ICS Security Innovation Asia Pacific ICS Security Summit. Singapore 2013

Transcription

1 ICS Security Innovation Asia Pacific ICS Security Summit Singapore 2013

2

3 Connected Enterprise Global automation landscape Connecting expertise Providing decision ready intelligence Data availability Two-way data flows Connecting people

4 Automation Innovation Virtualization Flexibility Smart IO Cloud services Future proofing Unlocking benefits Understand risks

5 Paths to an ICS External Networks Calibration ICS Field Devices & SIS Support

6 Reliability, Safety, Integrity See things differently Security is an essential building block Engineering ownership Responsibility across the value chain Integrated skill sets & responsibility Promote community efforts Learn events & near misses

7 IT Security Concepts/Engineering Application Driven (IT/OT) Convergence OT Systems Lifecycle Design Development Implementation Integration Operations & Maintenance Refresh/Retire Suppliers Integrators Utilities Technologist Experts *Source: Adaptation of a slide from NBISE and SPSP Report June 2013

8 Cyber Threats More structured and directed Victims are unable to detect Attacker free time over 416 days Conventional security not keeping up Freedom of movement & action Targeted attack against automation supplier Officials warn of increasing risks Creative leaps are becoming known

9 Threat Landscape LIKELIHOOD & DEFENSES Less Strategic Cyber Attacks - Highly Structured Major Economic Disruption Cyber Terrorism Asymmetric Warfare Cyber-Physical Damage Sophisticated Injection Stuxnet -like Targeted Cyber Attacks - Structured Direct & Targeted Monetary Gain Extreme Activist / Groups Advanced Persistent Threats Economic / Espionage Data Theft Data Manipulation /Destruction Concentrated General Cyber Attacks - Less Structured DDOS Notoriety & Fame Worm Hacking Economy DOS Activist Borrowing Resources Botnets Hacking? Defacements Resource Hijacking Probes More Low (Nuisance) High (Lost Productivity) (Lost Value) CONSEQUENCES (Loss of Safety and Reliability)

10 Need to Adapt Lessons of Constantinople Defender strategies change to meet advances in attacker capabilities Siege of 1453 marked an end of the wall as a principal defensive feature The defense of a city required investment in new tactics and techniques We have passed our inflection point Walls protected Constantinople from 404 to 1453 Panorama Museum: Ottoman siege canon Fausto Zonaro, Mehmet II Conquering Constantinople The Theodosian Walls represent the last great walled fortification. Cyber has passed this inflection point, but we continue to erect electronic palisades in the age of digital cannons

11 Secure People Integrating competencies Understanding & ownership Customized Automation chain External to cyber Cyber-informed engineering

12 Engineers ICS Suppliers & Integrators Business Users ICS Attackers

13 Overview of ICS ICS Drivers & Constraints Intro Brief history of ICS, regulation, and the need for ICS-focused security awareness training. Overview of ICS Attacks Overview of ICS components, industries, and support personnel roles and responsibilities. ICS Attack Surfaces Cybersecurity drivers and constraints that impact how a control system needs to be engineered, managed, and interfaced with. ICS Server Security Overview of ICS Threat Actors and examples of ICS based attacks and trends. Specific attack approaches that target various layers of the ICS system. Concepts specific to defending ICS environments at the server layer.

14 ICS Network Security ICS System Maintenance ICS Information Assurance Concepts specific to defending ICS environments at the network layer. ICS system maintenance tasks including patching, backups, change management, monitoring, and logging. ICS-focused information assurance program concepts including Risk Management, Account Management, Data Classification and Defense in Depth. Incident Handling Attack Scenario End Important ICS incident response topics for all individuals that interact with ICS environments. A detailed walk through of a cyber attack against an example organization, from the unique perspective of the attackers actions. A short wrap up to the training.

15 Secure Automation People pave the way Cloud to plant floor Cyber aware Deeper insight Design-to-retire Security traceability Think about tomorrow Think Past Cybersecurity

16 Reaching Greater Heights Understanding Informed decision making Shared expectations Innovation Confidence

17 Thank You