Securing Industrial Control Systems

Size: px
Start display at page:

Download "Securing Industrial Control Systems"

Transcription

1 L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting and challenging environment. There are real threats to cybersecurity by external threat actors as well as both unintentional and malicious security breaches caused by insiders. Management must act to protect mission-critical assets, customers and employees. However, management is torn under pressure to improve financial performance. This is driving companies to improve efficiencies through tighter integration of security and operations, both within the facility and supply chain partners, thus ending the days of isolated control networks. Companies can protect their control system and infrastructure assets while increasing operational effectiveness. Since isolation seems to be impossible in today s world, how do companies protect their control systems and critical assets while improving efficiencies? 1 id.lockheedmartin.com 2014 Lockheed Martin Industrial Defender, Inc.

2 Introduction Critical infrastructure industries such as electrical power, oil & gas, chemical, and transportation face a daunting and challenging environment. On the one hand, there are real threats to cybersecurity by external threat actors, as well as both unintentional and malicious security breaches caused by insiders. Management must act to protect mission-critical assets, customers and employees, but pressure to improve financial performance is driving companies to improve efficiencies through tighter integration of security and operations, both within the facility and supply chain partners. How do companies deal with these two seemingly conflicting needs? Is it possible to go back to the past when industrial control systems (ICS) were isolated, making them immune to cyber attacks? In May 2011, Sean McGurk, then National Cybersecurity and Communications Integration Center Director at the Department of Homeland Security, testified that during vulnerability assessments for critical infrastructure owners and operators, the agency has always discovered connections between the enterprise network and the operations network: In our experience in conducting hundreds of vulnerability assessments in the private sector, in no case have we ever found the operations network, the SCADA system or energy management system separated from the enterprise network. On average, we see 11 direct connections between those networks. In some extreme ases, we have identified up to 250 connections between the actual producing network and the enterprise network. 1 Since isolation seems to be impossible in today s world, how do companies protect their control systems and critical assets while improving efficiencies? The first step is to understand a facility s vulnerabilities. For example, a major industrial company learned there were over 500 entry points to the corporate LAN and two thirds of their process control networks were thereby connected to the outside world. As sobering as this is, cyber intruders may not be the greatest threat. Malicious insiders armed with specialized knowledge and privileged access is capable of doing great harm. Faced with both external and internal threats, what steps are necessary to protect critical industrial control systems and still allow them to serve real-time information to knowledge workers, and not be a burden on either the systems or the operators? The risks of making the wrong decision are high. Consider the ramifications of two trains heading toward each other on the same track due to software hacked by a disgruntled employee; the cost of a chemical plant spilling hazardous material because a worm disables part of a control system; the result of a widespread power outage due to a coordinated cyberattack on multiple power plants. 1 Testimony before the House of Representatives Oversight Committee Subcommittee on National Security, Homeland Defense, and Foreign Operations, May 25, 2011, 2 id.lockheedmartin.com 2014 Lockheed Martin Industrial Defender, Inc.

3 Protect Industrial Networks Industrial control systems utilize the same computers and communication technologies as the corporate network but also have unique equipment and operating constraints. It will take the compilation of control system expertise and cybersecurity knowledge to properly secure these systems. While many think IT should be responsible for cybersecurity needs and consult with colleagues accountable for the control systems to find vendors that understand both domains, a 2011 survey showed there was no one group that was specifically responsible for cybersecurity in control systems.. Lockheed Martin recommends the following best practices for cybersecurity within critical infrastructure companies: Maintain a database of all your assets that includes their configurations, software inventories, and patches to quickly identify vulnerabilities when they become known Monitor all events occurring within your control system, all the way down to the control system devices including HMIs, PLCs, RTUs, and IEDs. Choose a single industry or sector specific framework to build your security program around, including 2 : NIST Cybersecurity Framework: for all Critical Infrastructure sectors International Society of Automation ISA99: for all Control Systems NERC CIP: for North American Electric Utilities American Petroleum Institute 1164: For Oil & Gas sector Backup system configurations to ensure safe, timely recovery from a successful cyberattack Leverage technologies that have been certified and validated by your control system vendors Based on these practices, senior IT and management executives should consider the following blueprint when providing optimal security solutions: 1. Strengthen the defenses of existing systems by conducting a vulnerability assessment and adding intrusion detection and real-time security event monitoring software built for ICS environments 2. Implement zones and network segmentation to isolate the control network while supporting secure transfer of realtime information to corporate users and systems. To be effective, network architectures must be highly resistant to internal and external threats. 3. Deploy critical systems like SCADA or DCS on operating systems that are specifically designed to provide a high degree of protection and integrity. Steps one and two can be applied to existing industrial networks to bolster their defenses, while the third step is most appropriate for new systems or a major upgrade. To avoid introducing new vulnerabilities, all three approaches should be based on a platform that is, itself, extremely secure. To achieve such a high level of security, it s necessary to look at the capabilities of the computer operating system, and when using commercial-off-the-shelf software be sure to always follow the vendors system hardening guidelines. 2 Examples are provided for reference and do not represent an exhaustive list 3 id.lockheedmartin.com 2014 Lockheed Martin Industrial Defender, Inc.

4 Real-time Security Management The process and utilities industries routinely use real-time computer systems to monitor the health and safety of their operations. But the health and security of these computer networks remains invisible. What if we could watch for or monitor security incidents in the same way a SCADA system monitors flow rates and alerts an operator to a dangerous condition? Security management systems (see Figure 1.) are available for this purpose. They consist of a perimeter protection that is installed on existing computers, and automated data collection that fits within the low-bandwidth requirements of control systems. The protection appliance is a Unified Threat Management (UTM) device that provides firewall and other security capabilities such as antivirus filtering and intrusion prevention. 4 id.lockheedmartin.com 2014 Lockheed Martin Industrial Defender, Inc.

5 Automated data collection should report on asset health, changes in security log files and control application status. This information is sent to an appliance where it is stored in a real-time database. From there, alarm limits can be set, alerts generated, incident reports created and trends displayed. The security console also runs network intrusion detection software and has the ability to monitor network equipment like switches, routers and firewalls via the Simple Network Management Protocol (SNMP). An old truism states that a person can t control what isn t measured, and this applies to security as well. Security event management systems give organizations a better view of vulnerabilities by aggregating information generated by firewalls, intrusion detection systems, switches and other network devices. In the industrial environment, information from industrial assets and application programs needs to be added, ensuring the availability and performance of critical systems. Without monitoring events, companies are flying blind and have no idea what their vulnerabilities are or even if they are under attack until it s too late. In particular, control systems can benefit from this approach because some IT practices such as password lockout, frequent patch updates and periodic virus scanning don t translate well into the plant environment, since they compromise the safety and integrity of the operation. Installing event monitoring software at key facilities provides many benefits including: 1. A central view of industrial control systems, their applications and computers providing an overview of the current security status. 2. Perimeter protection of mission critical control systems. 3. Key information including software inventory, patch version, and operating system to reduce or mitigate future security risks. 4. Satisfying emerging government, insurance and industry requirements concerning cybersecurity. Conclusion Heightened cybersecurity concerns are causing companies, particularly those that operate critical infrastructure and process manufacturing facilities, to re-examine their networks from a cybersecurity perspective. For over a decade, companies have implemented Lockheed Martin s Industrial Defender Solutions in mission-critical applications keeping power plants running and transportation companies moving at peak efficiency, as well as ensuring that water, gas and electricity are delivered to our homes reliably. Now, with the introduction of the Industrial Defender ASM, Lockheed Martin is the first company to address control system security concerns while improving operational effectiveness and providing a significant return on investment. 5 Industrial Defender Solutions 16 Chestnut Street, Suite 300 Foxborough, MA, USA, Phone: id.lockheedmartin.com 2014 Lockheed Martin Industrial Defender, Inc.

Industrial Defender ASM. for Automation Systems Management

Industrial Defender ASM. for Automation Systems Management Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping

More information

ABB Ability Cyber Security Services Protection against cyber threats takes ability

ABB Ability Cyber Security Services Protection against cyber threats takes ability ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.

More information

Statement for the Record

Statement for the Record Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before

More information

Digital Wind Cyber Security from GE Renewable Energy

Digital Wind Cyber Security from GE Renewable Energy Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well

More information

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along 2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle

More information

Addressing Cyber Threats in Power Generation and Distribution

Addressing Cyber Threats in Power Generation and Distribution Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems

More information

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network Critical Infrastructure Protection for the Energy Industries Building Identity Into the Network Executive Summary Organizations in the oil, gas, and power industries are under increasing pressure to implement

More information

NW NATURAL CYBER SECURITY 2016.JUNE.16

NW NATURAL CYBER SECURITY 2016.JUNE.16 NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING

More information

Continuous protection to reduce risk and maintain production availability

Continuous protection to reduce risk and maintain production availability Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading

More information

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical

More information

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power

More information

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat

More information

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Enhancing the Cybersecurity of Federal Information and Assets through CSIP TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3

More information

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits

More information

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance HAKIM- Sales Engineer 1 Cybersecurity of valuable assets and processes in a wide range of industry verticals, such as: Oil & Gas

More information

Security Standards for Electric Market Participants

Security Standards for Electric Market Participants Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system

More information

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants

More information

Why you should adopt the NIST Cybersecurity Framework

Why you should adopt the NIST Cybersecurity Framework Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive

More information

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding

More information

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better

More information

SANS SCADA and Process Control Europe Rome 2011

SANS SCADA and Process Control Europe Rome 2011 SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity

More information

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies

More information

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by

More information

Cybersecurity Overview

Cybersecurity Overview Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where

More information

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience

More information

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen - Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security

More information

THE TRIPWIRE NERC SOLUTION SUITE

THE TRIPWIRE NERC SOLUTION SUITE CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on

More information

Cyber Security of Industrial Control Systems (ICSs)

Cyber Security of Industrial Control Systems (ICSs) Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied

More information

Cybersecurity for the Electric Grid

Cybersecurity for the Electric Grid Cybersecurity for the Electric Grid Electric System Regulation, CIP and the Evolution of Transition to a Secure State A presentation for the National Association of Regulatory Utility Commissioners March

More information

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control

More information

Cybersecurity Training

Cybersecurity Training Standards Certification Education & Training Publishing Conferences & Exhibits Cybersecurity Training Safeguarding industrial automation and control systems www.isa.org/cybetrn Expert-led training with

More information

In the wrong hands it s an open invitation

In the wrong hands it s an open invitation In the wrong hands it s an open invitation If someone takes over your control system infrastructure it could prove fatal Control systems are indispensable for a number of industrial processes and are lucrative

More information

Keys to a more secure data environment

Keys to a more secure data environment Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting

More information

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber

More information

Cyber Security. June 2015

Cyber Security. June 2015 Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events

More information

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc. Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility

More information

Using ANSI/ISA-99 Standards to Improve Control System Security

Using ANSI/ISA-99 Standards to Improve Control System Security Tofino Security White Paper Version 1.1 Published May 2012 Using ANSI/ISA-99 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. Why the Push for Productivity has degraded

More information

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

Understanding Holistic Effects of Cyber Events on Critical Infrastructure Understanding Holistic Effects of Cyber Events on Critical Infrastructure Shane Cherry Infrastructure Analysis and Technology Development National and Homeland Security Directorate March 20, 2018 INL/CON-17-42513

More information

Defending Our Digital Density.

Defending Our Digital Density. New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration

More information

IC32E - Pre-Instructional Survey

IC32E - Pre-Instructional Survey Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into

More information

WHITE PAPER. Vericlave The Kemuri Water Company Hack

WHITE PAPER. Vericlave The Kemuri Water Company Hack WHITE PAPER Vericlave The Kemuri Water Company Hack INTRODUCTION This case study analyzes the findings of Verizon Security Solutions security assessment of the Kemuri Water Company security breach. The

More information

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the

More information

Carbon Black PCI Compliance Mapping Checklist

Carbon Black PCI Compliance Mapping Checklist Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and

More information

Protecting productivity with Industrial Security Services

Protecting productivity with Industrial Security Services Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices

More information

Heavy Vehicle Cyber Security Bulletin

Heavy Vehicle Cyber Security Bulletin Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas

Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Presentation to WVONGA Jack L. Shaffer, Jr. Business Transformation Director vcio/ vciso 2017 Cybersecurity in the news Ransomware Wanacry,

More information

IT SECURITY FOR NONPROFITS

IT SECURITY FOR NONPROFITS IT SECURITY FOR NONPROFITS COMMUNITY IT INNOVATORS PLAYBOOK April 2016 Community IT Innovators 1101 14th Street NW, Suite 830 Washington, DC 20005 The challenge for a nonprofit organization is to develop

More information

ForeScout ControlFabric TM Architecture

ForeScout ControlFabric TM Architecture ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%

More information

Control Systems Cyber Security Awareness

Control Systems Cyber Security Awareness Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security

More information

Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant

Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems

More information

Firewalls (IDS and IPS) MIS 5214 Week 6

Firewalls (IDS and IPS) MIS 5214 Week 6 Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part

More information

DHS Cybersecurity: Services for State and Local Officials. February 2017

DHS Cybersecurity: Services for State and Local Officials. February 2017 DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated

More information

2017 Annual Meeting of Members and Board of Directors Meeting

2017 Annual Meeting of Members and Board of Directors Meeting 2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,

More information

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP

More information

BILLING CODE P DEPARTMENT OF ENERGY Federal Energy Regulatory Commission. [Docket No. RM ] Cyber Systems in Control Centers

BILLING CODE P DEPARTMENT OF ENERGY Federal Energy Regulatory Commission. [Docket No. RM ] Cyber Systems in Control Centers This document is scheduled to be published in the Federal Register on 07/28/2016 and available online at http://federalregister.gov/a/2016-17854, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF ENERGY

More information

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company Written Statement of Timothy J. Scott Chief Security Officer The Dow Chemical Company Representing The Dow Chemical Company and the American Chemistry Council To the United States Senate Committee on Homeland

More information

Cyber security - why and how

Cyber security - why and how Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC

More information

SIEM: Five Requirements that Solve the Bigger Business Issues

SIEM: Five Requirements that Solve the Bigger Business Issues SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered

More information

NIST Cybersecurity Framework Protect / Maintenance and Protective Technology

NIST Cybersecurity Framework Protect / Maintenance and Protective Technology NIST Cybersecurity Framework Protect / Maintenance and Protective Technology Presenter Charles Ritchie CISSP, CISA, CISM, GSEC, GCED, GSNA, +6 Information Security Officer IT experience spanning two centuries

More information

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES To Secure Azure and Hybrid Cloud Environments Introduction Cloud is at the core of every successful digital transformation initiative. With cloud comes new

More information

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability

More information

The Office of Infrastructure Protection

The Office of Infrastructure Protection The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference

More information

Cyber Resilience. Think18. Felicity March IBM Corporation

Cyber Resilience. Think18. Felicity March IBM Corporation Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack

More information

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats

More information

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

SECURING THE SUPPLY CHAIN

SECURING THE SUPPLY CHAIN SECURING THE SUPPLY CHAIN BY Jerome Farquharson, CISSP, Donald Dustin Williams, PE, AND Courtney Buser The advance of smart grids, smart devices and increasingly interconnected systems provides exceptional

More information

Cybersecurity and Hospitals: A Board Perspective

Cybersecurity and Hospitals: A Board Perspective Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,

More information

Indegy. Industrial Cyber Security. Matt Petrauskas Regional Director.

Indegy. Industrial Cyber Security. Matt Petrauskas Regional Director. Indegy Industrial Cyber Security Matt Petrauskas Regional Director mpetrauskas@indegy.com Discussion Focus Unveiling Security Gaps in Industrial Control Networks About the Presenter Matt Petrauskas 33

More information

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017 DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.

More information

Industrial control system (ICS) security

Industrial control system (ICS) security Industrial control system (ICS) security Contents 1. Operations technology and ICS 2. Threat to ICS sector 3. Adapting standards 4. How PwC can help Operations technology and ICS Operations technology

More information

Industry Best Practices for Securing Critical Infrastructure

Industry Best Practices for Securing Critical Infrastructure Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary

More information

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions Frequently Asked Questions Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions April 2005 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236.2626 Internet Security Systems (ISS)

More information

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation ALTITUDE DOESN T MAKE YOU SAFE Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation CYBER SECURITY IS THE GREATEST THREAT TO EVERY COMPANY IN THE WORLD. IBM CEO GINNI ROMETTY SD

More information

Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016

Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016 Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations Arkansas Joint Committee on Energy March 16, 2016 CenterPoint Energy, Inc. (NYSE: CNP) Regulated Electric and Natural Gas Utility

More information

Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk

Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry

More information

Cyber Security Solutions Mitigating risk and enhancing plant reliability

Cyber Security Solutions Mitigating risk and enhancing plant reliability P OW E R G E N E R AT I O N Cyber Security Solutions Mitigating risk and enhancing plant reliability 2 CYBER SECURITY SOLUTIONS MITIGATING RISK AND ENHANCING PLANT RELIABILITY Providing a roadmap to achieve

More information

IPM Secure Hardening Guidelines

IPM Secure Hardening Guidelines IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for

More information

Medical Device Cybersecurity: FDA Perspective

Medical Device Cybersecurity: FDA Perspective Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological

More information

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being

More information

locuz.com SOC Services

locuz.com SOC Services locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security

More information

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most

More information

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose

More information

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013 + Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013 Jeffrey R. Pillon, Director, Energy Assurance Programs National Association of State

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

INSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic

INSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic Virus Protection & Content Filtering TECHNOLOGY BRIEF Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server Enhanced virus protection for Web and SMTP traffic INSIDE The need

More information

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management Seven Habits of Cyber Security for SMEs Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management Security Policy is an important

More information

Risk Management in the Energy Sector: Evolving Cybersecurity Risks & Strategies

Risk Management in the Energy Sector: Evolving Cybersecurity Risks & Strategies Risk Management in the Energy Sector:. Evolving Cybersecurity Risks & Strategies Joseph R. Dancy Director, The University of Oklahoma College of Law Oil and Gas, Natural Resources, and Energy Center (ONE

More information

Cyber Security Stress Test SUMMARY REPORT

Cyber Security Stress Test SUMMARY REPORT Cyber Security Stress Test SUMMARY REPORT predict prevent respond detect FINAL SCORE PREDICT: PREVENT: Final score: RESPOND: DETECT: BRILLIANT! You got a 100/100. That's as good as it gets. So take a second

More information

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team ICS-CERT Year in Review Industrial Control Systems Cyber Emergency Response Team 2012 What s Inside Welcome 1 Organization 3 Outreach 4 Industrial Control Systems Joint Working Group 5 Advanced Analytical

More information

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network? Cybersecurity Due Diligence Checklist Control # Control Name Risks Questions for IT 1 Make an Benign Case: Employees Inventory of using unapproved Authorized devices without Devices appropriate security

More information

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.

More information

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2

More information

Cyber Security Requirements for Supply Chain. June 17, 2015

Cyber Security Requirements for Supply Chain. June 17, 2015 Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think

More information

Technical White Paper ICS CYBER SECURITY. Protecting Industrial Control Systems: An Integrated Approach

Technical White Paper ICS CYBER SECURITY. Protecting Industrial Control Systems: An Integrated Approach Technical White Paper ICS CYBER SECURITY Protecting Industrial Control Systems: An Integrated Approach The purpose of this white paper is to present a novel cyber security framework for deploying and managing

More information

ANATOMY OF AN ATTACK!

ANATOMY OF AN ATTACK! ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable

More information

Cybersecurity Auditing in an Unsecure World

Cybersecurity Auditing in an Unsecure World About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity

More information

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS EPRO Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS The Role of Systems Engineering in Addressing Black Sky Hazards

More information

Connectivity 101 for Remote Monitoring Systems

Connectivity 101 for Remote Monitoring Systems Connectivity 101 for Remote Monitoring Systems Paul Wacker Moxa, Inc. Manager - Edge Connectivity Ariana Drivdahl Moxa, Inc. Product Marketing Manager Pain Points of Remote Monitoring Pressure to enhance

More information