It is no surprise – Industrial Control Systems (ICS) are in the crosshairs of opposing nations and criminal organizations. Semiconductor Manufacturing Enterprises specifically need a heightened awareness due to their key role in the global supply chain. In addition to known bad actors, the modern fab is connecting to the outside world at an exponential pace and with greater connectivity comes greater security risk. Even well-intentioned actions can mistakenly impact network availability, interrupt operations, and halt productivity.
Semiconductor Organizations need a comprehensive, unified IT/OT cyber resilience plan accounting for all potential security risk before, during, or after a cyber event – including (but not limited to):
- Asset Inventory / Installed Base Identification
- Vulnerability & Risk Analysis
- Qualified Patch Management
- Cybersecurity Policy Development
- Endpoint Protection
- Perimeter Hardening (IDMZ) & Microsegmentation Deployment
- Zero-trust & Secure Remote Access
- Real-time Threat Detection
- Disaster Recovery Planning & Incident Response
The best approach is risk-based in alignment with industry best practices (i.e. SEMI E187/8/x, NIST SP 800-82, ISA/IEC 62443, ISO 27001, etc.) with complete organizational adoption. Unfortunately, even the most sophisticated organizations can’t manage all aspects of IT/OT cybersecurity alone – you need an ecosystem of trusted experts and partners by your side to extend your protection against next-gen security threats.
In this talk we will review the people, processes, and technologies leveraged to secure modern fab equipment – Computer OS Security, Network Security, Endpoint Protection, and continuous Security Monitoring. We will also review the emerging Managed Security Services leading the industry in data-driven cyber protection and response so that you can have confidence running a world-class ICS cybersecurity program.