Cyber Risk in the offshore energy space
|
|
- Neil Reeves
- 5 years ago
- Views:
Transcription
1 Cyber Risk in the offshore energy space Class Society Approach 1 Lillehammer Energy Claims Conference SAFER, SMARTER, GREENER
2 Agenda DNV GL s approach to cyber risks Cyber Security Recommended Practices from DNV GL Cyber Security Type Approval for components The Cyber Security Class Rules 2
3 Maritime & Offshore trends Growing complexity creates new challenges Software & Automation Crew size Interconnectivity 3
4 Cyber risk issues are present and migrating to the operational technology world Information technology (IT) Operational technology (OT) 2,600 2,400 2,200 2,000 1,800 1,600 1,400 1,200 1, % Attacks on industrial control systems Source: AV-TEST Institute, Germany & IBM Managed Security Services ~2010 Stuxnet ~2017 Triton 4
5 NotPETYA: Maersk NotPetya was not targeted specifically for Maersk Arrived via an update to an accounting system in Ukraine (ME Doc) Spread like a worm from an infected machine Shows a ransom note demanding USD 300 Maersk's global network is infected and all of the company systems are down Maersk is forced to halt operations at 76 port terminals The complete infrastructure servers and PCs needed to be reinstalled (10 days) 5
6 DNV GL Activities in Cyber Risk DNV GL assessment for Norwegian Authorities* / Lysneutvalget, April 2015 *Ministry of Justice and Public Security Top 10: 1. Lack of awareness and training amongst employees 2. Remote work - operations / maintenance 3. Standard products with known vulnerabilities in production environment 4. Limited security culture amongst vendors, suppliers and contractors 5. In-sufficient separation of data networks 6. Mobile devices and storage units (inclusive smart phones) 7. Data networks between onshore and offshore facilities 8. In-sufficient physical security of data rooms, cabinets etc. 9. Vulnerable software 10. Outdated and ageing control systems in facilities 6 Maritime Cyber Security Seminar
7 DNVGL-RP-0496 Cyber Security resilience management for ships and mobile offshore units in operation 7
8 DNVGL-RP-G108 Cyber security in the oil and gas industry based on IEC Developed as a Joint Industry project (JIP) Participants: ABB, DNV GL, Emerson, Honeywell, Kongsberg Maritime, Lundin, PTIL, Shell, Siemens, Statoil and Woodside Started April 2016 Released the RP at Offshore Europe September
9 DNVGL-RP-G108 Cyber security in the oil and gas industry based on IEC Out of scope In scope Identification of SuC High-level risk assessment Detailed engineering Maintenance IEC (2-1 and 2-2) Scope of work and requirements Strategy and methodology Roles and responsibilities IEC Partitioning of zones and conduits Detailed risk assessment Cyber security requirement specification IEC (2-4 and 3-3) FAT Commisioning Handover to operation IEC (2-4 and 3-3) Monitoring Managing Change Incident response and recovery CONCEPT FEED PROJECT OPERATION 9
10 Type approval of control system components 10
11 Rules for classification Cyber Security Cyber secure(basic) Minimum security level Primarily intended for sailing vessels where security will be implemented in procedures and existing systems Cyber secure(advanced) Higher security level Primarily intended for new builds, where security will be integrated into the design of the vessel Cyber secure(+) Security level based on risk assessment Target system(s) can be freely selected to address different needs. Can combined with Basic and Advanced 11
12 Typical scope for a crude oil tanker Satellite communication Bridge / WH Cargo Control Vessel IT / office Engine Control 12
13 Example of security implementation by use of zones and conduits IPSec Tunnel Crew member By applying the rules; - Systems are securely segregated - Communication between the systems are managed and secured - Remote access to the vessel are managed and secured 13
14 Promoting Cyber Security awareness is easy through e-learning Module 1: How you can help protect yourself and your organisation (10min) Module 2: Common threats & traps (15min) Module 3: Best practices (15min) Module 4 : Advanced defence in depth course (20min) Available through our on board solution distributor 14
15 Penetration testing of OT systems OT penetration testing: - Deep system and domain knowledge necessary Vulnerability spot-checking of most critical IT/OT systems using white/grey box testing 15 - Tailored configurations and bespoke protocols - Often fragile and safety critical systems
16 A global quality assurance and risk management company 16
CYBER SECURITY AWARENESS IN THE MARITIME INDUSTRY
CYBER SECURITY AWARENESS IN THE MARITIME INDUSTRY A joint production by DNV GL and GARD 1 SAFER, SMARTER, GREENER STRUCTURE STATUS ON CYBER SECURITY IN MARITIME SHIPPING Risk scenarios (threats) Best practices
More informationCyber Risk A new challenge for Classification Societies
Cyber Risk A new challenge for Classification Societies Pier Carazzai 20 November 2017 Hong Kong Safety Moment 2 Cyber Risk Cyber Risks in the era of SMART vessels What are the main factors driving the
More informationCyber and information security applicable for the maritime sector
MARITIME Cyber and information security applicable for the maritime sector Svante Einarsson 1 SAFER, SMARTER, GREENER Introduction 2 The tip of the iceberg 2015: 64,199 reported IT Security incidents just
More informationK-SIM DYNAMIC POSITIONING - CERTIFICATION NEWS & UPDATES
MARITIME K-SIM DYNAMIC POSITIONING - CERTIFICATION NEWS & UPDATES DNV GL's DP Training Certification Scheme Capt, Aksel David Nordholm 27 September 2017 1 SAFER, SMARTER, GREENER Agenda 1. DNV GL purpose
More informationMaritime cyber security: Threats & Opportunities. Andy Davis, Research Director Yevgen Dyryavyy, Security Consultant
Maritime cyber security: Threats & Opportunities Andy Davis, Research Director Yevgen Dyryavyy, Security Consultant Agenda Cyber threats to the marine industry Attack surface overview (harbour / ships
More informationCyber Security in the Maritime Sector Threats, Trends and Reality
Cyber Security in the Maritime Sector Threats, Trends and Reality FUD *Fear, Uncertainty, Doubt 1st ever Maritime Cyber Security Incident was documented thoroughly in 1997 A computer hacker breaks into
More informationCYBER RISK AND SHIPS :PRACTICAL ISSUES FOLLOWING BIMCO GUIDELINE
CYBER RISK AND SHIPS :PRACTICAL ISSUES FOLLOWING BIMCO GUIDELINE Yohan Le Gonidec, head of Shipowner support department, TECNITAS (subsidiary BUREAU VERITAS) 1 AGENDA 2 Introduction 1- Cyber incidents
More informationMaritime cyber security
Maritime cyber security How the Greek market is driving the industry 1 SAFER, SMARTER, GREENER Your presenters Patrick Rossi Principal Cyber Security Service Manager, Maritime Certified Ethical Hacker
More informationCyber Security What we think and what we know?
Cyber Security What we think and what we know? Asbjørn Ueland Principal Engineer Petroleum Safety Authority The stories from the press The incident at Statoil Mongstad 2017 audit at all operators and ship
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationISM code examples of cyber security audit findings Simple steps to get started
London International Shipping Week ISM code examples of cyber security audit findings Simple steps to get started September 15 2017 DNV GL MARITIME ADVISORY PATRICK ROSSI CYBER SECURITY SERVICE MANAGER
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationSiemens view and approach on critical infrastructure resilience against cyberthreats Joint OECD-JRC Workshop, Paris September 2018
Siemens view and approach on critical infrastructure resilience against cyberthreats Joint OECD-JRC Workshop, Paris 24-25 September 2018 Unrestricted https://www.siemens.com/press/charter-of-trust Cybersecurity
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationCyber risk management into the ISM Code
Building trust. Shaping Safety No. Subject: Cyber risk management into the ISM Code To: insb auditors/managing companies IMO Resolution incorporates maritime cyber risk management into the ISM Code making
More informationCybersecurity Vulnerabilities and Process Frameworks for Oil and Gas
Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Presentation to WVONGA Jack L. Shaffer, Jr. Business Transformation Director vcio/ vciso 2017 Cybersecurity in the news Ransomware Wanacry,
More informationCybersecurity Risk and Options Considered by IMO
Cybersecurity Risk and Options Considered by IMO John Jorgensen October 18, 2017 INTERTANKO North American Panel, Houston, TX 2017 American Bureau of Shipping. All rights reserved Agenda for Today s Discussion
More informationAbout SpeedCast. John Thomson. Date. Communications IT Solutions Consulting. Copyright 2017 by Speedcast. All Rights Reserved.
About SpeedCast John Thomson Date SpeedCast Overview 2 SpeedCast is the world s most trusted provider of highly reliable, fully managed, end-to-end remote communication and IT solutions Industry leader:
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationFuture Proofing your IT Infrastructure
Future Proofing your IT Infrastructure The Maritime CIO Forum Drs. Ing. René Pluis MBA MBI Senior Manager Global Energy Vertical Cisco Industry Marketing 3 June 2015, Thon Hotel Arena, Lillestrom, Norway
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationPROTECTING NATIONAL CRITICAL INFRASTRUCTURE AGAINST CYBER ATTACKS BEST PRACTICES RELATED TO TECHNOLOGY AND STANDARDS FROM EUROPE BANGKOK
PROTECTING NATIONAL CRITICAL INFRASTRUCTURE AGAINST CYBER ATTACKS BEST PRACTICES RELATED TO TECHNOLOGY AND STANDARDS FROM EUROPE BANGKOK 23.11.2015 DEFINITION OF CRITICAL INFRASTRUCTURE US EU The nation's
More informationCybersecurity for Department of Defense Microgrids: An Army Perspective
Cybersecurity for Department of Defense Microgrids: An Army Perspective Lori Ross O Neil with Cliff Glantz, David McKinnon, Fleur DePeralta, Mark Watson, Paul Boyd, Emily Barrett and Darlene Thorsen Pacific
More informationJust How Vulnerable is Your Safety System?
Theme 3: Cyber Security Just How Vulnerable is Your Safety System? Colin Easton MSc, CEng, FInstMC, MIET, ISA Senior Member TUV Rhienland FS Senior Expert PHRA & SIS 6 th July 2017 1 Safety System Security
More informationCyber Risk in the Marine Transportation System
Cyber Risk in the Marine Transportation System Cubic Global Defense MAR'01 1 Cubic.com/Global-Defense/National-Security 1 Cubic Global Defense Global Security Team Capabilities Program Management Integration
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Organisation for the Prohibition of Chemical Weapons September 13, 2011 Overall Landscape
More informationSMART Ship Program. Najmeh Masoudi Cyber safety and security manager. Palazzo S. Giorgio - Genova, 28/06/ Copyright Bureau Veritas
SMART Ship Program Palazzo S. Giorgio - Genova, 28/06/2017 Najmeh Masoudi Cyber safety and security manager Biography Najmeh Masoudi Cyber safety and security project manager Bureau Veritas Marine & Offshore
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationStandards enabling digitalisation in the maritime industry
Standards enabling digitalisation in the maritime industry E-Nav.no Sep 7 th Steinar Låg, DNV GL GTR Maritime Transport 1 SAFER, SMARTER, GREENER Outline 1. Standards - what, why? 2. Making use of sensor
More informationSecuring strategic advantage
Securing strategic advantage Protecting industrial control systems Cyber Supplier to UK Government Plan Design Enable In delivering our vision to be the best infrastructure company in the world, we pride
More informationABS CyberSafety. 27 July John Jorgensen Director, Cyber and Software American Bureau of Shipping
2016 American Bureau of Shipping. All rights reserved. ABS CyberSafety 27 July 2016 John Jorgensen Director, Cyber and Software American Bureau of Shipping JohnJorgensen@eagle.org SOCP Webinar Purpose
More informationACM Retreat - Today s Topics:
ACM Retreat - Today s Topics: Phase II Cyber Risk Management Services - What s next? Policy Development External Vulnerability Assessment Phishing Assessment Security Awareness Notification Third Party
More informationMaritime Cyber Security. Cyber Security and Shipping. October 19 th 2017 DNV GL MARITIME ADVISORY PATRICK ROSSI CYBER SECURITY SERVICE MANAGER
Maritime Cyber Security Cyber Security and Shipping October 19 th 2017 DNV GL MARITIME ADVISORY PATRICK ROSSI CYBER SECURITY SERVICE MANAGER 1 DNV GL 2016 2015 19 October 2017 Pirates 1.0 4.0 2 Being the
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationGUIDELINES ON MARITIME CYBER RISK MANAGEMENT
E 4 ALBERT EMBANKMENT LONDON SE1 7SR Telephone: +44 (0)20 7735 7611 Fax: +44 (0)20 7587 3210 GUIDELINES ON MARITIME CYBER RISK MANAGEMENT MSC-FAL.1/Circ.3 5 July 2017 1 The Facilitation Committee, at its
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationDefining cybersecurity.
PREPARING FOR TOMORROW S THREATS 28 September 2016 Andrew Facchini Presales & Product Manager +47 459 07 330 andrew@mnemonic.no Defining cybersecurity. WHO IS MNEMONIC? Founded in 2000 110+ security specialists
More informationProcedure for Network and Network-related devices
Lloyd s Register Type Approval System Type Approval Requirements for components within Cyber Enabled Systems on board Ships Procedure for Network and Network-related devices September 2017 1 Reference:
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationMaritime cyber risk management
Javier Yasnikouski Head Maritime Security Sub-Division for Maritime Security and Facilitation The International Maritime Organization IMO mission: Safe, secure and efficient shipping on clean oceans 2
More informationEstablishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security
Establishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security Michael John SmartSec 2016, Amsterdam www.encs.eu European Network for Cyber Security The European
More informationMark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services
Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience
More informationRemote access in a secure manner? Sikkerhetssystemkonferansen 2006 Oslo
Remote access in a secure manner? Sikkerhetssystemkonferansen 2006 Oslo 2-11-2006 Tor Olav Grøtan, NTNU / SINTEF Teknologi og samfunn 1 PDS forum: The SeSa project context Financed by Norwegian Research
More informationAPEX in Security. AFI SECFAL Plan Steering Committee Montreal, 1 st December 2016
APEX in Security AFI SECFAL Plan Steering Committee Montreal, 1 st December 2016 Two different programmes with the common objective of improving security Airport Excellence (APEX) A peer review process
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationISA99 - Industrial Automation and Controls Systems Security
ISA99 - Industrial Automation and Controls Systems Security Committee Summary and Activity Update Standards Certification Education & Training Publishing Conferences & Exhibits September 2016 Copyright
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationMachine-Based Penetration Testing
Always in Control CyBot Suite Machine-Based Penetration Testing www.cronus-cyber.com - April 2016 CyBot PRODUCT SUITE Unique, patented Machine-based Penetration Testing Software with Global Attack Path
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationFighting back against Maritime Cyber crime
Fighting back against Maritime Cyber crime A Global industry supported Maritime cyber incident reporting system Dr. Chris Henny Date 23-27 April 2018. Annual Conference San Sebastian, Spain Agenda 1. Reasons
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationShared Responsibility: Roles and Responsibilities in Emergency Management Geoff Hay
Shared Responsibility: Roles and Responsibilities in Emergency Management Geoff Hay Assistant Director General Office of State Security and Emergency Coordination Department of the Premier and Cabinet
More informationDefence services. Independent systems and technology advice that delivers real value. Systems and Engineering Technology
Defence services Independent systems and technology advice that delivers real value Systems and Engineering Technology Frazer-Nash Consultancy Working in the UK and internationally, Frazer-Nash is making
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationData Center. Utilities and data centers: a win-win for energy efficiency. 1 August DNV GL August 2017 SAFER, SMARTER, GREENER
Data Center Utilities and data centers: a win-win for energy efficiency 1 August 2017 1 SAFER, SMARTER, GREENER John Greco John is a D.O.E. Certified Data Center Energy Practitioner, Certified Energy Manager,
More informationTitle of Presentation
Improve the productivity, efficiency and safety of your remote operations Title of Presentation Presenter MM/DD/YYYY COMPANY OVERVIEW Overview RigNet (NASDAQ: RNET) provides technology solutions around
More informationBusiness Continuity: How to Keep City Departments in Business after a Disaster
Business Continuity: How to Keep City Departments in Business after a Disaster Shannon Spence, PE Red Oak Consulting, an ARCADIS group Agenda Security, Resilience and All Hazards The Hazards Cycle and
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationCybersecurity. Sarabjit Purewal Principal Specialist Inspector BSc ACGI PGDip CEng MIET. Humber Chemical Focus Group 21 July 2016
Health and and Safety Executive Cybersecurity Sarabjit Purewal Principal Specialist Inspector BSc ACGI PGDip CEng MIET Humber Chemical Focus Group 21 July 2016 Crown July 2016 What we will cover Why cybersecurity
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Risk in the Marine Transportation System MAR'01 1 Objectives IDENTIFY motivations behind a cyber attack. IDENTIFY various types of
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationDevelopment of a new security architecture for signalling at DB Netz AG Intelligent Rail Summit 2017
Development of a new security architecture for signalling at DB Netz AG Intelligent Rail Summit 2017 DB Netz AG Christian Schlehuber I.NPS 5 Vienna 2017-11-29 Agenda 1. 2. 3. Introduction New Features
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationCyber Security in Smart Commercial Buildings 2017 to 2021
Smart Buildings Cyber Security in Smart Commercial Buildings 2017 to 2021 Published: Q2 2017 Cyber Security in Smart Buildings Synopsis 2017 This report will help all stakeholders and investors in the
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationST. VINCENT AND THE GRENADINES
ST. VINCENT AND THE GRENADINES MARITIME ADMINISTRATION CIRCULAR N ISM 014 MARITIME CYBER RISK MANAGEMENT MSC.1/CIRC.1526, MSC-FAL.1/CIRC.3, RESOLUTION MSC.428 (98) TO: APPLICABLE TO: SHIPOWNERS, SHIPS
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationUsing ANSI/ISA-99 Standards to Improve Control System Security
Tofino Security White Paper Version 1.1 Published May 2012 Using ANSI/ISA-99 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. Why the Push for Productivity has degraded
More informationTWELVEDOT SECURITY DESIGN.BUILD.SECURE
TWELVEDOT SECURITY DESIGN.BUILD.SECURE 1 AGENDA About Us The Threat Landscape IoT Standards Using an ISMS Approach Testing and Evaluation Privacy Considerations 2 ABOUT US - YOW based company - Global
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationT-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE
www.thalesgroup.com/uk SECURE COMMUNICATIONS AND INFORMATION SYSTEMS T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE An enterprise-level bespoke security service for the detection and response to cyber
More informationNuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia
Nuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia Guido Gluschke November 30, 2016 Technische Hochschule Brandenburg University of Applied Sciences 1 Introduction Guido Gluschke
More informationNetwork Storms and Other Communication System Failure Modes
Author s Name Name of the Paper Session DYNAMIC POSITIONING CONFERENCE October 11-12, 2016 Cybersecurity SESSION Network Storms and Other By Ahmed Hamody Independent Abstract DP class rules require that
More informationMaarten Oosterink for PPA 2010 Delft, Vendor Requirements. Process Control Domain - Security Requirements for Vendors
Maarten Oosterink for PPA 2010 Delft, 11-03-2010 Vendor Requirements Process Control Domain - Security Requirements for Vendors Contents Purpose, Scope and Audience Development process Contents of WIB
More informationCyber Diligence. EY Deals Forum Ian McCaw EY Transaction Advisory Services
Cyber Diligence EY Deals Forum 2018 Ian McCaw EY Transaction Advisory Services Finance & Commercial Diligence 2 B COMPANY: Power Life INDUSTRY: ENERGY REVENUE: 192m EBITDA: 875k (35% growth in 5 years)
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationCYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES
GUIDE FOR CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES ABS CyberSafety TM VOLUME 2 SEPTEMBER 2016 NOTICE NO. 2 June 2018 The following Changes were approved by the ABS Rules Committee
More informationCyber Resilience - Protecting your Business 1
Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience
More informationHow a global industry player addresses the Cybersecurity challenges of Air Transport
How a global industry player addresses the Cybersecurity challenges of Air Transport ICAO Cyber Summit and Exhibition Making Sense of Cyber Dubai, United Arab Emirates 4 6 April 2017 thomas.hutin@thalesgroup.com
More informationWELCOME ISO/IEC 27001:2017 Information Briefing
WELCOME ISO/IEC 27001:2017 Information Briefing Denis Ryan C.I.S.S.P NSAI Lead Auditor Running Order 1. Market survey 2. Why ISO 27001 3. Requirements of ISO 27001 4. Annex A 5. Registration process 6.
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationCyber Risk for Maritime
Cyber Risk for Maritime Enabling a step-change in risk management for the maritime industry kpmg.no kongsberg.com/kdi 0 Cyber Risk for Maritime The international shipping industry is responsible for the
More informationABB Process Automation, September 2014
ABB Process Automation, September 2014 ABB Process Automation Services Services that add life to your products, systems and processes September 26, 2014 Slide 1 1 ABB Process Automation Services A proven
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Security and Port Facility MAR'01 1 Security Plans (PFSP) Lesson Topics Purpose of the PFSP Developing the PFSP Role of Facility Personnel
More informationICS Security Rapid Digital Risk Assessment
ICS Security Rapid Digital Risk Assessment Identifying, Measuring, Understanding Dieter Sarrazyn dieter.sarrazyn@toreon.com @dietersar SANS EUROPEAN ICS SECURITY SUMMIT Stephen Smith Stephen@ONRIX.eu Agenda
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationCyber Hygiene and Awareness on a Practical Level
Cyber Hygiene and Awareness on a Practical Level Presented by: Capt. Rohit Tandon from FML The Story of Data Breach We all know about the Cyber Risks Yet, we wait till an incident like this shakes us up,
More informationCyber Security of ETCS
1 Addressing the challenges Cyber Security of ETCS Simon Tonks 2 Background The UK rail network is currently being upgraded to use new signalling technology (ERTMS) The ROSCOs are delivering the First
More informationCOMPUTER SECURITY DESIGN METHODOLOGY FOR NUCLEAR FACILITY & PHYSICAL PROTECTION SYSTEMS
NUCLEAR REGULATORY AUTHORITY, GHANA COMPUTER SECURITY DESIGN METHODOLOGY FOR NUCLEAR FACILITY & PHYSICAL PROTECTION SYSTEMS Nelson K. Agbemava ICT and Computer Security Section Head Instrumentation & ICT
More informationSolving Safety and Security Concerns at Meetings and Events
Solving Safety and Security Concerns at Meetings and Events Chris Gernentz Safety and Security, Carlson Rezidor Hotel Group 22 years in Safety and Security Hospitality, manufacturing, petro chem, medical.
More information