By: Ayman AL-Issa, Chief Technologist & Senior Advisor Industrial Cyber Security (MENA), Booz Allen Hamilton
|
|
- Madison Evans
- 6 years ago
- Views:
Transcription
1 By: Ayman AL-Issa, Chief Technologist & Senior Advisor Industrial Cyber Security (MENA), Booz Allen Hamilton
2 A Glance about the Digital Oil Field The Evolving nature of Industrial Cyber Threats The Industrial Cyber Dilemmas Resolving the Human Conflict ISA99/IEC62443, the SILs and SALs The MAC and The MCSC Protecting critical infrastructures from the emerging cyber threats Industrial Cyber Security by Design Group Discussion and Scenarios (to be covered if attendees are interested to spend more time)
3 3 Digital Intelligent Smart Fields of the Future What does it all mean? It is all about How we Operate Oilfields in the future. Establishing a Collaborative work Environment, and Moving to Real-Time or near Real-Time way of working Connecting remote sites Having teams to work together
4 It is all about: Increasing Productivity More Oil Recovery Lower Operational Costs Reduced Risks to Health More Safe and more protection to the Environment
5 How to turn a brown oilfield into a Digital Oil Field? How to implement an Industrial Defense in Depth Cyber Security Model in a Brown Oil Field? How to Integrate Industrial Cyber Security Solution in both the green and brown oil fields? How to safely integrate industrial networks with business networks?
6 While there is Increase in successful Cyber Attacks. Are Smart Oil Fields equipped with Smart Cyber Security Controls?! Is the Smart Oil Field an Option or a Must? Important Questions that need Smart answers.
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 Most of the Companies or even Governmental Entities avoid to disclose Cyber Security Incidents. "In order to disrupt the Soviet gas supply, its hard currency earnings from the West, and the internal Russian economy, the pipeline software that was to run the pumps, turbines, and valves was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds," Reed wrote. "The result was the most monumental non-nuclear explosion and fire ever seen from space."
22 Cyber Security Threat Converted Beyond the Nature of: Virus Spread Computer or Data Damage Data Stealing To the Capability of: Increasing pressure in a pipeline Changing field device parameter settings Closing/Opening a motorized Valve Causing a Denial Service Attack within ICS Increasing/Decreasing Motor Speeds Viewing Fake HMI Readings
23 25 Loss of View Loss of Control Loss of Operation Loss of Production Loss of Lives Damage to Critical Infrastructure Damage to Environment
24 We are not a likely target. We are not interesting to attract Hackers. Our production system is proprietary one Our production systems are completely isolated. We don t think it will happen We built these systems for Seven 9s continuity We can t justify the expense and the manpower.
25 27 When you walk on mines, your first mistake is the last mistake You are or you are NOT in control of your control systems?
26
27
28 30 OLD DCS Systems Proprietary Systems. Installed in isolation from ordinary IT systems. Minimum Cyber Security Risk due to being Proprietary Systems installed in Isolated Area Different DCS systems in different locations were operated separately. New DCS Systems IT nature systems Based on Open Standards (Windows-based). Integrated with IT Systems at business networks to facilitate the extraction of real-time information to support: Better decision making and, Advanced reporting requirements Increase in Cyber Security Risk being based on Open Systems, and connected to business networks. More and More Integration: New-generation DCS systems are more integrated with each other through RTOC at main offices
29 32 The Legacy Control Systems The new IT nature-based Control Systems The ones isolated from business systems The ones connected to business systems
30 Automation Systems Manufactures & Cyber Security Players should work together Customers shall use their influence to promote Cyber Security IT, Control, Engineering, and Planning teams shall work together
31 IT Professional Role Automation Control System Engineering Role Who will do it in the field? Understanding the SPA role (Single Point of Accountability).
32 Can Industrial Cyber Security be Outsourced? Can We implement industrial cyber security without the automation vendor? The Role of Industrial cyber security consultancy
33 Integrate the Efforts between: Automation Best-in-class manufacturers, & Real Cyber Security Players Use Integrated Industrial Cyber Security Solution Integrate IT & Operation Teams to Work Together
34 37 One team work (Customer, Manufacture, Cyber Security Provider) Build your own Cyber Security Standard for Industrial Systems Security Make the Invisible Visible Security is Visibility, and Visibility is Security. Implement Security By Design
35 38 Know your ICS Components Build Cyber Security Infrastructure First, and then, Design Industrial Operations Systems with Cyber Security at the core.
36 Goals People Processes Technology Information Information Confidentiality, Intellectual Property Protection, Equipment Protection, Availability, Business Continuity, Process Safety, Workers Safety and Health, Environmental Protection and Compliance ICS Cyber Security Program Sponsor, Managers, Auditors, ICS and IT Cyber Security, Control System Engineers, Specialists, General Workforce. Regulations and Industry Standards, Best Practices, Quick Wins, Configuration Management, Incident Management, Auditing Compliance Reporting, Employee Training and Testing Network, - Firewalls, Intrusion Protection Devices Firewalls, Access, AV, WL System - System Hardening, Configuration Management, Incident Management, Audit and Test Technologies User Passwords, Rights and Privileges, Network and Device Configuration, Software versions and Patches, Advisories and Alerts, Activity Histories and Incidents
37
38
39 ISA/IEC (Formerly ISA99) ANSI/ISA NIST SP (Special Publication) NIST SP Guide to Industrial Controls Systems (ICS) Security NIST SP Guide for Applying the Risk Management Framework ANSI/ISA-95, or ISA-95 NERC Critical Infrastructure Protection (CIP)
40 Checklists, what if? Hazard and Operability Study (HAZOP) Failure Mode and Effects Analysis (FMEA) Layers of Protection Analysis (LOPA) Fault Tree Analysis (FTA)
41
42
43
44
45
46
47 Reference: ISA 99 Standard and Honeywell Documentation
48
49
50 Designing a Robust Information Security Model For Industrial Infrastructures Security through Integration and Visibility
51
52 Remote Site Headquarters AV AV AV WL WL WL Antivirus DC Antivirus DC Antivirus DC SU SU SU HIPS HIPS HIPS Enterprise Security NAC NAC NAC NAC NTBA NTBA NTBA NTBA DLPM PCN : Process Control Network PIN : Process Information Network CPIN : Central- Process Information Network EBN : Enterprise Business Network IPS: Intrusion Prevention System AV: Antivirus & Antispyware Technology NAC: Network Access Control WL: White Listing Technology NTBA: Network Threat Behavior Analysis DC: Device Control Technology DLPM: Data Loss Prevention Monitor SU: Security Updates Technology HIPS: Host Intrusion Prevention System (Monitor Only)
53 Ayman AL-Issa, Digital Oil Fields Cyber Security Advisor ADMA-OPCO, Abu Dhabi, UAE
54 Today s Status? The IACS DID Model Components The MAC and the MCSC Conclusion
55
56
57 What are the obstacles faced by the customer at the plant floor to protect new/existing (old) diverse types of IACS from the emerging cyber threats. Why an effective cyber-security DID model failed to be implemented so far in a Critical Infrastructure having multi/diverse/old/new Automation Systems, and the way forward?
58
59 We realized the need for Industrial Cyber Security The ship commander is not clearly identified yet. We don t know what we want to do! We don t know the approach. We still did not realize the need for overall solution integrator. We hardly completed make up risk assessments. Very little cyber security efforts done on ground.
60 The mission is not easy The stakeholders are not all onboard? Automation Vendors are moving slowly Automation Vendors can not provide their own Complete DID cyber security solution. Industrial cyber security vendors are doing better, however, many Cyber Security Vendors are still not onboard More chances for arising automation system conflict by implementing Cyber Security Solutions
61 More dependence on procedures, guidelines and policies Week Cyber Security Controls in General More chances for arising automation system conflict by implementing Cyber Security Solutions
62 Prior 1960 Control hardware comprised pneumatic or electronic analog devices 1960s Conventional Control Systems: minicomputers were used in the control of industrial processes Early 70s The DCS was introduced in 1975 (new era of the computer applications in process control) 1999 Schneider Automation (which acquired Modicon) released the "Open MODBUS/TCP Specification in March 1999
63 Planning Level Execution Level Supervisory Level Control Level DCS (Distributed Control System) PLC (Programmable Logic Controller) MES (Manufacturing Execution System) SCADA (Supervisory Control and Data Acquisition) ERP (Enterprise Resource Planning) ms seconds hours days weeks month years
64 ERP MES Supervision months days minutes Group Control seconds Complexity Individual Control Field Site 0.1s 0.01s Reaction Speed
65
66
67 Proposed Mitigation Step: Use of Automation Vendor s Repository Server. Use of Site Virtual Machines for each vendor. Use of Customer Owned Laptops for each vendor.
68 - What is wrong & what is the proposed solution?
69
70 - Please stop misleading our automation engineers?
71 - Standards - Are excellent references prepared by world top experts. - They should be used - Control Systems are Similar but implementations are different. - Threats are more to some nations than another. Proposed Mitigation Step: Build your own standard
72
73
74
75
76
77
78 1. VISION FIRST A. Asset Inventory B. Change Management C. Automated Backup Solutions D. DRP E. Performance Management System F. Network Health Check 2. End-Point Security
79 While customers are being offered divers numbers of cyber security Defense-In-Depth solutions by cyber security vendors to protect their critical infrastructures, the question that needs to have a GIGANTIC answer for is: HOW CAN SUCH A MODEL BE: - IMPLEMENTED, - SUPPORTED, & - OPERATED SUCCESSFULLY DURING THE PLANT LONG LIFETIME???
80 Recent DCS, ESD, F&G, etc. systems are having different nature compared to the old ones where the number of the COTS systems are much more than the ones utilized by obsolete systems, and hence maintain/operating them is different in nature as well. The move to the MAC approach came to facilitate proper OPERATION/MAINTENANCE/SUPPORT of the overall plant during its long-life time span, and it has proved its great benefits.
81 A Cyber-Security Defense-In-Depth Model within IACS in a Critical Infrastructure is easy to say but very difficult to: Implement Support during the plant long-life time Operate So, let s explore how adopting the approach of Main Cyber Security Contractor (MCSC) in a way similar to the approach of Main Automation Contractor (MAC) shall help to pave the way for: A successful implementation, and Long-term support/operation of an industrial cyber security Defense-In-Depth (DID) solution within the automation systems in critical infrastructures.
82 To demonstrate the value of adopting the approach of the Main Cyber Security Contractor, I ll use the following three scenarios:
83 Company X procures the end-point security solutions from different vendors (3 or more), and it procures the network security systems from different vendors as well. Common Result: Chances for conflicts in the new updates are high. MAC has to deal with many cyber security vendors, and he/she will suffer till he/she resolves the conflict. Plant operation will be affected negatively and security will turn into a disaster rather than a solution. The alternative option left to the customer could be to disable the security solutions or remove them as the plant operation is its top priority.
84 Company Y procures the end-point solution from limited number of vendors (two or less), the network security solution is procured from limited number of vendors, and a MCSC is set responsible for supporting the whole environment. MCSC has partnership with the cyber security providers. Common Result: The Chances for conflicts are there as a result of diversity in vendors; however as MCSC has agreements with the vendors, problems will take less time to resolve. Plant operation might be affected if the conflict is not resolved in a short time.
85
86 Company Z procures the automation system from a MAC who has a partnership with a MCSC. The MCSC can provide the overall DID solution. The MAC has partnership agreement with the MCSC to test all the updates in the MAC systems prior to releasing them. The MCSC Role is under the responsibility of the MAC Common Result: Better cyber security and smooth Long-time operation/support of the plant.
87 The adoption of a real DID model within the automation systems can only be successful if it can be operated and maintained for a long run. Partnership between Automation Vendors and Cyber Security vendors can ease the way of implementing Cyber Security within plants. Cyber Security Solution within a plant shall be Supported by the Automation vendor while operated and administered by the customer in the same way a plant is operated.
88
89
90
91
92
93
94
95
96
97
98 Technology Solution. OEM Professional Services OEM Certified Training Consultancy. Infrastructure Design for the Project and Solution.
99
100
101 106
102 107
103 108
104 109
105 Build The Security Operations Center (SOC), and the Network Operations Center (NOC) Network Segmentation Industrial Firewalls Next Generation Firewalls Next Generation Intrusion Prevention Systems Network Threat Behavior Analysis (NTBA)
106 Vulnerability Management Systems Data Loss Prevention Database Security Network Access Control SIEM Solution Performance Availability Monitoring Solution Consider Wireless Security Controls
107 Workstations, Engineering Workstations, Servers, Storage. Application Control and White-listing Configuration control system AntiVirus/AntiSpyware/Antimalware Host Intrusion Prevention System
108 Workstations, Engineering Workstations, Servers, Storage. Deep Defender Patch Management Solution Systems Hardening Systems Backup (Data and System Images)
109 The configuration, installation, and deployment of the technology solutions shall be carried out by OEM Professional Services from the OEM vendors.
110 An OEM Certified Training shall be provided for all Systems, Solutions, and applications part of the technology solutions mentioned in part 1.
111 Risk Assessment: Risk Assessments shall be conducted according to the best industrial practices risk assessments and standards as follows: First Risk Assessment is to be conducted to evaluate the risks at the industrial control systems included in the project on the SAT phase. Second round of Risk Assessment shall be conducted as part of the Site Acceptance Test, and it shall be carried out by consultants from a specialized industrial cyber security company. The risk assessment shall cover all systems and their configurations including digital security systems, network systems, industrial control systems, and any IP-based system. It shall also cover all systems configuration as well. All gaps identified shall be closed before going to the production. Regular Risk Assessments will be conducted and arranged by the Company every year to ensure that all IP-based systems and applications are rigid to cyber attacks. Vendors shall close all gaps identified by any future risk assessment.
112 Disaster Recovery (DR) Plan, Business Continuity (BC) Plan, and Incidence Response (IR) Plan: Vendor shall provide a full plan for their systems preparedness and backup to cases such as major system failures, blackouts, or virus outbreak. Vendor is required to clearly state and deliver their DR, BC Plans including their mitigation plans and Incidence Response Plans. They shall also provide the operational plan within "worst case scenario" type of crisis. Procedures, Policies, Guidelines, and Best Practices: Procedures, Policies, Guidelines, and Best Practices shall be provided by the vendor before going to production, and shall be included in the training plan to all employees working on any system within the vendor provided solution. The training shall include a mechanism that verifies that the employees clearly understand the procedures, policies, guidelines, and best practices.
113 The vendor shall provide an Infrastructure Design that matches all requirements mentioned in Part 1 (Technology Solution). The design shall reflect all required segregations, segmentations, industrial control systems, networking, and digital security components. The design shall be verified and accepted by Company Information Security Section.
114 Comply with the latest version of any Company, or it s shareholders standard related to the Digital/Cyber Security Standards All LAN/WAN Security equipment supplied by Contractor shall be compatible and compliant with existing Company LAN/WAN Security equipment and configuration and approved by IT Security Team. Contractor shall not procure LAN/WAN Security equipment until it is required to assure implementation of the latest state-of-art approved technology. This can only be achieved by delaying the procurement of LAN/WAN Security equipment to the latest phase of the project. The bill of material and purchase request should be approved by Company IT Security Section (ITSS) prior to tendering.
115 Security Controls shall be provided from a single vendor MCSC (Main Cyber Security Contractor) to ease the support and management of the systems, and to provide high security and visibility value by the integration of all products. The IT Security Team shall be present during all systems tests.
116 Must be of the latest models/proved technology in the market, and Must have a manufacture support road map (life continuity) of at least 5 years from the day of purchasing, and Must have a sales road map of at least two years. Must be High Available with redundancy, and shall not cause any kind of latency to the traffic that could affect the operation by any means. The vendor has to make use of technologies such as the Intel Processor Security Features to be capable to have a vision on attacks such as hidden attacks. These technologies shall be used by the systems provided by the vendor.
117
118 Senior Management Ownership One Team from Different Disciplines. Understanding Oil Field Operational System Requirements. Build Cyber Security Infrastructure First, and then, Design Industrial Operations Systems with Cyber Security at the core.
119 Integrate security efforts between Security companies and industrial companies Smart Grid Security Innovation Alliance Build your own Cyber Security Standard for Industrial Systems Security Remember: Industrial Systems are the most difficult systems to secure. Make the Invisible Visible Security is Visibility, and Visibility is Security.
120 An effective process control security in the Industrial Oil and Gas Plants can make the difference between a normal day at work and a disaster Cyber Security shall be at the core of Smart Technologies
121 Some of the information and images used in this presentation has been obtained from public domains, published sources, catalogs of manufacturers. It is used solely for the purpose of illustration and presentation only References: Securing SCADA Systems (Ronald L. Krutz), Industrial Network Security (Eric Napp), Thoughts from Eric Byers. ISA-99, IEC 62443
122 127
123 128
Securing Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationSANS SCADA and Process Control Europe Rome 2011
SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationMark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services
Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience
More informationCyber Security of Industrial Control Systems (ICSs)
Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationCritical Infrastructure Protection for the Energy Industries. Building Identity Into the Network
Critical Infrastructure Protection for the Energy Industries Building Identity Into the Network Executive Summary Organizations in the oil, gas, and power industries are under increasing pressure to implement
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationAlternatives to Patching for more Secure and Reliable Control Systems
Alternatives to Patching for more Secure and Reliable Control Systems Eric Byres, P.Eng., ISA Fellow Chief Technology Officer Tofino Security, a Belden Brand The New World of Security For the past 30 years,
More informationAddressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting
Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationJust How Vulnerable is Your Safety System?
Theme 3: Cyber Security Just How Vulnerable is Your Safety System? Colin Easton MSc, CEng, FInstMC, MIET, ISA Senior Member TUV Rhienland FS Senior Expert PHRA & SIS 6 th July 2017 1 Safety System Security
More informationHealthcare Security Success Story
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Healthcare Security Success Story
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationCyber Security Solutions Mitigating risk and enhancing plant reliability
P OW E R G E N E R AT I O N Cyber Security Solutions Mitigating risk and enhancing plant reliability 2 CYBER SECURITY SOLUTIONS MITIGATING RISK AND ENHANCING PLANT RELIABILITY Providing a roadmap to achieve
More informationWelcome to the webinar! We will start within a few minutes
Welcome to the webinar! We will start within a few minutes Agenda Introduction Solarplaza Presentations Threat assessment - Tom Tansy SunSpec Alliance Cyber Security & Solar A consultant s view - John
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationManagement Information Systems. B15. Managing Information Resources and IT Security
Management Information Systems Management Information Systems B15. Managing Information Resources and IT Security Code: 166137-01+02 Course: Management Information Systems Period: Spring 2013 Professor:
More informationQuickBooks Online Security White Paper July 2017
QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationBest Practices in ICS Security for System Operators
Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted
More informationAWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Security Practices Freshservice Security Practices Freshservice is online IT service desk software that allows IT teams of organizations to support their users through email, phone, website and mobile.
More informationIsaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.
Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This
More informationRMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS
RMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS RMS REPORT PAGE 1 Confidentiality Notice Recipients of this documentation and materials contained herein are subject to the restrictions
More informationSOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationCOMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013
COMPASS FOR THE COMPLIANCE WORLD Asia Pacific ICS Security Summit 3 December 2013 THE JOURNEY Why are you going - Mission Where are you going - Goals How will you get there Reg. Stnd. Process How will
More informationCyber Security. June 2015
Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationEXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.
EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT An Insight Cyber White Paper Copyright Insight Cyber 2018. All rights reserved. The Need for Expert Monitoring Digitization and external connectivity
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationEnterprise GRC Implementation
Enterprise GRC Implementation Our journey so far implementation observations and learning points Derek Walker Corporate Risk Manager National Grid 1 Introduction to National Grid One of the world s largest
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationSafdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls
Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September 2017 CYBER SECURITY PROGRAM: Policies to Controls Can You Answer These Questions? 1 What s my company s exposure to the latest industrial
More informationBreaking the Blockchain: Real-World Use Cases, Opportunities and Challenges
SESSION ID: BAC-W12 Breaking the Blockchain: Real-World Use Cases, Opportunities and Challenges Dr. Michael Mylrea Senior Advisor for Cybersecurity & Blockchain Lead Pacific Northwest National Laboratory
More informationExam4Tests. Latest exam questions & answers help you to pass IT exam test easily
Exam4Tests http://www.exam4tests.com Latest exam questions & answers help you to pass IT exam test easily Exam : CISM Title : Certified Information Security Manager Vendor : ISACA Version : DEMO 1 / 10
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationDepartment of Public Health O F S A N F R A N C I S C O
PAGE 1 of 7 Category: Information Technology Security and HIPAA DPH Unit of Origin: Department of Public Health Policy Owner: Phillip McDown, CISSP Phone: 255-3577 CISSPCISSP/C Distribution: DPH-wide Other:
More informationIT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationCyber Security of Industrial Control Systems and Potential Impacts on Nuclear Power Plants
Cyber Security of Industrial Control Systems and Potential Impacts on Nuclear Power Plants IEEE NPEC April 18, 2006 Joe Weiss, PE, CISM KEMA, Inc. Joe.weiss@kema.com (408) 253-7934 2 Why are we here? Ostensibly:
More informationeguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments
eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationISA Security Compliance Institute
ISA Security Compliance Institute ISASecure from an Asset Owner s perspective ISA Automation Week 2013 1 ISA Security Compliance Institute Presentation objectives Introduction to ISA/IEC 62443 Standards
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationA company built on security
Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for
More informationCisco Secure Ops Solution
Brochure Cisco Secure Ops Solution Cisco Secure Ops Solution supports cyber-security risk management and compliance for industrial automation environments. It is a combination of on premise technology,
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More informationMaarten Oosterink for PPA 2010 Delft, Vendor Requirements. Process Control Domain - Security Requirements for Vendors
Maarten Oosterink for PPA 2010 Delft, 11-03-2010 Vendor Requirements Process Control Domain - Security Requirements for Vendors Contents Purpose, Scope and Audience Development process Contents of WIB
More informationUsing ANSI/ISA-99 Standards to Improve Control System Security
Tofino Security White Paper Version 1.1 Published May 2012 Using ANSI/ISA-99 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. Why the Push for Productivity has degraded
More informationABB Process Automation, September 2014
ABB Process Automation, September 2014 ABB Process Automation Services Services that add life to your products, systems and processes September 26, 2014 Slide 1 1 ABB Process Automation Services A proven
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More informationALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation
ALTITUDE DOESN T MAKE YOU SAFE Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation CYBER SECURITY IS THE GREATEST THREAT TO EVERY COMPANY IN THE WORLD. IBM CEO GINNI ROMETTY SD
More informationICS Security Monitoring
ICS Security Monitoring INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL OIL, GAS & CHEMICALS Moses Schwartz Security Engineer Computer Incident Response Team Bechtel Corporation State
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationManaging SCADA Security. NISTIR 7628 and the NIST/SGIP CSWG. Xanthus. May 25, Frances Cleveland
Managing SCADA Security NISTIR 7628 and the NIST/SGIP CSWG May 25, 2011 Frances Cleveland fcleve@xanthus-consulting.com Xanthus Consulting International Topics NISTIR 7628 NIST/SGIP CSWG and its Subgroups
More informationBusiness Continuity: How to Keep City Departments in Business after a Disaster
Business Continuity: How to Keep City Departments in Business after a Disaster Shannon Spence, PE Red Oak Consulting, an ARCADIS group Agenda Security, Resilience and All Hazards The Hazards Cycle and
More informationVendor Security Questionnaire
Business Associate Vendor Name Vendor URL Vendor Contact Address Vendor Contact Email Address Vendor Contact Phone Number What type of Service do You Provide Covenant Health? How is Protected Health Information
More informationProcess System Security. Process System Security
Roel C. Mulder Business Consultant Emerson Process Management Sophistication of hacker tools, May 2006, Slide 2 Risk Assessment A system risk assessment is required to determine security level Security
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationInformation Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure
Information Infrastructure and Security The value of smart manufacturing begins with a secure and reliable infrastructure The Case for Connection To be competitive, you must be connected. That is why industrial
More informationDell helps you simplify IT
Dell helps you simplify IT Workshops the first step. Reduce desktop and data center complexity. Improve productivity. Innovate. Dell IT Consulting Services New Edition 2011 Introduction Are you spending
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More information