Industrial Network Security 2nd Edition

If you work in the field of Industrial Cybersecurity, get this book. Good for both beginners and experts alike, it brings together all the relevant topics and materials in a meaningful and practical way. I wade through a lot of books, articles, best-practice whitepapers and industry standards, and this book is still the best overall compilation of what you need to know about and think about for ICS security. I require a copy for each person on my staff. It’s especially helpful to IT folks who are entering the world of OT security. Now, if I can only get the Engineers to read it … Seriously, it’s excellent. Highly recommend.

Excellent read for both the Cybersecurity professional trying to dive into the control systems context and for the controls engineer who needs to learn the Cybersecurity discipline in the control systems contect. It was very easy to read and digest. The flow and order or the chapters was also very helpful. This book definitely gave me as a cyber professional what I needed to help me study for the GICSP. Thank you again Eric, Joe and everyone else who made the second edition changes come alive. Bravo.

A great resource for both engineers trying to understand what all this newfangled IT security stuff being forced on them is and security professionals that may not understand the special considerations ICS networks need. Valuable as a quick reference for a variety of cyber-physical system security topics even after reading.

First off a touch of background on the reviewer. I've been an automation professional for about 15 years working in industries ranging from big chemical to pharmaceuticals all the way from DCS's to tiny systems with 20 I/O and two screen HMI. I've worked for both operating companies and integrators. I was excited when I saw the title of the book because I expected a balanced look at real world solutions for very real problems. There is a serious issue right now in our industry with a number of people spreading FUD about how we are all doomed because our protocols are insecure and vendors don't practice proper SDL. While the facts they speak of are true, I think a more balanced approach of highlighting the deficiencies and then immediately providing actionable information an end user can take away is more appropriate. This happens to be almost the exact flow of this book. You can see the table of contents for yourself but the authors do an excellent job of giving the reader some basis for understanding the material through a history lesson and also an introduction to basic concepts in ICS network design. Next they raise the stakes by describing the insecure protocols with a culmination discussing how you might hack these protocols. The information revealed is certainly not earth shattering and is probably Hacking 102 or 103 for someone once they learn the protocols. Where this text truly succeeds, however, is taking you from a fearful place in chapter 7 and walking you through real world tasks you can execute to safeguard your systems. Again, I won't repeat what you can see in the TOC but the authors do a magnificent job of taking you through the logical steps of assessing risk, compartmentalizing the risk, and then monitoring for undesirable activity on your network. It is essentially a step by step, with what I think is an appropriate level of detail for a broad ranging book such as this, on how to methodically reduce your overall risk profile. No fool will ever claim to be 100% secure. But there are a long list of things you can do to make the adversary's task infinitely more difficult.No review should be taken seriously if it doesn't include honest criticisms. Living outside of the US I was forced to download and read the book via Kindle. The text layout and formatting was acceptable but many of the tables were very poorly formatted and not very readable. It appeared that instead of taking the time to format these tables for optimum viewing on the Kindle they were just copied as black and white images and included in line. So now what you have is just pictures with poor resolution that made reading most of the information all but impossible. Some of the longer tables were presented as multiple images in series making it very difficult to follow. Another small point that I picked up on was a constant return to the data diode as a solution to many potential issues in the plant. Yes a data diode is an excellent solution for limited use cases when communicating to outside (outside the ICS) networks but it seemed like the authors revisited it as a solution at almost every turn. Maybe it's related to the author's own experiences and biases? Instead I would have preferred to keep the focus on securing the internal networks with flexible and relevant solutions like firewalls and IPS/IDS. A well crafted attack has the potential to do serious damage even if cut off from the C2 infrastructure. This is our unique risk in the ICS space, attackers can do serious harm without the need ot exfiltrate a single byte of data.Finally a heads up for those who already work in the space. This book is not a deep dive on any particular topic related to ICS security. If you want a detailed discussion of the insecure protocols and the numerous ways they can be attacked and then by extension suggestions for altering the protocols for security, this is not your book. Also if you are an experienced ICS professional the first parts of the book aren't terribly useful as they are just introducing the readers to some of the basic concepts we live with day in and day out. Finally, if you fancy yourself a security expert and think that reading this book will give you all the tools you need to walk into a refinery and demonstrate your superior knowledge of their unique systems you are in for a serious wake up call. Honestly I think this book is aimed more at a few different groups. First, the ICS engineer who knows how to make the systems work, but doesn't really know how the systems work. Simple example. You can get a Modbus TCP connection up and running between your server and a client but you don't understand how a Modbus TCP packet actually works and by proxy don't understand how it can be attacked. Once you understand this issue better after reading the text then you are ready to start thinking about the most effective way to secure your installation. Second I think this book is excellent for the security professional who would like to begin to understand ICS networks and the unique challenges they pose. I felt like it does a good job describing the fundamental concepts associated with ICS networking and how they are so different from traditional IT systems. With a firm foundation and also requisite level of respect for what we do in ICS I think an IT security professional can start to work towards helping make our systems closer to on par with our IT brethren.My overall impression is that this is a good book for a broad range of potential readers but you should also be prepared to continue your studies down whichever chosen rabbit-hole you wish to pursue.

Fantastic introduction to the world of ICS. Joel and Eric do a great job highlighting the differences between standard IT security and applying it to the OT environment. The book includes a great rundown of the various fieldbus protocols (Modbus, DNP3 et al.) You also get an excellent introduction into the architecture of the Smart Grid. I highly recommend this as a first ICS book for anybody.

Excellent high level book on ICS Cybersecurity. It might be a bit hard to follow for a non-OT person but it definitely provides a wealth of information, history, and tips on securing industrial control systems and monitoring / analyzing them. The hard part is implementing it all.

I love this book. I've read it twice.

I do this for a living and was interested in rounding out things I had not experienced. So far I like what I see in that it reflects my experiences and preferences in securing ICS Networks.