Free Recorded Webinar: How to Mitigate Cybersecurity Risks in Industrial Control Systems


The Industrial Internet of Things (IIoT), Industry 4.0, is enabling more sophisticated capabilities through network-connected products and systems. As a result, industrial control systems are becoming more connectable. According to many recent reports and the U.S. government, not only is there a rise in the number of cyber attacks occurring – the sophistication of them has also advanced. So, it is imperative that industrial control systems are evaluated for cybersecurity to help ensure reliability, decrease downtime, prevent damage to assets, mitigate risk and improve security.

To assist manufacturers who develop these products and purchasers who acquire these products; UL has developed UL 2900-2-2 Standard, within the UL Cybersecurity Assurance Program, that provides a minimum set of requirements that manufacturers of network-connectable industrial control systems can pursue to establish a baseline of protection against vulnerabilities and software weaknesses, along with a minimum set of security risk controls.

UL 2900-2-2 Standard is intended, but not limited, to apply to the following components:

  • Programmable Logic Controllers (PLC)
  • PLC and DCS programming software/operator interfaces (HMI)
  • Control Server
  • Remote Terminal Unit (RTU)
  • Human-Machine Interface (HMI)
  • Input/Output (IO) Server
  • Networking Equipment for ICS Systems
  • Distributed Control Systems (DCS)
  • Historian or Data Loggers
  • The SCADA Server
  • Intelligent Electronic Devices (IED)
  • Data Historian
  • Fieldbus
  • Access Equipment for ICS Systems


Upon completion of this webinar participants will learn:

  • The history and current landscape of cybersecurity risk for industrial control systems
  • Fundamentals of evaluating industrial control systems with security in mind:
    • Assessing and addressing known vulnerabilities and malware
    • Identifying software weaknesses that are common causes of known security vulnerabilities
    • Common security controls around:
      • Access control and authentication
      • Cryptography
      • Remote communications
      • Software updates
      • Decommissioning of products
  • How to develop a robust methodology for identifying risks in a manufacturers’ software supply chain
  • Options available for cybersecurity testing and/or certification

Target Audience

  • Industrial Control System Manufacturers
  • OEMs
  • Machine Tool Builders
  • System Integrators
  • Retrofitters
  • Asset Owners
  • Vendors
  • Government
  • Utilities

About the Instructor

Jared Vogel is Senior Cybersecurity Analyst & Engineer with UL’s Commercial & Industrial Business Unit (C&I) with global responsibilities for cybersecurity, interoperability and standards compliance. He participates in developing and maintaining programs within UL’s C&I business unit to ensure security and interoperability of connected devices in the Internet of Things (IoT). As part of the cybersecurity strategy for UL, Jared is responsible for strategically identifying new technology opportunities for developing standards that align with UL’s mission to address public safety and trustworthiness in life, energy and industrial, IT and health sciences equipment. Jared has a Master’s of Science degree from Illinois State University in IT networking security & information assurance.


Click here for terms and conditions...


Time Requirement


Web-Based 60 minutes

UL and the UL logo are trademarks of UL LLC © 2019.