商品描述
Operational Technology (OT) refers to hardware and software used to monitor, control, and manage industrial processes, infrastructure, and assets across sectors like manufacturing, energy, transportation, and utilities. It includes systems such as Industrial Control Systems (ICS), SCADA, PLCs, and DCS.
ICS Security is the protection of industrial automation and control systems that manage critical operations like power generation, water treatment, and oil and gas production. Its goal is to safeguard confidentiality, integrity, and availability while mitigating risks from cyber threats, disruptions, and unauthorized access. With this book, our goal is to help readers understand how to secure complex industrial environments by providing a clear introduction to ICS and OT security. We will begin by explaining what ICS and OT are, how they differ from traditional IT, and why those differences matter. From there, the discussion will focus on the increasing importance of ICS/OT security--particularly in the context of IT and OT convergence, where systems and data are becoming more interconnected. You will also gain an understanding of the
key components that make up Industrial Control Systems and how they work together to monitor and control industrial operations. These components--including SCADA, PLC, HMI, and DCS--are essential for ensuring operational efficiency, safety, and security in industries like manufacturing, energy, and critical infrastructure. What you Will Learn - The major differences between IT and OT security - Key components of Industrial Control Systems - The major challenges in ICS/OT security - Why ICS/OT security is very important in the digitalization era - The most common and widely used ICS/OT standards, tools, and frameworks
Who This Book is for:
Beginners of OT Security environment. The book assumes you have an understanding of the IT Security environment and will be a great book for those who wish to learn the major differences and key elements of ICS and OT Security.
商品描述(中文翻譯)
操作技術 (OT) 指的是用於監控、控制和管理工業流程、基礎設施和資產的硬體和軟體,涵蓋製造、能源、交通和公用事業等行業。它包括工業控制系統 (ICS)、SCADA、可程式邏輯控制器 (PLC) 和分散控制系統 (DCS) 等系統。 ICS 安全 是指保護管理關鍵操作(如發電、水處理和石油天然氣生產)的工業自動化和控制系統。其目標是保護機密性、完整性和可用性,同時減輕來自網路威脅、干擾和未經授權訪問的風險。 本書的目標是幫助讀者了解如何通過提供對 ICS 和 OT 安全的清晰介紹來保護複雜的工業環境。 我們將首先解釋什麼是 ICS 和 OT,它們與傳統 IT 的區別,以及這些區別的重要性。接下來,討論將集中在 ICS/OT 安全日益重要性上,特別是在 IT 和 OT 融合的背景下,系統和數據變得更加互聯。 您還將了解構成工業控制系統的 關鍵組件 以及它們如何協同工作以監控和控制工業操作。這些組件,包括 SCADA、PLC、HMI 和 DCS,對於確保製造、能源和關鍵基礎設施等行業的運營效率、安全性和安全性至關重要。 您將學到的內容 - IT 和 OT 安全之間的主要差異 - 工業控制系統的關鍵組件 - ICS/OT 安全中的主要挑戰 - 為什麼在數位化時代 ICS/OT 安全非常重要 - 最常見和廣泛使用的 ICS/OT 標準、工具和框架
本書適合誰:
OT 安全環境的初學者。本書假設您對 IT 安全環境有一定了解,將是希望學習 ICS 和 OT 安全的主要差異和關鍵要素的讀者的絕佳書籍。
作者簡介
Massimo Nardone has more than 30 years of experience in information and cybersecurity for IT/OT/IoT/IIoT, web/mobile development, cloud, and IT architecture. His true IT passions are security and Android. He holds an M.Sc. degree in computing science from the University of Salerno, Italy. Throughout his working career, he has held various positions starting as programming developer, then security teacher, PCI QSA, Auditor, Assessor, Lead IT/OT/SCADA/SCADA/Cloud Architect, CISO, BISO, Executive, Program Director, OT/IoT/IIoT Security Competence Leader, etc.In his last working engagement, he worked as a seasoned Cyber and Information Security Executive, CISO and OT, IoT and IIoT Security competence Leader helping many clients to develop and implement Cyber, Information, OT, IoT Security activities. He is currently working as Vice President of OT Security for SSH Communications Security. He is an Apress co-author of numerous books, including Spring Security 6 Recipes, Secure RESTful APIs, Cybersecurity Threats and Attacks in the Gaming Industry, Pro Spring Security, Beginning EJB in Java EE 8, Pro JPA 2 in Java EE 8, Pro Android Games, and has reviewed more than 100 titles.
作者簡介(中文翻譯)
Massimo Nardone 在資訊與網路安全領域擁有超過 30 年的經驗,涵蓋 IT/OT/IoT/IIoT、網頁/行動開發、雲端及 IT 架構。他真正的 IT 熱情在於安全性和 Android。他擁有義大利薩萊諾大學的計算科學碩士學位。
在他的職業生涯中,他擔任過多個職位,從程式開發人員開始,然後是安全教師、PCI QSA、審核員、評估員、IT/OT/SCADA/雲端架構師、CISO、BISO、執行官、計畫總監、OT/IoT/IIoT 安全能力領導者等。在他最近的工作中,他擔任資深的網路與資訊安全執行官、CISO 及 OT、IoT 和 IIoT 安全能力領導者,幫助許多客戶開發和實施網路、資訊、OT 和 IoT 安全活動。
他目前擔任 SSH Communications Security 的 OT 安全副總裁。他是 Apress 的共同作者,撰寫了多本書籍,包括《Spring Security 6 Recipes》、《Secure RESTful APIs》、《Cybersecurity Threats and Attacks in the Gaming Industry》、《Pro Spring Security》、《Beginning EJB in Java EE 8》、《Pro JPA 2 in Java EE 8》、《Pro Android Games》,並且審閱了超過 100 本書籍。
