Cybersecurity: Hope is Not a Strategy Daryl Haegley GISCP, OCP OASD EI&E / ODASD IE August 15, 2017
|
|
- Flora Kelley
- 5 years ago
- Views:
Transcription
1 Cybersecurity Basics for Energy Managers Cybersecurity: Hope is Not a Strategy Daryl Haegley GISCP, OCP OASD EI&E / ODASD IE August 15, 2017 Tampa Convention Center Tampa, Florida
2 Smart Phones UNCLASSIFIED 2
3 Smart Medical Devices UNCLASSIFIED 3
4 Smart Home Devices UNCLASSIFIED 4
5 Smart Transportation Capability 5
6 Smart Energy Devices UNCLASSIFIED 6
7 Facility-Related Control Systems (FRCS) Definition: A subset of control systems that are used to monitor and control equipment and systems related to DoD real property facilities (e.g. building control systems, utility control systems, electronic security systems, and fire and life safety systems). DoD inventory: 500 Installations 4,000 Sites 250,000 Buildings 200,000 Structures Potentially 1,000s of FRCS in each building / structure 7
8 Cybersecurity Skills Crisis UNCLASSIFIED 8
9 SHODAN What s On You re Network? Smart Meters default password Default passwords commonly used in control systems 9
10 How Critical to Mission is Your System? YOU START HERE 10
11 Know Mission Dependencies to Assure Mission 11
12 Policy and Guidance UNCLASSIFIED ASD EIE memos 12, 14, 16 directs implementation plans DoDI 4170 Energy Management (update in progress) DoDI 8500 Cybersecurity; 8510 Risk Management Framework; 8530 Cybersecurity Activities Support (CIO) Cybersecuring Facility Related Control Systems Unified Facilities Criteria Risk Management Framework KS Portal; ESTCP/SERDP website Secretary of Defense Scorecard; National Defense Authorization Act
13 Best Practices for Securing Control Systems Mission Assurance Senior Steering Group Control Systems Working Group Develop Password Policies Security Awareness and Training Patch Management Maintenance Activities Modem Connection Network Design Securing Host Systems Advanced Cyber ICS Tactics, Techniques, and Procedures Detection Routine Monitoring, Inspection, Identification of adversarial presence, Documentation, Notifications Mitigation Protect the information network, Acquire and protect data for analysis, Maintain operations during an active attack Recovery Identify mission priorities, Acquire and protect data for analysis, Systematically Recover each affected device, Systematically reintegrate devices, processes, and network segments, Test and verify system to ensure devices are not re-infected NSA 13
14 14
15 15
16 16
17 What Does it Take to Cybersecure FRCS? Inventory Network Segregation and Segmentation User and Password Management Vulnerability Management Host-based Security Non-essential Hardware & Software removed Access Control Encryption Situational Awareness Routine Patching 17 More than Hope! If Not You re Job. Who s? Backups Connectivity Remote Maintenance On-site Maintenance Disposal Response and Recovery Physical Access Training/Awareness Continuous Monitoring Cloud Services Tactics, Techniques, and Procedures Preventing Exploitation?
18 Need a Patch? Wait 150 Days.. Research revealed SCADA vendors take ~ 150 days to release security patches Most ICS CERT advisories were easily preventable with better coding and fit in four main categories Memory corruption (20%) Credential management (19%) Authentication issues (23%) Code injection (9%) Urged to adopt the more secure development practices now widely used by mainstream OS and app developers Basic fuzzing techniques, or auditing for banned APIs could help improve security Highlights importance of operational testing prior to patching. Many FRCS do not have maintenance contracts or warranties with vendors and if those do exist, they don t include patching or testing patches. Many legacy FRCS were not designed for cybersecurity and are intended (and budgeted) to be in place for many years. 18
19 Target Data Breach 2013 UNCLASSIFIED Breach cost Target over $200M Hackers stole 40M credit card #s Exploit via HVAC contractor access to Target s network How similar to Office of Personnel Management (OPM) breach? SSNs of 21.5M individuals stolen 19.7M individuals that applied for background investigation 1.8M non-applicants, primarily spouses or co-habitants of applicants; 5.6M fingerprints Usernames and passwords for their forms also stolen Who ensures DoD energy, facility, & utility privatization contracts don t inadvertently allow similar via smart meters and control systems? 19
20 Ransomware UNCLASSIFIED 'WannaCry' affecting multiple global entities Increase our collective defenses across the Department and Federal networks: Do not click on links or download files in s unless you know for sure they are intended for you Ensure your personal devices are updated and patched Backup your data so you can recover your systems if they become infected Microsoft released a patch in March; Not Implemented by Many 20
21 Vaping & e-cigarettes A Cyber Threat? Smoking-cessation aids can be used to hack An e-cigarette could be used to intercept network traffic or control the computer by making it think the e-cig is a keyboard Many e-cigarettes can be charged over USB, and takes just a few simple tweaks to the vaporizer enabling ability to download malicious payloads from the web Limitation: e-cigs don t have much memory, so complex code is a no-go Many enterprises today block the use of USB ports, which would prevent an attack like this but some do not, so users should beware FRCS: if logical blocking USB ports isn t feasible, physical means should be used to secure access (e.g., locked, tamper-evident cabinets/enclosures in secured facilities, 21 glue-on port blockers for unused ports). Do not use USB port to charge a battery.
22 Fish Tank Hacks Casino UNCLASSIFIED Hackers attempted to acquire data from a North American casino via an Internetconnected fish tank Tank had sensors connected to a PC that regulated temperature, food and cleanliness Educate yourselves about IoT products Use security protection product offers Use latest operating systems and software and constantly update them 22
23 23
24 Key Takeaways UNCLASSIFIED Identify mission dependency on your system Connect with IT, operations, INTEL experts Verify hardware and software configurations, update schedule, sustainment requirements Ensure all new / updated energy projects use Unified Facilities Criteria (UFC) as a guide (& ESTCP website) Include cyber language in contracts Identify & verify how you handle energy data Ensure basic cyber hygiene: PASSWORD, Access, Patches, etc. 24
25 Who has the first question? Backups: Examples & Resources 25
26 A mysterious botnet has hijacked 300,000 devices, but nobody knows why (April 26, 2017) The Hajime botnet has so far infected 300,000 internetconnected devices since its inception, bringing digital video recorders, webcams, and routers under its control -- though it's careful not to target several specific networks, including the US Dept. of Defense Energy Managers can REACTIVELY look up (or ensure security staff are on it) what systems are affected and what the detection/mitigations are. For Hajime, it s blocking certain TCP ports, and UDP packet and Telnet session content. To be PROACTIVE, they need to apply the basic security practice of removing all unused code/applications/software, such as telnet, and employ a deny-all policy on hosts (in this case, IP cameras, DVRs, CCTV) and networking equipment (routers, firewalls and switches). Host-based firewalls are a good, additional layer of defense here to augment network protections. Energy managers can make sure suppliers/admins are applying host-based protections. 26
27 New Russian Cyber Weapon Industroyer / CrashOverRide Targeting ICS Capable of causing power failures. Biggest threat to ICS since Stuxnet. It s the culmination of over a decade of theory and attack scenarios, Caltagirone warned. It s a game changer. This attack targets electric grids. It s really important to account for all system components and have complete network diagrams/scans to be aware of interconnections and evaluate security. Physical and logical isolation of FRCS is best, plus whitelisting especially application whitelisting so that unauthorized programs cannot be executed. FRCS must be monitored! This attack tool collapses the timeline from access to impact. Quick detection is a must. 27
28 Hackers Are Targeting Nuclear Facilities The hackers appeared determined to map out computer networks for the future. The origins of the hackers are not known. But the report indicated that an advanced persistent threat actor was responsible, which is the language security specialists often use to describe hackers backed by governments. This attack is early in the cyber kill chain where nuclear facilities are being targeted to gather intelligence of the systems and networks. Phishing s are sent with attachments with malicious code, so cybersecurity awareness training for all FRCS operators (anyone with credentials) is critical to prevent unauthorized access. Again, it s crucial to monitor to detect unauthorized traffic/access and isolation of FRCS/networks, and to ensure there are no pivot points from corporate/operations networks to FRCS. 28
29 Remotely Hacking Ships UNCLASSIFIED The configuration of certain ships' satellite antenna systems leaves them wide open to attack. Anyone who gained access to the system in question could manually change a ship's GPS coordinates or possibly even brick the boat's navigation system entirely by uploading new firmware. The default login credentials, which are easily found online, remain unchanged on at least some devices. 29
30 Devil s Ivy UNCLASSIFIED "Devil's Ivy" is a vulnerability in a piece of code called gsoap widely used in physical security products, potentially allowing faraway attackers to fully disable or take over thousands of models of internet-connected devices from security cameras to sensors to access-card readers. A patch has been released, however patching can be so spotty in the internet of things that it could persist unfixed in a large swath of devices. 30
31 Experts are calling the WannaCry ransomware incident the largest cyber-attack in history WannaCry takes over computer systems, shutting them down and demanding a ransom payment of $300 in bitcoin to have the computer unlocked. The ransomware attack hit more than 200,000 computers in 150 countries, crippling hospitals, governments and businesses. XP is still in use in energy control systems. Patches should be identified, tested and applied on these systems. Testing is particularly important, as patches may impact system operations. An assessment with passive scanning should be done to ensure there are not connections to other networks or the internet. XP systems should only be used as standalone or in physically air-gapped networks. 31
32 Resources UNCLASSIFIED Strategic Environmental Research and Development Program (SERDP) and Environmental Security Technology Certification Program (ESTCP) [info & funding solicitations] Risk Management Framework (RMF) Knowledge Service (KS) -DoD's official site for enterprise RMF policy and implementation guidelines Department of Defense Advanced Control System Tactics, Techniques, and Procedures (TTPs) Revision 1, 2017: UFC CYBERSECURITY OF FACILITY-RELATED CONTROL SYSTEMS Sept UFGS CYBERSECURITY OF FACILITY-RELATED CONTROL SYSTEMS Feb DoD OASD(EI&E) and Federal Facilities Council (FFC), under the National Research Council (NRC) sponsored a 3-day Building Control System Cyber Resilience Forum in Nov '15. DoDI Cybersecurity in the Defense Acquisition System Jan Office of the Assistant Secretary of Defense for Energy, Installations, and Environment Installation Energy (IE) IEC STANDARDS AND ISASECURER CERTIFICATION: APPLICABILITY TO BUILDING CONTROL SYSTEMS each subpage offers a PDF document: Audit of Industrial Control System Security within NASA's Critical and Supporting Infrastructure (IG ) Whole Building Design Guide website cyber references National Initiative for Cybersecurity Careers and Studies - free cyber training Industrial Control Systems Joint Working Group (ICSJWG) DHS Cyber Security Evaluation Tool: DoDI Cybersecurity 14 March DoDI Risk Management Framework 12 March DoDI Cybersecurity Activities Support to DoD Information Network Operations 7 March NIST SP r2 Guide to Industrial Control Systems (ICS) Security May GAO Improvements in DOD Reporting and Cybersecurity Implementation Needed to Enhance Utility Resilience Planning GAO 15-6 DHS and GSA Should Address Cyber Risk to Building and Access Control Systems GAO SU Defense Cybersecurity: DOD Needs to Better Plan for Continuity of Operations in a Degraded Cyber Environment and Increased Oversight (For Official Use Only) Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure 32
Build Your Cybersecurity Program in Minutes: Click, Copy, Modify, Implement
FEMP Cybersecurity Program Review Build Your Cybersecurity Program in Minutes: Click, Copy, Modify, Implement Daryl Haegley GISCP, OCP OASD EI&E / ODASD IE August 15, 2017 Tampa Convention Center Tampa,
More informationProtecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities
Cybersecurity Basics For Energy Managers Protecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities Michael Mylrea Manager, Cybersecurity & Energy Technology Pacific
More informationDoD Terminology Decision In Progress: PIT, CS, PIT-CS, ICS,OT, SCADA, CPS, IoT, IIoT
DoD Terminology Decision In Progress: PIT, CS, PIT-CS, ICS,OT, SCADA, CPS, IoT, IIoT PIT = Platform Information Technology CS = Control Systems PIT-CS = PIT Control Systems ICS = Industrial Control Systems
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationCybersecurity in Acquisition
Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationEnergy Control Systems Cybersecurity Considerations
Track 4 Session 5 Energy Control Systems Cybersecurity Considerations Daryl Haegley Office of the Assistant Secretary of Defense (Energy, Installations, & Environment) August 10 2016 Rhode Island Convention
More informationRocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency
Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency Mr. Ed Brindley Acting Deputy Cyber Security Department of Defense 7 March 2018 SUPPORT THE WARFIGHTER 2 Overview Secretary Mattis Priorities
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationLegal Issues Surrounding the Internet of Things and Other Emerging Technology
Legal Issues Surrounding the Internet of Things and Other Emerging Technology ACC Houston Chapter Meeting September 12, 2017 Jonathan Ishee Vorys Sater Seymour and Pease, LLP Dean Fisher RigNet Overview
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationInformation Warfare Industry Day
Information Warfare Industry Day 20180510 RDML Barrett, OPNAV N2N6G TRANSPORT COMMERCIAL INTERNET DISN SCI Coalition Networks ADNS TELEPORT NMCI & ONE-NET JRSS MOC GNOC NCDOC USMC ISNS / CANES / SUBLAN
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationWelcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time
TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar:
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationSection One of the Order: The Cybersecurity of Federal Networks.
Summary and Analysis of the May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Introduction On May 11, 2017, President Donald
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationCyber Attacks & Breaches It s not if, it s When
` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities,
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationAddressing Cybersecurity in Infusion Devices
Addressing Cybersecurity in Infusion Devices Authored by GEORGE W. GRAY Chief Technology Officer / Vice President of Research & Development Ivenix, Inc. INTRODUCTION Cybersecurity has become an increasing
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationCybersecurity & Privacy Enhancements
Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their
More informationSmart Grid Standards and Certification
Smart Grid Standards and Certification June 27, 2012 Annabelle Lee Technical Executive Cyber Security alee@epri.com Current Environment 2 Current Grid Environment Legacy SCADA systems Limited cyber security
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More informationInformation Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV
Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Host Intrusion The Host Intrusion employs a response to a perceived incident of interference on a host-based system
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationCyber Hygiene: A Baseline Set of Practices
[DISTRIBUTION STATEMENT A] Approved for public Cyber Hygiene: A Baseline Set of Practices Matt Trevors Charles M. Wallen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright
More informationCyber Security on Commercial Airplanes
Cyber Security on Commercial Airplanes John Craig Chief Engineer Cabin and Network Systems The Boeing Company October 2014 1 Top ten tips Richard A. Clarke 1. Don t be in denial 2. Don t underestimate
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationNIST Cybersecurity Framework Protect / Maintenance and Protective Technology
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology Presenter Charles Ritchie CISSP, CISA, CISM, GSEC, GCED, GSNA, +6 Information Security Officer IT experience spanning two centuries
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationForging a Stronger Approach for the Cybersecurity Challenge. Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health
Forging a Stronger Approach for the Cybersecurity Challenge Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health 1 Speaker Introduction Tom Stafford, Vice President & CIO Education: Bachelors
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationDepartment of Defense Cybersecurity Requirements: What Businesses Need to Know?
Department of Defense Cybersecurity Requirements: What Businesses Need to Know? Why is Cybersecurity important to the Department of Defense? Today, more than ever, the Department of Defense (DoD) relies
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationNAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6)
NAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6) 1 Creating Cyber Secure Enterprise Control Systems Networks Agenda US Navy, NDW Industrial Controls overview The new cyber threat
More informationIT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationNew Guidance on Privacy Controls for the Federal Government
New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,
More informationLooking Forward: USACE MILCON Cybersecurity Integration
Energy Exchange 2017 - Track 4 - Cyber and Control System Technologies, Session 2 - Understanding and implementing the RMF Process Looking Forward: USACE MILCON Cybersecurity Integration Mr. Daniel Shepard
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationSupply Chain (In)Security
Supply Chain (In)Security IEEE Cybersecurity Speaker Chris Webb Partner, Security Practice Orange County, California 20+ years of experience developing, securing, and managing enterprise systems. Specializes
More informationTABLE OF CONTENTS. Section Description Page
GPA Cybersecurity TABLE OF CONTENTS Section Description Page 1. Cybersecurity... 1 2. Standards... 1 3. Guides... 2 4. Minimum Hardware/Software Requirements For Secure Network Services... 3 4.1. High-Level
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationRethinking Cybersecurity from the Inside Out
Rethinking Cybersecurity from the Inside Out An Engineering and Life Cycle-Based Approach for Building Trustworthy Resilient Systems Dr. Ron Ross Computer Security Division Information Technology Laboratory
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More information10/18/2016. Preparing Your Organization for a HHS OIG Information Security Audit. Models for Risk Assessment
Preparing Your Organization for a HHS OIG Information Security Audit David Holtzman, JD, CIPP/G CynergisTek, Inc. Brian C. Johnson, CPA, CISA HHS OIG Section 1: Models for Risk Assessment Section 2: Preparing
More informationInformation Governance, the Next Evolution of Privacy and Security
Information Governance, the Next Evolution of Privacy and Security Katherine Downing, MA, RHIA, CHPS, PMP Sr. Director AHIMA IG Advisors Follow me @HIPAAQueen 2017 2017 Objectives Part Part I IG Topic
More informationNEN The Education Network
NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected
More informationCISO as Change Agent: Getting to Yes
SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch
More informationRussian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall
Russian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall 1 U.S. and U.K. authorities last week alerted the public to an on-going effort to exploit network infrastructure devices including
More informationCYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW
CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW May 2018 Ed Plawecki General Counsel & Director of Government Relations UHY LLP Jamie See Manager UHY LLP Iowa Public
More informationDFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com
DFARS Compliance SLAIT Consulting SECURITY SERVICES Mike D Arezzo Director of Security Services Introduction 18+ year career in Information Technology and Security General Electric (GE) as Software Governance
More informationDepartment of Defense. Installation Energy Resilience
Department of Defense Installation Energy Resilience Lisa A. Jung DASD (Installation Energy) OASD(Energy, Installations and Environment) 19 June 2018 Installation Energy is Energy that Powers Our Military
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationRisk Assessments, Continuous Monitoring & Intrusion Detection, Incident Response
Risk Assessments, Continuous Monitoring & Intrusion Detection, Incident Response Michael Chipley, PhD PMP LEED AP President January 6, 2014 mchipley@pmcgroup.biz 1 Risk Assessments Multiple Standards and
More informationNIST Security Certification and Accreditation Project
NIST Security Certification and Accreditation Project An Integrated Strategy Supporting FISMA Dr. Ron Ross Computer Security Division Information Technology Laboratory 1 Today s Climate Highly interactive
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Port Security Port Security helps to control access to logical and physical ports, protocols, and services. This
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationMission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS
Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS Stephanie Poe, DNP, RN-BC CNIO, The Johns Hopkins Hospital and Health System Discussion Topics The Age of Acceleration Cyber
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More information