January 7, 2016
Condortech Services, Inc. (CTS), an innovator in the security industry and provider of comprehensive Engineering Security Services, collaborated with industry peers at the Building Control Systems Cyber Resilience Workshop held in November 2015. The workshop was sponsored by the Federal Facilities Council through the National Academies of Sciences with annual funding from multiple federal agencies and emceed by the Department of Defense. Hosted at the Department of Commerce in the heart of the nation’s capital, the 2-day event showcased initiatives being pursued across the federal landscape to protect cyber-vulnerable control systems that automate key features of our nation’s federal facilities.
Videos of all presentations are available at the FFC web portal. Keynote speakers were former Congressman Steve Stockman, John Conger (ASD for Energy, Installations & Environment), and others. Featured presenters also included the following: Chief – Risk Management Oversight Division of DOD CIO, Kevin Dulany; Director of DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Marty Edwards; Cybersecurity Advisor of the Computer Security Division at NIST, William Newhouse; as well as Jorge Lozano of Condortech Services, Inc..
Regarding systems that are supposed to be air-gapped and not connected to anything, the need for monitoring to alert when connections occur, either maliciously or accidentally, was discussed. “Somebody should get an alarm that says, ‘I see the rest of the world and the Internet around me and I’m supposed to be isolated. This is not a good thing,’” explained Marty Edwards, Director of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Edwards added, “There’s a lot of good recommend practices and guidance out there for how to address [these type of] situations. It’s just that we’ve failed to apply them in this space up until now.”
“Cyber attacks to our systems can come from anywhere,” said Jorge Lozano, Founder and CEO of CTS, and a highly regarded security industry expert. “The fact that a good number of the Industrial Control System’s (ICS) sensors are still using older methodologies to communicate among themselves, most times using open text rather than encrypted methods, creates the perfect vulnerability to ICS. A good number of these sensors do not have the framework to mitigate sophisticated cyber-attacks nor were they meant to function in high-speed networks. In fact, most technical standards are centric to IT networks only. There is a great need to re-think security from the current technological culture. However, there is not a single silver bullet to prevent these attacks. Condortech Services, Inc. has brought together an integrated solution team made up of technology experts STT, LLC., Waverley Labs, and Senstar to mitigate and protect the entire Electronic Security System. A solution has to be approached through an integrated effort from multiple platforms and simultaneously begin exploring the use of advanced smart hardware, which is where most problems originate from” emphasized Lozano.
CTS has its headquarters in Springfield, VA and has been at the forefront of the Security Industry since 1988, providing comprehensive Design-Build Security Systems. CTS services and protects Billions in assets in the Washington, DC area alone, and its distinguished clientele includes: Department of Homeland Security, The Department of Defense, US Army, Department of Veteran Affairs, The Air Force, The U.S. Marine Corps, GSA, DOE, and The EPA among others.