Frank Ignazzitto Ultra Electronics, 3eTI
|
|
- Diane Mitchell
- 6 years ago
- Views:
Transcription
1 Demystifying Government-Validated Solutions: A Standards Based Approach to Protecting Process Control Networks Standards Certification Education & Training Publishing Conferences & Exhibits Frank Ignazzitto Ultra Electronics, 3eTI 2015 ISA Water / Wastewater and Automatic Controls Symposium August 4-6, 2015 Orlando, Florida, USA
2 Presenter 30+ years experience Power systems integration and deployment with US Army Corps of Engineers, Homeland Security, FAA, Department of Energy Drove new technology adoption with US Special Operations Command and the Intelligence Community Diverse technology experience includes humanmachine interface devices, electro-optical nanotechnology and advanced fuel cell systems Frank Ignazzitto Vice President Sales & Marketing, Ultra Electronics, 3eTI 14 years experience in the Oil & Gas sector US Army Air Defense BS Engineering, United States Military Academy, West Point 2
3 Session Agenda What are we talking about? ICS security challenges Standards: the defender s approach Vulnerabilities: the attacker s approach Who to trust? Case Study: Naval District Washington (NDW) Owning your risk 3
4 The Real Security Challenge Connecting everything has given us great value, but also a lot of new risks Risk is individual and unique, so mitigations and solutions are too Technology and attackers often outpace the assumptions made in the risk assessment Stop adopting a protect against the last attack approach this just wastes resources If we accept that this is ICS not IT, don t just look at IT-centric solutions If the attack is new or paradigm shifting (e.g. Stuxnet, Target) it takes the industry a long time to even begin to address it But, you are not alone and risk management is possible. People have been doing it a long time! Cyber security is really risk management 4
5 REAL-LIFE DANGERS Staged cyber attack reveals vulnerability in power grid Russia's Sayano- Shushenskaya Hydroelectric disaster 5
6 Cyber Security Standards Enabling a business risk-driven security regime 6
7 ISO Information security management code of practice Organizing ISO category for IT operational security process standards Comprehensive catalogue of security practices for IT system managers ISO 27001: Standard for establishing and maintaining information security management systems ISO Domains Conclusion Business management function focused Process, not result, driven Weak on implementation 7
8 IEC / ISA99 Industrial & enterprise network integration Security for industrial automation and control systems (IACS) Prevention of penetration, interference and inappropriate access IEC Elements Terminology, concepts and models Master glossary of terms and abbreviations System security compliance metrics IACS security lifecycle and use-case Requirements for an IACS system Implementation guidance for an IACS system Patch management Installation and maintenance requirements Security technologies Zone and Conduit security levels System security requirements and security levels Product development requirements Technical security requirements for components Conclusion Risk-based rather than process-driven Industrial-focused rather than IT-focused Dependent on right choice of zone/conduit architecture 8
9 Typical IEC TypicalZone zone andconduit conduit Deployment deployment Industrial Process ZONES: Group of assets based on functionality, location, ZONES: responsible organization Should define and the the results maximum of the highlevel risk size of assessment. acceptable The impacts. grouping of these assets shall reflect common security requirements for each zone. Process Control Network PLC PLC PLC Infrastructure Automation Facility Monitoring Support Network Engineering Terminal Wireless HMI External Networks Mirrored Data Servers Application Server Data/Historian Server Report/Alarm Server SCADA Server Enterprise Networks Authentication Server Remote Access Level 1-Level 2 Conduit Level 2-Level 3 Conduit Level 3-Level 4 Conduit 9
10 DIACAP DoD information assurance certification process What it is Certifies and accredits information systems through an enterprise process Process parallels the system lifecycle achieve DoD IA through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution of network centric warfare DoD Risk Management Framework Conclusion Very thorough, backed up with STIGs IT focused Heavily dependent on quality of assessors and assessments 10
11 Military Independent Validations FIPS Ensure design & Common & development Criteriaare done right Cryptographic Module Validation Program Performs a suite of conformance tests against a defined cryptographic module o Physical security o Ports & interfaces o Key management (entropy, key generation, establishment, storage, zeroization) o Self test o Roles & services o Electromagnetic interference/compatibility (EMI/EMC) o Design Assurance Levels basic security implementation 2 includes tamper-evidence & CC approved OS 3 includes tamper detection/response, split-key operations, higher assurance OS 4 includes tamper reactivity, highest assurance Common Criteria Evaluation & Validation Ensures product satisfy a common set of security functional requirements & security assurance requirements against a defined Protection Profile Functional requirements: o Security audit (generation & storage) o Cryptographic support (key generation, establishment, destruction, operation) o Identification & authentication o Security management & protection o Access & trusted paths Assurance requirements: o Development o Lifecycle o Tests o Vulnerability Assessment 11
12 Independent Validation Assures security robustness Component Validation Test components using standards such as FIPS and Common Criteria. Use national technical authorities (e.g. NSA) to conduct deep dive component vulnerability assessments System Validation Take system through thorough risk and vulnerability assessment to ensure mitigations and configurations are implemented correctly Solution Validation Thoroughly penetration-test a reference system by expert SCADA/ICS security red teams (e.g. DHS/INL) Installed Validation Undertake on-site live red-team exercise to test cyber and physical security in operation 12
13 Vulnerabilities & Threats What are the attackers thinking? 13
14 Who Launches Cyber Attacks You don t need to be a hacker to hack A World Full of Hackers Nation states Criminals Activists Employees Children! A Mix of Motivations Money Political protest Environmental activism Industrial espionage Retaliation Job security Fun The Unforgiving Impact An attacker doesn t even have to know what they are doing to cause a huge impact 14
15 Bringing the Internet to You The latest cyber weapons 15
16 Everyone is a Potential Target 16
17 Approach & Mitigations What is the answer? 17
18 Holistic Cyber Security Attacks & mitigations Data manipulation Voice eavesdropping Physical manipulation Backdoor Intelligence gathering Hardware Trojans Man in the middle Network eavesdropping Spoofing 1. Insider attacks 2. Data exfiltration 3. Traffic rerouting 4. Worm 5. Trojan 6. Virus 7. Root-kits 8. Web hacking 9. Drive-by download 10. Key logger 11. Denial of service 12. Phishing 13. Hackers 14. Spear phishing Coordinated attack Advanced persistent treat Remote access tools Unpatched infrastructure Brute force cracking Proxied attack Vulnerability probing Credential impersonation Foreign agents 1. Federal Government 2. DoD/Military 3. Corporate/Financial 4. Telecomms 5. Healthcare 6. Utilities 7. Distribution 8. Building Automation 9. Industrial Facilities 10. Energy Management 18
19 Multi-dimensional Approach Right tool for the right job Firewalls Keeps unauthorized traffic out Intentional holes for authorized traffic Encryption Maintains confidentiality & integrity of data Works just as well on malware as legitimate traffic Key management as important as algorithms Anti-Virus Prevents known malware from running Doesn t handle new malware Doesn t run on embedded systems VLANs Segregates traffic on networks Not originally designed as a security control Port Authentication Limits network resource access Can be hijacked Robust & Resilient End-point, network, & perimeter defense End-to-end security Multi-vendor approach Mitigate vulnerabilities not previous attacks 19
20 Holistic Risk-Management Knowledge is security Incomplete risk assessment will result in unaddressed risks and unacceptable impacts The Risk Management Lifecycle Policy Risk management is not risk elimination Understand your risk appetite Selectively harden critical elements to reduce total risk Operate & Monitor Plan & Design Mitigate vulnerabilities not attack vectors Appropriate solutions for realistic threats Don t rely on COTS Security by Design Use only independent validations Leverage known approaches DIACAP NIST/FISMA ISO ISA99 CIP-005 Review & Approve Develop & Deploy 20
21 Today s Cyber Threat Landscape Traditional security is not enough Office Network Historian Workstation Support Network Engineering Terminal Wider Enterprise Network PC Anti-Virus SCADA Server HMI Process Control Network Remote Site 1 Remote Site 2 No USBs Firewalls Remote Site N Maintenance Laptop Where are the security gaps? Security focused on PCs Devices on the control network are not PCs Minimal physical security of the control network No cyber security within the control network No awareness if malware is already present and manipulating operations 21
22 Tomorrow s Cyber Threat Landscape Endpoint protection for embedded devices & systems Office Network Historian Workstation Support Network Engineering Terminal Wider Enterprise Network PC Anti-Virus SCADA Server HMI Process Control Network Remote Site 1 Remote Site 2 No USBs Firewalls Remote Site N Maintenance Laptop SIEM Server Future cyber defenses Individually identify each device Protect critical devices from network attacks Control who talk to critical devices Control what is being said Alert on anomalies or malicious behavior Build independent security into devices 22
23 US Navy, Naval District Washington Creating a secure Enterprise Industrial Control System (EICS) Objectives Compliance with DoD and Federal mandates Efficiency savings through automation Optimization of plant operations and processes Safe & reliable operations Share information between stakeholders Connect equipment over an IP network Utilize open & common protocols Concerns Unauthorized external access to networks and systems Loss of command & control or data integrity Loss or degradation of system availability Malware infection manipulating operations Cyber-attack causing physical impact Reputation loss due to publicized vulnerabilities or attacks Intentional misuse of systems or control causing physical impacts Cyber security attacks impacting normal operations 23
24 Today s Military Challenges Meeting mandates in the face of constrained budgets Shore Infrastructure Energy Management Reduce Shore Infrastructure Costs Facility and Critical Infrastructure Protection Reduce Energy Expenditures Network Connectivity to the last mile Situational Awareness During EMIO Secure Video Conferencing Communications The need for hardened solutions for bases & platforms AMI EICS SMART GRID VPMS Real-time, advanced monitoring and collection of building-by-building energy usage Real-time monitoring and control of enterprise industrial systems Integrated, adaptive, intelligent energy management on a building, base and region level Virtual perimeter monitoring with remote video and sensors Seamlessly integrate with existing networks Connect legacy environments to improve efficiency Cut costs and streamline operations Secure connectivity to a central monitoring facility for project analysis and management SECURE WLAN Secure wireless access to base networks and networks on the move WRBS VTC Wireless Reach Back system for video, data, and voice connectivity with boarding teams Secure video conference switch systems for automated secure/non-secure communications Comply with strict cyber Information Assurance (IA) and military certification and accreditation mandates Be robust, reliable and cost-effective Meet stringent environment requirements, as well as military standards for shock, vibration and electromagnetic interference 24
25 US Navy, Naval District Washington EICS architecture Installation Operations Center Management Consoles Surveillance, SCADA/DDC, Advanced Metering Wide Network Area Video Server EnergyGuard Meter Server Firewall & Encryption EtherGuard Remote Cameras Perimeter/ CIP Video Surveillance SCADA DDC Industrial Control Systems Facility/Base Operations Remote Meters Data Acquisition, Region ICS, and Region Video Servers Advanced Metering Management Consoles EtherGuard Enterprise Systems Easier decision making from realtime monitoring of sensors Improved facility operations and control of vital utilities and infrastructure Full remote monitoring and control of HVAC, lighting, building access, water, waste water, steam, and power systems Regional Operations center Enabled analysis of regional energy usage data for demand response 25
26 US Navy, Naval District Washington EICS solution benefits Requirement Functionality Improve Operations Use real-time dashboard for easy decision making Controls vital utilities and infrastructure Cost Effective Integrates systems into a local, regional, and national system DoD Secure Provides a secure enclave for ICS management while ensuring no access to legacy systems Guards against terrorism Protects against vandalism and unlawful entry Central Monitoring Remote monitoring and control of HVAC, water, waste water, steam, and power systems Real-time sensor support system Critical Infrastructure Protection VPMS System Data Analysis Consolidated regional performance data and dashboard control Real-time demand response Accredited Solution Approval to Operate (ATO) certification U.S. Navy Unified Capabilities Approved Products List for the DoD 26
27 Summary The cyber risks are real, but probably not what you imagine It s getting easier & cheaper all the time Computers don t look like computers anymore Don t inadvertently drive attackers to your unprotected side Perimeter protection is not enough The Internet will be brought to you, whether you like it or not! You can t cheat off the person next to you Risk is something you must own & understand Security done right Security is not about eliminating the threat, but frustrating the attacker Be aware of YOUR threats, vulnerabilities, & impacts Push security to the edge (device level) This is a business problem, not an IT or ICS problem Security is end-to-end Don t just specify security requirements demand validated security Security is NOT standard compliance There is no one size fits all or single bullet solution Trust must be earned, but even then also verify 27
28 Questions Frank Ignazzitto Ultra Electronics, 3eTI Direct: Mobile: Standards Certification Education & Training Publishing Conferences & Exhibits 2015 ISA Water / Wastewater and Automatic Controls Symposium August 4-6, 2015 Orlando, Florida, USA
Vulnerabilities in Process Control Networks: What Are We Protecting Against?
Vulnerabilities in Process Control Networks: What Are We Protecting Against? Mark Benedict Ultra Electronics, 3eTI Standards Certification Education & Training Publishing Conferences & Exhibits 2014 ISA
More informationNAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6)
NAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6) 1 Creating Cyber Secure Enterprise Control Systems Networks Agenda US Navy, NDW Industrial Controls overview The new cyber threat
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationCyberFence Protection for DNP3
CyberFence Protection for DNP3 August 2015 Ultra Electronics, 3eTI 2015 DNP3 Issues and Vulnerabilities DNP3 is one of the most widely used communications protocols within the utility space for the purpose
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationGuide to cyber security/cip specifications and requirements for suppliers. September 2016
Guide to cyber security/cip specifications and requirements for suppliers September 2016 Introduction and context The AltaLink cyber security/cip specification and requirements for suppliers (the standard)
More informationICS Security. Trends, Issues, and New Standards. Speaker: David Mattes CTO, Asguard Networks
ICS Security Trends, Issues, and New Standards Standards Certification Education & Training Publishing Conferences & Exhibits Speaker: David Mattes CTO, Asguard Networks 2013 ISA Water / Wastewater and
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationCyber Criminal Methods & Prevention Techniques. By
Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationJust How Vulnerable is Your Safety System?
Theme 3: Cyber Security Just How Vulnerable is Your Safety System? Colin Easton MSc, CEng, FInstMC, MIET, ISA Senior Member TUV Rhienland FS Senior Expert PHRA & SIS 6 th July 2017 1 Safety System Security
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationWho Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom
WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication
More informationABB Ability Cyber Security Services Protection against cyber threats takes ability
ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationPROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY OUR MISSION Make the digital world a sustainable and trustworthy environment
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationMcAfee Embedded Control
McAfee Embedded Control System integrity, change control, and policy compliance in one solution for integrated control systems McAfee Embedded Control for integrated control systems (ICSs) maintains the
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More informationMIS Week 9 Host Hardening
MIS 5214 Week 9 Host Hardening Agenda NIST Risk Management Framework A quick review Implementing controls Host hardening Security configuration checklist (w/disa STIG Viewer) NIST 800-53Ar4 How Controls
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationCritical Infrastructure Protection for the Energy Industries. Building Identity Into the Network
Critical Infrastructure Protection for the Energy Industries Building Identity Into the Network Executive Summary Organizations in the oil, gas, and power industries are under increasing pressure to implement
More informationHow can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits
How can I use ISA/IEC- 62443 (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits What is ISA 62443? A series of ISA standards that addresses
More informationIndustrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017
Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017 Unrestricted Siemens 2017 usa.siemens.com/mia Table of contents Industrial
More informationBeyond the F.U.D. How to start securing your DCS network today.
Beyond the F.U.D. (Fear, Uncertainty, and Doubt) Process Systems How to start securing your DCS network today. Securing Your Process Control Network You work in the Process Control industry, so I m sure
More informationConverged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products
Converged security Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products Increased risk and wasted resources Gartner estimates more than $1B in
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationCisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion
Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion What You Will Learn The wireless spectrum is a new frontier for many IT organizations. Like any other networking medium,
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationCybersmart Buildings: Securing Your Investments in Connectivity and Automation
Cybersmart Buildings: Securing Your Investments in Connectivity and Automation Jason Rosselot, CISSP, Director Product Cyber Security, Johnson Controls AIA Quality Assurance The Building Commissioning
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationInformation Security for Mail Processing/Mail Handling Equipment
Information Security for Mail Processing/Mail Handling Equipment Handbook AS-805-G March 2004 Transmittal Letter Explanation Increasing security across all forms of technology is an integral part of the
More informationSecure Development Lifecycle
Secure Development Lifecycle Strengthening Cisco Products The Cisco Secure Development Lifecycle (SDL) is a repeatable and measurable process designed to increase Cisco product resiliency and trustworthiness.
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationFederal Mobility: A Year in Review
Federal Mobility: A Year in Review Link: https://www.dhs.gov/csd-mobile Link: https://www.dhs.gov/publication/csd-mobile-device-security-study Vincent Sritapan Cyber Security Division Science and Technology
More informationNo compromises for secure SCADA Communications even over 3rd Party Networks
No compromises for secure SCADA Communications even over 3rd Party Networks The Gamble of Using ISP Private Networks How to Stack the Odds in Your Favor Standards Certification Education & Training Publishing
More informationSecurity Issues and Best Practices for Water Facilities
Security Issues and Best Practices for Water Facilities Standards Certification Jeff Hayes Business Development Manager Beijer Electronics Education & Training Publishing Conferences & Exhibits 2013 ISA
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationDisk Encryption Buyers Guide
Briefing Paper Disk Encryption Buyers Guide Why not all solutions are the same and how to choose the one that s right for you.com CommercialSector Introduction We have written this guide to help you understand
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationOA Cyber Security Plan FY 2018 (Abridged)
OA Cyber Security Plan FY 2018 (Abridged) 1 Table of Contents Vision... 3 Goals, Strategies, and Tactics... 5 Goal #1: Create a Culture that Fosters the Adoption of Cyber Security Best Practices... 5 1.1
More informationCyber Security What Do I Need to Do Now?
Cyber Security What Do I Need to Do Now? PA AWWA 2016 Annual Conference Thursday, May 12, 2016 2:45 3:15 PM Presented by Dick McDonnell Authored by Jeff M. Miller, PE, ENV SP WARNING! Schneider Electric
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More informationHow Advanced Persistent Threats Successfully Breach Large Organizations AND, What To Do About It
How Advanced Persistent Threats Successfully Breach Large Organizations AND, What To Do About It Robert West Chief Information Security Officer Department of Homeland Security Top 10 misconceptions about
More informationProtecting Control Systems from Cyber Attack: A Primer on How to Safeguard Your Utility May 15, 2012
Protecting Control Systems from Cyber Attack: A Primer on How to Safeguard Your Utility May 15, 2012 Paul Kalv Electric Director, Chief Smart Grid Systems Architect, City of Leesburg Doug Westlund CEO,
More informationWireless Ethernet: Technologies and Security for the Water Industries
Wireless Ethernet: Technologies and Security for the Water Industries John Lavoie, Mike Nager Phoenix Contact, Inc. 5 th ISA Water/Wastewater Automatic Controls Division Symposium (WWAC) 3-5, Orlando,
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationRansomware A case study of the impact, recovery and remediation events
Ransomware A case study of the impact, recovery and remediation events Palindrome Technologies 100 Village Court Suite 102 Hazlet, NJ 07730 www.palindrometech.com Peter Thermos President & CTO Tel: (732)
More informationZero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection
Zero Trust on the Endpoint Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection March 2015 Executive Summary The Forrester Zero Trust Model (Zero Trust) of information
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationDoDD DoDI
DoDD 8500.1 DoDI 8500.2 Tutorial Lecture for students pursuing NSTISSI 4011 INFOSEC Professional 1 Scope of DoDD 8500.1 Information Classes: Unclassified Sensitive information Classified All ISs to include:
More informationAdvanced Security Tester Course Outline
Advanced Security Tester Course Outline General Description This course provides test engineers with advanced skills in security test analysis, design, and execution. In a hands-on, interactive fashion,
More informationCYBER SECURITY AND MITIGATING RISKS
CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More information