{"id":18612,"date":"2021-05-13T15:57:26","date_gmt":"2021-05-13T15:57:26","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=18612"},"modified":"2021-06-18T18:51:11","modified_gmt":"2021-06-18T18:51:11","slug":"critical-infrastructure-protection-physical-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/","title":{"rendered":"Critical Infrastructure Protection: Physical and Cyber Security Both Matter"},"content":{"rendered":"<p dir=\"ltr\">Oil and gas companies have two key areas of concern when addressing cybersecurity, especially in their unmanned remote facilities. They have to supply physical security that denies access to the cyber-physical assets, and they sometimes must employ several cyber defenses depending on the device or system in question. So when you are looking at doing a <a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\">Zero Trust<\/a> deployment for critical infrastructure protection (CIP), it is important to be mindful of the fact that a site&#8217;s physical security is typically the easier of the two to breach.<\/p>\n<p dir=\"ltr\"><em>Further reading: <a href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\">Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities<\/a><\/em><\/p>\n<p dir=\"ltr\">Once the attacker has physical access to devices attached to the network, how you have zoned off assets and applied <a href=\"https:\/\/www.esecurityplanet.com\/products\/edr-solutions\/\">endpoint protections<\/a> where applicable will determine how far the attacker will get with data theft or exploitation of the cyber-physical assets.<\/p>\n<ul>\n<li dir=\"ltr\" style=\"list-style-type: disc;\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Older facilities and process networks in Oil and Gas often lack <a href=\"https:\/\/www.esecurityplanet.com\/threats\/microsegmentation-zero-trust-security\/\">segmentation<\/a>, which is now a best practice in today&#8217;s networking design. As own operators of pipelines move forward with digital transformation, segmentation will be key in safeguarding their cyber assets, both local and remote.<\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\">Segmentation based on business criteria<\/h2>\n<p dir=\"ltr\">Segmentation is not just breaking apart the network based on the IP-Address space. True segmentation requires identifying and grouping devices into Zones or Enclaves based on meaningful business criteria to protect better vulnerable devices found within the address space. Access to devices in the zone needs to be restricted by users, groups, protocols, networks, and devices. In some instances, you may even consider restricting access by time of day.<\/p>\n<p dir=\"ltr\">IoT\/IIoT is beginning to take hold in the energy industry, which means there are going to be more devices attached to these networks gathering information and possibly running on a vendor&#8217;s proprietary software and hardware, which more than likely will not be managed or patchable by the operator of the system. So O&amp;G needs to have a definite plan on how they will address this growing trend, and a zero trust-based strategy offers the best means of doing this integration in a safe, secure, and, most important, reversible manner.<\/p>\n<h2 dir=\"ltr\">Camera and sensor security<\/h2>\n<p dir=\"ltr\">Segmentation will also include the zoning of radio frequency (RF) technologies like Wi-Fi, Microwave, satellite, and cellular. ICS and SCADA systems operators must remain mindful of the possibility of an upstream attack by threat actors who have managed to compromise their RF facilities. Remote facilities and devices often have cameras and sensors to alert when a door has been opened. Still, because they are remote, attackers have time to enter the facilities and plant a device that can go completely unnoticed.<\/p>\n<p dir=\"ltr\">Another option physical access affords them is the opportunity to compromise the runtime operating systems and\/or OS of the devices they find. The only way you will find these would be to do a physical search of the facility or cabinet and run an audit of the OS to ensure nothing has been tainted.<\/p>\n<h2 dir=\"ltr\">Zoning limits damage<\/h2>\n<p dir=\"ltr\">So the reason why the zone trust segmentation (zoning) is so important is if you don&#8217;t have the time to perform these acts to confirm that the site is not compromised. With proper zoning enforcement, you can limit and isolate the damage to a region or just that location.<\/p>\n<p dir=\"ltr\">Zones in a Zero Trust network also serve as an inspection point for traffic entering and exiting the enclave. The enabling of <a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\">IPS, IDS<\/a>, and virtual <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/sandboxing-advanced-malware-analysis\/\">sandboxing<\/a> technology can be applied on a per-zone basis, allowing for customized protection for the vulnerable devices contained within. Implementing these security measures is a best practice even on zones where devices can receive updates and have some form of endpoint protection.<\/p>\n<p dir=\"ltr\">With proper design and device consideration, zoning with the different inspection technologies enabled can also be a remediating factor for those devices in your network that cannot be patched, updated, and even those that are end-of-life. In short, zoning with inspection technology enabled helps to ensure IT and OT network systems&#8217; safe operations. In even the most secure environments, it is never safe to assume that data traffic transversing the network is free of a potential threat.<\/p>\n<p><em>Further reading:<\/em><\/p>\n<ul>\n<li><em><a href=\"https:\/\/www.esecurityplanet.com\/networks\/cisa-fbi-colonial-pipeline-ransomware\/\">U.S. Issues Ransomware Guidance, Cybersecurity Executive Order<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-zero-trust-security-can-protect-against-ransomware\/\"><span style=\"font-weight: 400;\">How Zero Trust Security Can Protect Against Ransomware<\/span><\/a><\/em><\/li>\n<\/ul>\n\n\n<div id=\"ta-campaign-widget-66d6d93992bc5-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6d93992bc5\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6d93992bc5\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6d93992bc5\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6d93992bc5\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6d93992bc5\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6d93992bc5\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Oil and gas companies have two key areas of concern when addressing cybersecurity, especially in their unmanned remote facilities. They have to supply physical security that denies access to the cyber-physical assets, and they sometimes must employ several cyber defenses depending on the device or system in question. So when you are looking at doing [&hellip;]<\/p>\n","protected":false},"author":254,"featured_media":18613,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[2477,2478,30581],"b2b_audience":[33],"b2b_industry":[53],"b2b_product":[377],"class_list":["post-18612","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networks","tag-palo-alto-networks","tag-ransomware","tag-zero-trust-security","b2b_audience-awareness-and-consideration","b2b_industry-energy","b2b_product-gateway-and-network-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Critical Infrastructure Protection: Physical &amp; Cyber Security Both Matter<\/title>\n<meta name=\"description\" content=\"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Infrastructure Protection: Physical &amp; Cyber Security Both Matter\" \/>\n<meta property=\"og:description\" content=\"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-13T15:57:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-18T18:51:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Lionel Jacobs\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lionel Jacobs\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\"},\"author\":{\"name\":\"Lionel Jacobs\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c28a242db9b73251bf2cca1b38e540b2\"},\"headline\":\"Critical Infrastructure Protection: Physical and Cyber Security Both Matter\",\"datePublished\":\"2021-05-13T15:57:26+00:00\",\"dateModified\":\"2021-06-18T18:51:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\"},\"wordCount\":717,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg\",\"keywords\":[\"Palo Alto Networks\",\"ransomware\",\"zero trust security\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\",\"name\":\"Critical Infrastructure Protection: Physical & Cyber Security Both Matter\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg\",\"datePublished\":\"2021-05-13T15:57:26+00:00\",\"dateModified\":\"2021-06-18T18:51:11+00:00\",\"description\":\"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg\",\"width\":1200,\"height\":800,\"caption\":\"colonial pipeline security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Critical Infrastructure Protection: Physical and Cyber Security Both Matter\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c28a242db9b73251bf2cca1b38e540b2\",\"name\":\"Lionel Jacobs\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Lionel-Jacobs-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Lionel-Jacobs-150x150.jpg\",\"caption\":\"Lionel Jacobs\"},\"description\":\"Lionel Jacobs is a Senior Security Architect in the Palo Alto Networks ICS and SCADA solutions team. Coming from the asset-owner side , Lionel has spent more than 20 years working in the IT\/OT environment, with a focus on ICS systems design, controls, and implementation. He was a pioneer in bridging the IT-OT security gap and implementing next-generation security into performance and safety critical process control areas. During his tenure, he successfully deployed a large scale ICS\/SCADA security architecture composed of over 100 next-generation firewalls, hundreds of advanced endpoint protection clients and SIEM, distributed over dozens of remote plants and a centralized core, all based on a \\\"Zero Trust\\\" philosophy. Lionel graduated from Houston Baptist University with a double degree in Physics and Mathematics and has held certifications as a MCSE, CCA, CCNP, CCIP, CCNA, CSSA, and GICSP.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/ljacobs\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical Infrastructure Protection: Physical & Cyber Security Both Matter","description":"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/","og_locale":"en_US","og_type":"article","og_title":"Critical Infrastructure Protection: Physical & Cyber Security Both Matter","og_description":"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.","og_url":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/","og_site_name":"eSecurity Planet","article_published_time":"2021-05-13T15:57:26+00:00","article_modified_time":"2021-06-18T18:51:11+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg","type":"image\/jpeg"}],"author":"Lionel Jacobs","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Lionel Jacobs","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/"},"author":{"name":"Lionel Jacobs","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c28a242db9b73251bf2cca1b38e540b2"},"headline":"Critical Infrastructure Protection: Physical and Cyber Security Both Matter","datePublished":"2021-05-13T15:57:26+00:00","dateModified":"2021-06-18T18:51:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/"},"wordCount":717,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg","keywords":["Palo Alto Networks","ransomware","zero trust security"],"articleSection":["Networks"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/","url":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/","name":"Critical Infrastructure Protection: Physical & Cyber Security Both Matter","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg","datePublished":"2021-05-13T15:57:26+00:00","dateModified":"2021-06-18T18:51:11+00:00","description":"Palo Alto Networks Security Architect Lionel Jacobs breaks down critical infrastructure security in the wake of the Colonial Pipeline attack.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/colonial-pipeline-security-e1620921332105.jpg","width":1200,"height":800,"caption":"colonial pipeline security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Critical Infrastructure Protection: Physical and Cyber Security Both Matter"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c28a242db9b73251bf2cca1b38e540b2","name":"Lionel Jacobs","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Lionel-Jacobs-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Lionel-Jacobs-150x150.jpg","caption":"Lionel Jacobs"},"description":"Lionel Jacobs is a Senior Security Architect in the Palo Alto Networks ICS and SCADA solutions team. Coming from the asset-owner side , Lionel has spent more than 20 years working in the IT\/OT environment, with a focus on ICS systems design, controls, and implementation. He was a pioneer in bridging the IT-OT security gap and implementing next-generation security into performance and safety critical process control areas. During his tenure, he successfully deployed a large scale ICS\/SCADA security architecture composed of over 100 next-generation firewalls, hundreds of advanced endpoint protection clients and SIEM, distributed over dozens of remote plants and a centralized core, all based on a \"Zero Trust\" philosophy. Lionel graduated from Houston Baptist University with a double degree in Physics and Mathematics and has held certifications as a MCSE, CCA, CCNP, CCIP, CCNA, CSSA, and GICSP.","url":"https:\/\/www.esecurityplanet.com\/author\/ljacobs\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18612"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/254"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=18612"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18612\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/18613"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=18612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=18612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=18612"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=18612"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=18612"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=18612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}