Konstantin Rogalas CYBER SECURITY PROGRAM & SOLUTIONS
|
|
- Hubert Beasley
- 6 years ago
- Views:
Transcription
1 Konstantin Rogalas CYBER SECURITY PROGRAM & SOLUTIONS
2 Focus: Up to But Not Including Corporate and 3 rd Party Networks 1 Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance Connections Firewall IT Cyber Security Level 3.5 DMZ Domain Controller ESF PHD Server Experion Server EAS Terminal Server Patch Mgmt Server Anti Virus Server 3 RD Party App Subsystem Interface eserver PHD Shadow Server Level 3 Router ESC ESF ACE Experion Server EST ESVT Optional HSRP Router Safety Manager Terminal Server Domain Controller Industrial Cyber Security Level 2 Qualified Cisco Switches Level 1
3 Cyber Security follows the Business Risk 2 New cyber failure scenarios Decision engine (Business justification) IDENTIFY Risk estimation Risk to be controlled RESPONSE Technical controls and operational controls Immediate risk facing the plant MONITORING Key Risk Indicators, trends, threats TECHNICAL CONTROLS Design and implementation NON-TECHNICAL CONTROLS Operations, awareness and incident response ENVIRONMENTAL CONTROLS Physical security controls, HVAC, UPS,.. Execution engine (IT / OT implementation)
4 Agenda 3 Honeywell Industrial Cyber Security (H-ICS) Cyber Security Profile Cyber Security Solutions Security Operations Center Conclusions Open Discussion
5 About the Presenter 4 Konstantin Rogalas MSc, MBA Business Lead for Honeywell Industrial Cyber Security - Europe; in Discrete Automation & Process Control; in Telecommunications: Broadband-M2M/IoT; Konstantin.Rogalas@Honeywell.com 2013 Oil&Gas, Energy, Pharmaceuticals & Chemicals industry Certification study for ENISA in Industrial Cyber Security; ICS Council with policy makers, asset owners and service providers; Member of the European ICS Stakeholders Group.
6 Leading Cyber Security Specialist for ICS Certified Cyber Security Professionals Global team Cyber Security Standard driven IEC (ISA 99), ANSSI, BSI, CPNI Embedded or Stand-alone 400+ Security assessments for Industrial Control Systems Cyber Security Services Numerous Partners Cyber lab 500+ Remediation Projects Multi Vendor Cyber Security Products 350+ Managed Security Networks
7 Honeywell ICS 6 Edmonton Bracknell Aberdeen Amsterdam Global setup to serve global organizations as well as local asset owners Vancouver Montreal Offenbach Bucharest Houston Atlanta Dubai Kuala Lumpur Santiago Perth SSC + HICS HICS Office Private LSS SSC HICS Resource(s) Industries served: Oil & gas Gas distribution Power Refineries Chemical Water treatment Pulp & paper Maritime
8 7 Honeywell s Industrial Cyber Security Lab Flexible model of a complete process control network up to the corporate network Honeywell Cyber Security solutions development and test bed Demonstration lab for customers Cyber security related academic programs Hands-on training Simulate cyber attacks Demonstrate Honeywell cyber security solutions
9 8 Typical systems H-ICS have secured Distributed Control Systems - E.g. Chemical, Petrochemical, Refining, Offshore platforms Leak Detection Systems, Machine Monitoring Systems, Metering Systems, Compressor Control Systems Supervisory Control and Data Acquisition (SCADA) systems - E.g. Gas Distribution, Power utilities, Pipelines, oil fields Distributed Energy Systems - E.g. Wind turbines, hydropower Maritime systems - E.g. Harbor systems, shipping
10 Driven by standards and regulations 9 IEC (Formerly ISA 99) Industrial Automation Control Systems (IACS) Security Global standard for wide range of industry Honeywell ICS is active contributor to the development of the standard through ISA NERC CIP North American Power ANSSI, BSI, CPNI, MSB, INCIBE, etc. European guidelines, best practices and country-specific measures JRC & ENISA recommendations European Union NIST US technology standards (SP ) And others: ISO, API, OLF E.g. ISO 27000, API 1164, OLF 104 Local regulations
11 Honeywell ICS specialists background 10 Unique combination of long time experience in process control, networks and cyber security Gain knowledge, demonstrate knowledge and maintain knowledge - CISSP - CCNA - MCSE - VCP - CISM - CCNP - MCSA - CEH - CCIE - CRISC - CCSP Specialists with many backgrounds - Honeywell - Penetration testing Languages - Yokogawa - IT departments - Emerson - Telecom providers - Schneider - ABB
12 Agenda 11 Honeywell Industrial Cyber Security (H-ICS) Cyber Security Profile Cyber Security Solutions Security Operations Center Conclusions Open Discussion
13 12 Honeywell ICS CYBER SECURITY PROFILE
14 Security Profiling 13 Cyber security requires: - Standardization consistency in design, implementation, management and maintenance - Completeness effective remediation of all applicable vulnerabilities based on pertinent threats - Awareness monitor the system s security posture and respond to changes in security posture and threat environment - Coherence the collection of cyber security controls should all work together to protect the system - Readiness keep all system components and security controls up to date - Manageability measure and correct security performance deviations Security profile describes: - What security controls (technical and non-technical) need to be in place to meet the threat - How to organize this all in a way to be and stay effective in meeting the threat
15 Typical security level 14 IEC Skills Motivation Means Resources SL4 Nation-state ICS Specific High Sophisticated (Campaign) Extended (multidisciplinary teams) SL3 Hacktivist, Terrorist ICS specific Moderate Sophisticated (Attack) Moderate (groups of hackers) SL2 Cyber crime, Hacker Generic Low Simple Low (Isolated individuals) SL1 Careless employee, contractor No attack skills Mistakes Nonintentional Employee, contractor
16 C2M2 Maturity Indicator Levels 15
17 Cyber Security Profile 16 SL4 SL3 SL2 SL SL1 SL2 SL3 SL Refining process facilities 1401 Fertilizers 1102 O&G LNG terminals 1403 Petrochemicals 1103 O&G processing 1404 Plastics and fibers 1104 O&G production - on-shore 1405 Specialty chemicals 1105 O&G production - off-shore 1406 Biofuels 1108 O&G Marine - LNG IAS 1501 Alumina 1110 Gas To Liquid 1502 Aluminium 1112 Production - Coal bed M 1503 Base materials 1114 Pipeline - Liquid 1504 Cement 1115 Pipeline - Gas 1505 Coal & coal gasification 1201 Pulp 1506 Iron 1203 Paper 1509 Precious metals 1204 CWS 1510 Steel making 1303 Utility power 1508 Other SL1 SL2 SL3 SL4 MIL0 MIL1 MIL2 MIL3 Cyber Security strength is determined by the security design effectiveness (Security Level) and security operations effectiveness (Maturity Level) IEC standard provides the Security Level, Cobit or C2M2 toolkit provides the Maturity Level The Security Profile defines for each facility how to protect and how to organize Honeywell ICS has a complete portfolio and services to address each aspect of the profile (technical, non-technical); typically with SL2/SL3+ assessments Defines the Security Profile
18 Security profile and objectives 17 Create overview Tighten control Measure performance Monitor and manage risk Create control Standardize Document Maintain
19 Security profile and countermeasures 18 Create Control Access filters (Identification, FW, ACL, traffic policies (H)IPS) Antivirus (Blacklisting) Use control (Authorization, media use) Standardize Create reference architecture, baseline Best practices, standards Document Policies and procedures Guidelines Roles and responsibilities Maintain Make back-ups Maintain Antivirus, security patches (Service Node, EPO, WSUS) Maintain vaccine, TI Tighten Control Access filters (Multi-factor authentication, NGFW (application filters, User ID filters), data diode) Check program code integrity (AWL) Correlate events (SIEM) Create overview Consolidate logs / events (SIEM) Consolidate threat intelligence (TIE) Measure performance Measure security readiness (Risk Manager, Service Node, EPO, WSUS) Maintain dashboard Monitor and manage risk Monitor changes in risk (Risk manager)
20 Sustainable security requires a Program 19 SP 16 Increase maturity level SP 15 SP 12 SP 11 Increase maturity level 4 SP 10 SP 7 SP Increase security level SP 5 SP 2 SP 1 1 Increase security level Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 If you run too fast or jump too high you might trip
21 Where would your Security Profile be? 20
22 Benefits of security profiling 21 Enter a defined path - When to invest into technical controls - When to invest into organizational improvements Assess your multi-year investment - Cyber security is not a one time action, it is an additional management task - Plan Capex and Opex for enhancing your security protection Offers sustainable security - Develop your organization while developing your technical capabilities - Prevent disappointments by jumping higher than today s abilities Benchmark your plants - Easy comparison between different plants - Easy comparison within the industry Planning is the first step
23 Agenda 22 Honeywell Industrial Cyber Security (H-ICS) Cyber Security Profile Cyber Security Solutions Security Operations Center Conclusions Open Discussion
24 23 Honeywell ICS H-ICS CYBER SECURITY SOLUTIONS
25 Our Solution Portfolio Backup and Recovery Incident Response Disaster Recovery Cyber Security Assessments Thread Risk Assessments Network & Wireless Assessments Audits and Design Reviews Secure Design and Optimization Zone & Conduit Separation 24 Risk Manager (in SOC) Continuous Monitoring Compliance & Reporting Industrial Security Information & Event Management (SIEM) Security Awareness Training Firewall, Next Gen FW Intrusion Prevention (IPS) Network Access Control Industrial Anti-Virus & Patching End Node Hardening Industrial Application Whitelisting Portable Media/Device/USB Security
26 The First Step to Security Is Understanding the Current Environment 25 Response & Recovery Situational Awareness Assessments & Audits TECHNOLOGY Architecture & Design Network Security Customer problems solved/needs addressed: Identifying and prioritizing the biggest risks Meeting industry/government regulations and guidelines Finding which systems and devices are the most exposed, and the most vulnerable Prioritizing cyber security efforts for the maximum return Endpoint Protection Honeywell Offerings: Risk Assessment Cyber Assessment (coincidental & intentional attacks using simple means) Risk/Thread Assessment (targeted attacks using sophisticated means) Validation Testing ICS White box / Tandem Audits, Compliance Assessments & Reports Wireless / Wired Network Assessment
27 CYBER SECURITY RISK 26 Tactics, Technologies, Practices (TTP) Exposure, Accessibility, Technology SECURITY RISK Software, Firmware, Protocol, Operation
28 Sources of vulnerability 27 An ICS has many sources of vulnerability: Infrastructure - Network - Computer platform - Computer operating system - Topology Application - Application components (e.g. database, middleware) - Authorization levels - Protocols used Embedded components - Field equipment (Transmitters, actuators) - Controllers, PLCs, safety controllers People - Plant personnel - Contractors Processes
29 Thoroughness Thoroughness The level of effort 28 RISK SL3 SL4 The strength of the attacker determines the tactics, technologies and practices (TTP) used. SIMPLE GENERIC EXPLOIT SL1 COMPLEX ICS SPECIFIC EXPLOIT SL2 SL2 VULNERABLE, BUT EITHER UNKNOWN, NOT EXPOSED, OR INSUFFICIENT CAPABILITIES TO EXPLOIT SL3 Completeness SL4 Strong attackers have a very clear plan and objective The risk increases depending on the strength of the attacker The need for thoroughness and completeness increases when the strength of the attacker increases The need for very specific skills increases when the strength of the attacker increases SL1 Completeness
30 Security levels and security capabilities 29 SL1 58 capabilities SL2 87 capabilities SL3 118 capabilities SL4 128 capabilities Out of the box installations, plus antivirus, back-up Requires additions such as domain, deep packet inspection, device control Requires additions such as multi-factor authentication, IPS, SIEM, security monitoring, white listing Requires additions such as multi-factor authentication for all systems, biometrics, dual control
31 30 Security levels and security capabilities SL3 118 capabilities Required capabilities vary based upon applied technology, exposure, accessibility, and attacker Risk analysis determines which likely tactics, technologies, and procedures (TTP) are used based upon attack scenarios and selects which actual capabilities are needed List of capabilities grows overtime because of new TTP of attackers, new technologies used Cyber Security is not a one time project, it is a lifetime service. Both changing environment, insufficient maintenance, and changes require periodic (re-)evaluation The Threat Landscape Continuously Changes
32 CYBER ASSESSMENT THREAD/RISK ASSESSMENT Thoroughness Different assessments SL2 and SL3+ 31 SL4 SCENARIO (TTP) DRIVEN APPROACH SL3 SL2 CHECKLIST DRIVEN APPROACH SL1 Completeness
33 Once You ve Found the Gaps, Fill them 32 Response & Recovery Assessments & Audits TECHNOLOGY Architecture & Design Customer problems solved/needs addressed: How to use network design to promote strong security Implementing Zones & Conduits (per IEC 62443) to minimize the impact of an incident Situational Awareness Network Security Endpoint Protection Honeywell Offerings: Network Design & Optimization Services Wireless Design & Optimization Services Cyber Security Design Services Zones & Conduits Documentation of current architecture and security
34 Most Threats Come from the Network 33 Response & Recovery Assessments & Audits Architecture & Design Customer problems solved/needs addressed: How to make it harder for the bad guys to get in What to do if/when they do get in TECHNOLOGY Situational Awareness Endpoint Protection Network Security Honeywell Offerings: Network Design Services Firewall/NGFW Installation & Configuration IPS Installation & Configuration Data Diode Network Access Control Perimeter Security Management
35 Soft Systems Are Easy Targets 34 Response & Recovery Situational Awareness Assessments & Audits TECHNOLOGY Architecture & Design Network Security Customer problems solved/needs addressed: Identify which PCs and Servers are vulnerable to threats Determining if the proper access controls are in place (missing critical patches, AV is out-of-date, etc.) Endpoint Protection Honeywell Offerings: Endpoint Hardening Anti-Virus Installation & Configuration Application Whitelisting, Installation & Configuration
36 35 Endpoint Hardening USB Port Disable Whitelisting Reduce inadvertent cyber intrusions via memory stick Enhanced DSA Security Secure Communications Restrict access to all apps unless authorized via approved list Authentication with flexible account using least privilege Encrypted and authenticated communications
37 Awareness Is Critical 36 Response & Recovery Situational Awareness Assessments & Audits TECHNOLOGY Endpoint Protection Architecture & Design Network Security Customer problems solved/needs addressed: Staying diligent with limited security staff & resources Understanding what s happening, what s at risk, and why Identifying the early-warning signs to prevent incidents Knowing what to do if/when an incident does occur Honeywell Offerings: Risk Manager (further discussed in SOC section) Security Information and Event Management (SIEM) Continuous Monitoring Compliance & Reporting Security Awareness Training
38 We Have a Problem 37 Response & Recovery Assessments & Audits Architecture & Design Customer problems solved/needs addressed: What do you do when an incident occurs? How do you recover? How do you regain safety and reliability? TECHNOLOGY Situational Awareness Network Security Endpoint Protection Honeywell Offerings: Backup & Restore Services (Security) Incident Response Services 24 x 7
39 Disaster recovery solutions 38 Business success depends on consolidating cost and equipment, reducing management time, and ensuring process control applications are always available when disaster strikes Backup control centers (BCCs) are used in the event the main control center (MCC) becomes inoperable, and operations must be switched to a backup location
40 Honeywell Security Service Center (HSSC) 39 Amsterdam Houston Amsterdam Bucharest Houston
41 Managed Industrial Cyber Security Services 40 Patch and Anti-Virus Automation Security and Performance Monitoring Activity and Trend Reporting Advanced Monitoring and Co- Management Secure Access Tested and qualified patches for operating systems & DCS software Tested and qualified antimalware signature file updates Comprehensive system health & cybersecurity monitoring 24x7 alerting against predefined thresholds Monthly or quarterly compliance & performance reports Identifying critical issues and chronic problem areas Honeywell Industrial Cyber Security Risk Manager Firewalls, Intrusion Prevention Systems, etc. Highly secure remote access solution Encrypted, two factor authentication Complete auditing: reporting & video playback Monitoring, Reporting and Honeywell Expert Support
42 EMEA Managed Security Service Center 41 Estonia Norway Finland SSC and support team Sweden Egypt Kuwait Saudi Arabia Abu Dhabi Oman North Sea Poland United Kingdom Cameroun Belgium Germany Slovakia France SSC Support team Zambia Zwitserland Austria Romania Namibia Italy South Africa Portugal Spain Sites 203 Protection Management 147 Tunisi Monitoring 112 SSC EMEA support Locations: Amsterdam The Netherlands Bucharest - Romania
43 Agenda 42 Honeywell Industrial Cyber Security (H-ICS) Cyber Security Profile Cyber Security Solutions Security Operations Center Conclusions Open Discussion
44 43 Honeywell ICS SECURITY OPERATIONS CENTER Managed Security Services & Risk Manager
45 Security Operations Center 44 Security challenges - Onslaught of security data from disparate systems, security controls, and applications - Numerous point solutions (AV, AWL, firewall, IPS, NAC, HIPS, etc) - Threats growing - Regulatory compliance coming - Shortage of specialist cyber security skills - Dynamic world The answer is Security Operations Center (SOC) - Provides consolidation of information - Provides continuous protection - Provides continuous detection - Provides response capabilities - Optimizes use of specialist cyber security skills Honeywell ICS connects both worlds
46 Typical ICS SOC 45 Security management, compliance management, network management (analysis, correlation, policy management, (remote) access management) Policy Threat Intelligence Risk indicators Performance indicators Logs Events Data acquisition layer Production management, operations management Vendor A ICS Vendor B ICS Honeywell understands cyber security in ICS
47 46 Honeywell ICS CYBER SECURITY RISK MANAGER
48 Honeywell Risk Manager 47 Translate complex cyber security indicators into simple measurements for ongoing situational awareness Quick, intuitive workflow from risk notification to detailed threat and vulnerability analysis Designed by people who know industrial control and cyber security No need to be a cyber security expert. Easy to use interface Vendor-neutral. Low impact technology Accurate measurement of risk
49 Honeywell Risk Manager 48 Risk Manager evaluates indicators of risk using patented algorithms to generate accurate risk scores in line with industrial risk management standards
50 Honeywell Risk Manager 49 Risk Appetite The amount and type of risk an organization is willing to accept in pursuit of its business objectives Risk Tolerance The specific maximum risk that an organization is willing to take regarding each relevant risk Trends reflect risk appetite and risk tolerance for that particular site
51 Agenda 50 Honeywell Industrial Cyber Security (H-ICS) Cyber Security Profile Cyber Security Solutions Security Operations Center Conclusions Open Discussion
52 Cyber Security Profile 51 SL SL SL SL MIL0 MIL1 MIL2 MIL3 Manageability requires a S.M.A.R.T. and holistic approach
53 Security solutions 52 SL SOC SL SL SL MIL0 MIL1 MIL2 MIL3 Manageability requires a S.M.A.R.T. and holistic approach
54 Technical controls 53 3 rd generation Firewall Next Generation Firewall Security Management Console Microsoft Workgroup Microsoft Active Directory Microsoft RADIUS Intrusion Prevention System Intel Security SIEM Cisco Access Point Cisco WLC Network Admittance Control Microsoft Windows Secure Access Portal RSA multifactor authentication Cisco Catalyst IOS Threat Intelligence Exchange (TIE) Antivirus black listing Endpoint protection white listing Endpoint protection device control Endpoint protection host IPS Honeywell Risk Manager Honeywell Experion Backup Recovery Honeywell Service Node AV update Honeywell Service Node Vaccine update Honeywell Service Node TI update Honeywell EPKS Secure Communications Honeywell EPKS Modbus firewall RO Modbus firewall RW OPC firewall DNP3 firewall Data Diode Bi-directional Data Diode Bluecoat USB protection Available capabilities for SL3+ security requirements
55 Industry-Leading Industrial Cyber Security 54 Industrial Cyber Security Experts Global team of certified Industrial Cyber Security experts 100% dedicated to Industrial Cyber Security Experts in process control cyber security Leaders in security standards ISA99 / IEC62443 / NIST Proven Experience 10+ years industrial cyber security 1,000+ successful industrial cyber projects 300+ managed industrial cyber security sites Proprietary cyber security methodologies and tools Investment and Innovation Largest R&D investment in industrial cyber security Partnerships with leading cyber security vendors Industry first Risk Manager First to obtain ISASecure security for ICS product State of art Industrial Cyber Security Solutions Lab Refining & Minerals, Petrochemical Oil & Gas Chemicals Power Generation Metals & Mining Pulp & Paper 54 Proven Industrial Cyber Security Solution Provider
56 This is what we do: 55 Open Discussion
57 56
Ciprian Covas INDUSTRIAL CYBER SECURITY PROGRAM & SOLUTIONS FOREN 2016, Costinesti
Ciprian Covas INDUSTRIAL CYBER SECURITY PROGRAM & SOLUTIONS 13.06.2016 FOREN 2016, Costinesti Agenda 1 Cyber Security - Today Cyber Security Security Profile Cyber Security - Solutions Honeywell Risk Manager
More informationMark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services
Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience
More informationINDUSTRIAL CYBER SECURITY
Rudrajit Roy 20 October 2016 INDUSTRIAL CYBER SECURITY A Comprehensive Approach Agenda 1 Global Industrial Cyber Security Journey Industry Best Practices Honeywell Industrial Cyber Security Who we are,
More informationHONEYWELL INDUSTRIAL CYBER SECURITY
Ammar Alzaher 2017 HONEYWELL INDUSTRIAL CYBER SECURITY www.becybersecure.com Agenda Introductions Why Honeywell Solutions Overview Managed Services Cyber Security Lab Risk Manager Secure Media Exchange
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationABB Ability Cyber Security Services Protection against cyber threats takes ability
ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.
More informationSafdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls
Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September 2017 CYBER SECURITY PROGRAM: Policies to Controls Can You Answer These Questions? 1 What s my company s exposure to the latest industrial
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationMark Littlejohn June Improving ICS Cyber Security Consistency Using Managed Security Services
Mark Littlejohn June 2018 Improving ICS Cyber Security Consistency Using Managed Security Services 1 Common Cyber Concerns: Typical Attack Vectors* Brought in by employees, contractors, security guards,
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationCyber Security Solutions Mitigating risk and enhancing plant reliability
P OW E R G E N E R AT I O N Cyber Security Solutions Mitigating risk and enhancing plant reliability 2 CYBER SECURITY SOLUTIONS MITIGATING RISK AND ENHANCING PLANT RELIABILITY Providing a roadmap to achieve
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationCYBERVANTAGE TM SECURITY CONSULTING SERVICES
Industrial Cyber Security CYBERVANTAGE TM SECURITY CONSULTING SERVICES Where Innovation Meets Implementation to Drive Industrial Cyber Security Excellence Innovation and Implementation: Industrial Cyber
More informationABB Process Automation, September 2014
ABB Process Automation, September 2014 ABB Process Automation Services Services that add life to your products, systems and processes September 26, 2014 Slide 1 1 ABB Process Automation Services A proven
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationIndustrial Security Getting Started
Industrial Security Getting Started Unrestricted Siemens A/S siemens.com/industrial-security Agenda 09:00 - Getting started. The Framework 10:00 - Coffee break 10:15 - Patch Management, Asset and Network
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationBest Practices in ICS Security for System Operators
Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted
More informationProtection Levels, Holistic Approach. ISA-99 WG 3 TG 3 Protection Levels
Protection Levels, Holistic Approach Security is about technology, processes and people Policies and procedures Functional security measures Competency A holistic security protection concept has to include
More informationSANS SCADA and Process Control Europe Rome 2011
SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationCyber Criminal Methods & Prevention Techniques. By
Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationSOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
More informationIndustrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017
Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017 Unrestricted Siemens 2017 usa.siemens.com/mia Table of contents Industrial
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationRIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich
RIPE RIPE-17 Table of Contents The Langner Group Washington Hamburg Munich RIPE Operations Technology Management Plan (MP-17) 0.1 Purpose... 4 0.2 Process Overview... 4 0.3 Implementation Scope... 5 0.4
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cyber security, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationIndustrial Cyber Security. INDUSTRIAL CYBER SECURITY Safely embrace the digital age with advanced solutions and services to reduce cyber risk.
Industrial Cyber Security INDUSTRIAL CYBER SECURITY Safely embrace the digital age with advanced solutions and services to reduce cyber risk. THE RISKS TO INDUSTRIAL OPERATIONS HAVE CHANGED HAVE YOU? DIFFERENT
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationSecurity Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response
Security Operations Flexible and Scalable Solutions to Improve Your Security Capabilities Security threats continue to rise each year and are increasing in sophistication and malicious intent. Unfortunately,
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationLindström Tomas Cyber security from ABB System 800xA PA-SE-XA
Lindström Tomas 2013-09-02 Cyber security from ABB System 800xA PA-SE-XA-015963 Cyber Security solutions from ABB Agenda Cyber Security in ABB: general view, activities, organization How we work with Cyber
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationSimplify Your Network Security with All-In-One Unified Threat Management
Singtel Business Product Factsheet Brochure Managed Defense Unified Services Management Simplify Your Network Security with All-In-One Unified Management Singtel Managed Unified Management (UTM) Services,
More informationCybersecurity Training
Standards Certification Education & Training Publishing Conferences & Exhibits Cybersecurity Training Safeguarding industrial automation and control systems www.isa.org/cybetrn Expert-led training with
More informationGEN-14 Cyber Security Solutions for Less Regulated Industries
Slide 1 GEN-14 Cyber Security Solutions for Less Regulated Industries Douglas Clifton Tim Johnson Michael Martinez http://invensyscybersecurity.blogspot.com/ http://twitter.com/cybercompliant #SoftwareRevolution
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationSecuring Plant Operation The Important Steps
Stevens Point, WI Securing Plant Operation The Important Steps September 24, 2012 Slide 1 Purpose of this Presentation During this presentation, we will introduce the subject of securing your control system
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationEXABEAM HELPS PROTECT INFORMATION SYSTEMS
WHITE PAPER EXABEAM HELPS PROTECT INFORMATION SYSTEMS Meeting the Latest NIST SP 800-53 Revision 4 Guidelines SECURITY GUIDELINE COMPLIANCE There has been a rapid increase in malicious insider threats,
More informationISE North America Leadership Summit and Awards
ISE North America Leadership Summit and Awards November 6-7, 2013 Presentation Title: Presenter: Presenter Title: Company Name: Embracing Cyber Security for Top-to-Bottom Results Larry Wilson Chief Information
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationICS Security Monitoring
ICS Security Monitoring INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL OIL, GAS & CHEMICALS Moses Schwartz Security Engineer Computer Incident Response Team Bechtel Corporation State
More informationCYBERVANTAGE MANAGED SECURITY SERVICES
Industrial Cyber Security CYBERVANTAGE MANAGED SECURITY SERVICES 24/7 Expertise to Reduce Operational Downtime and Lower Cyber Risk Honeywell provided the cyber security knowledge base required to protect
More informationMaturity assessment on Cybersecurity for critical infrastructures
Maturity assessment on Cybersecurity for critical infrastructures 28TH SEPTEMBER 2015, AMSTERDAM DR THIEYACINE FALL www.thalesgroup.com Cyber-Security Today (Maturity assessment) Anticipate threats Perform
More informationIngram Micro Cyber Security Portfolio
Ingram Micro Cyber Security Portfolio Ingram Micro Inc. 1 Ingram Micro Cyber Security Portfolio Services Trainings Vendors Technical Assessment General Training Consultancy Service Certification Training
More informationdeep (i) the most advanced solution for managed security services
deep (i) the most advanced solution for managed security services TM deep (i) suite provides unparalleled threat intelligence and incident response through cutting edge Managed Security Services Cybersecurity
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationFrom Managed Security Services to the next evolution of CyberSoc Services
From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry
More informationCyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory
CyberArk Solutions for Secured Remote Interactive Access Addressing NERC Remote Access Guidance Industry Advisory Table of Contents The Challenges of Securing Remote Access 3 Using CyberArk s Privileged
More informationCyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016
Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations Arkansas Joint Committee on Energy March 16, 2016 CenterPoint Energy, Inc. (NYSE: CNP) Regulated Electric and Natural Gas Utility
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationVal-EdTM. Valiant Technologies Education & Training Services. Workshop for CISM aspirants. All Trademarks and Copyrights recognized.
Val-EdTM Valiant Technologies Education & Training Services Workshop for CISM aspirants All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies. We are a specialty consulting
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More informationA Risk Management Platform
A Risk Management Platform Michael Lai CISSP, CISA, MBA, MSc, BEng(hons) Territory Manager & Senior Security Sales Engineer Shift to Risk-Based Security OLD MODEL: Prevention-Based Security Prevention
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationSOLUTION BRIEF Virtual CISO
SOLUTION BRIEF Virtual CISO programs that prepare you for tomorrow s threats today Organizations often find themselves in a vise between ever-evolving cyber threats and regulatory requirements that tighten
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationACHIEVING FIFTH GENERATION CYBER SECURITY
ACHIEVING FIFTH GENERATION CYBER SECURITY A Survey Research Report of IT and Security Professionals MARCH 2018 INTRODUCTION The pursuit of the highest level of cyber security is a top priority for IT and
More informationNIST Revision 2: Guide to Industrial Control Systems (ICS) Security
NIST 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security How CyberArk can help meet the unique security requirements of Industrial Control Systems Table of Contents Executive Summary
More informationGerhard Brndt, ABB AG, BU Power Generation Cyber Security and Compliance in Increasingly Distributed and Aging Power Generation Infrastructures
Gerhard Brndt, ABB AG, BU Power Generation Cyber Security and Compliance in Increasingly Distributed and Aging Power Generation Infrastructures ABB Group June 20, 2012 Slide 1 Situation of today The potential
More information