable operation of industrial processes yet it faces risk of corruption or loss from both malicious and non-malicious events. In fact, ransomware attacks against industrial entities jumped more than 500 percent over the last two years. A sound Backup and Recovery practice is foundational in any OT Cybersecurity Program and, in the event of a ransomware or wiper attack, may be the last line of defense. This webinar will discuss the challenges, technologies, strategies and best practices in implementing a robust Backup and Recovery practice in the OT space for both computers and control system devices. At the end of the presentation, a case study will be presented to provide an example of how a company evaluated solutions to address gaps in their strategy including the increasing threat of Ransomware. Join us as we discuss this foundational practice and how to identify the right size solution for your company. REQUEST ACCESS

The Interdependency of Cyber and Physical Security

Preview: Physical security and cybersecurity best practices share a close relationship in securing industrial control systems and facility operations. In this presentation, we will start by looking at some examples of physical vulnerabilities that have led to cybersecurity attacks. We will also discuss the various cybersecurity regulations, standards, and requirements that reference physical security measures, review the fundamental types of assessments for physical and cybersecurity and their similarities and differences. We’ll talk about the challenges and opportunities present in a well-defined physical security assessment scope, review the typical systems that are a part of physical security, and offer some insight into what additional systems may be included in physical security. Lastly, we will cover the best practices and the potential overlap between physical and cybersecurity. Watch the full presentation on the Cybersecurity Knowledge Center.

ICS Risk Assessment Standards & Best Practices*

Preview: There is no simple recipe for how to secure an industrial automation and control system (IACS) and there is good reason for this. It is because security is a matter of risk management. Every IACS presents a different risk to the organization depending upon the threats it is exposed to, the likelihood of those threats arising, the inherent vulnerabilities in the system and the consequences if the system were to be compromised. Furthermore, every organization that owns and operates an IACS has a different tolerance for risk. ISA/IEC 62443 Part 3-2, Security Risk Assessment for System Design, strives to define a set of engineering measures that will guide an organization through the process of assessing the risk of a particular IACS and identifying and applying security countermeasures to reduce that risk to tolerable levels. This presentation will provide an overview of the 62443-3-2 standard as well as examples of how the standard has been applied in real-world applications. REQUEST ACCESS

ICS Cybersecurity Risk Screening*

Preview: Completing an initial risk assessment (also known as a high level risk assessment) is one of the key steps to performing an ISA/IEC 62443 Part 3-2 compliant cybersecurity risk assessment. This presentation will offer an overview of aeSolutions method for leveraging existing process safety studies (PHA, HAZOP, LOPA, etc.) to identify cyber-vulnerable risk scenarios and provide a high level view of the potential magnitude of cyber risk to operations. We will also review how an analysis of these scenarios across multiple studies can be used to prioritize units and sites for in-depth cybersecurity risk assessments. REQUEST ACCESS

Pipeline Cybersecurity: State of the Industry and Proposed Roadmap

Preview: 2.6 million miles of pipelines deliver trillions of cubic feet of natural gas and hundreds of billions of tons of liquid petroleum products each year in the US. This infrastructure is largely operated by industrial control systems, typically referred to as SCADA systems, that are interconnected through an extensive combination of wired, wireless, public, and private networks. While there are voluntary standards and guidelines, there is currently no US regulation that encompasses cybersecurity for the pipeline sector. As such, the cybersecurity maturity of the pipeline sector is generally behind other energy sectors and there is wide variability in the cybersecurity readiness of pipeline operators. This webinar will discuss the current state of pipeline cybersecurity, the challenges facing the sector, and the available standards and guidance. Afterwards, we present a recommended roadmap for pipeline operators based on findings from over 80 pipeline cybersecurity assessments performed over the last 7 years. See Full Recording

ICS/OT Asset and Vulnerability Management: Best Practices for Deploying, Tuning, and Maintaining Solutions*

Preview: Managing ICS/OT assets and vulnerabilities is a cornerstone requirement within today’s Industrial Cybersecurity programs guided by standards and best practices (IEC/62443 and NIST-800.82). Without proper planning, purchasing and deploying a tool/solution that discovers the site’s assets and associated vulnerabilities can hinder the operations team more than help. A sustainable solution requires an actionable plan on managing and responding to the discoveries. This webinar will discuss the benefits and challenges that an ICS/OT asset and vulnerability management tool can bring to the Industrial Cybersecurity program. We will highlight some of the regulatory, industry standards, and guidelines that speak to ICS/OT asset and vulnerability management requirements. In addition, we will discuss how to prioritize and rank the vulnerabilities identified and best practices for deploying, tuning, and maintaining these tools. Lastly, we will also touch on some best practices to help guide asset owners with version management and keep the ICS/OT asset and vulnerabilities tools relevant and supportable. REQUEST ACCESS

* Videos marked with an asterisk require either a Partner or Premium membership to aeSolutions' Cybersecurity Knowledge Center (CKC).  Click the login button at the top right or you can click the Buy button and enter your membership credentials there for access. 

Introduction to aeSolutions’ ICS Cybersecurity Knowledge Center (CKC)


Current aeSolutions cybersecurity clients may request complementary Partner access at

aeCyber Homepage