Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016
|
|
- Winfred Blake
- 6 years ago
- Views:
Transcription
1 Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016
2 Agenda Overview What s new in PI Security Demo What s coming next Call to Action 2
3 Cyber Security is more of a Marathon than a Sprint Release Cadence Quicker response time More agile and predictable Most, not all products Ethical Disclosure Policy Transparency Do no harm 3
4 Boundary Protection is Essential Transmission & Distribution SCADA Critical Systems Limits direct access to critical systems while expanding the value use of information. Plant DCS PLCs Infrastructure Environmental Systems Other critical operations systems Security Perimeter Reduce the risks on critical systems
5 Best Practices are Advancing Engineering Bow-Tie Model ICS Security Bow-Tie Evaluating Cyber Risk in Engineering Environments: A Proposed Framework and Methodology
6 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Classic PI System Kill Chain Many opportunities to defend Attack scenarios are complex Resists common malware 1 The Internet WEB Page Drive By Processbook Client Admin OS Access Unauthenticated access PI Data Archive Unauthorized access to data Administrative access to operating system Interface Node Control system pwned 5 Control System Social Engineering Web Browser Compromise User OS Access Administrative access to operating system PI Data Archive Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Interface Node Compromise Control system slow or unresponsive Phishing Network Node Access Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Spread malware to client connections 6
7 What s New in PI Security 7
8 Classic PI Client Desktop Processbook 2015 R2 Memory corruption defenses (VS2013) Removes.NET Framework 3.5 dependency Improves support for EMET PI SDK 2016 Memory corruption defenses (VS2015) MS Runtime Updates Transport Security (Data Integrity and Privacy) KB How To Enhance Security in PI ProcessBook Using EMET 8
9 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Modern PI System Kill Chain Latest defensive technology More separation from threat to target Shifts cost from defender to attacker 1 The Internet WEB Page Drive By Coresight Client in Web Browser Admin OS Access Unauthenticated access Coresight Server Unauthorized access to data Unauthenticated access PI Server Unauthorized access to data Administrative access to operating system Connector Control system pwned 6 Control System Social Engineering Web Browser Compromise User OS Access Authenticated Access Coresight Server Compromise Manipulation of configuration Administrative access to operating system PI Server Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Connector Compromise Control system slow or unresponsive Phishing Network Node Access Exploit vulnerable product or service Missing or tainted data sent to users or downstream services Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Admin Access to OS/ SQL Server Service delays or unresponsive Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Overload Server (DoS) Spread malware to client connections Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Coresight acts as client to another resource Spread malware to client connections PI Square: Hardcore PI Coresight Hardening 9
10 Advanced Security in PI Coresight 2016 R2 Login using an external Identity Provider No need to expose corporate AD credentials PI Coresight OpenID Connect Claims ID Provider Active Directory PI Server PI3, WCF Business Network Business Partner/Cloud/Mobile Network 10
11 Security Changes for PI Server 11
12 PI AF Recent Security Changes 2015 Identity Mappings Service Hardening AF Client to Data Archive Transport Security 2016 IsManualDataEntry Annotate Permission File Attachment Checks File Type MS Office Text rtf, txt Image ProcessBook Allowed Extensions csv, docx, pdf, xlsx gif, jpeg, jpg, png, svg, tiff pdi PI System Explorer 2016 User Guide: Security for Annotations 12
13 PI Data Archive Recent Security Changes 2015 Compiler Defenses Code Safety Transport Security 2016 Auto Recovery Archive Reprocessing 13
14 Security Changes for PI System Interfaces 14
15 PI Buffer Subsystem 2015 Code Safety Transport Security with Windows Authentication 2016 Service Accounts Managed Service Account (Domain only) Virtual Service Account API BUFSERV for Windows
16 PI Interfaces New options for securing Data Source Read PI Interface Input Write Output Operating System 16
17 PI Interfaces New options for securing Data Source Read PI Interface Input Write X X Output White list Operating System New Features: 1. Least privileges 2. Read-only and read-write 3. White list output points 17
18 Code Hardened PI Interfaces Hardened PI Interface for ESCA HABConnect Alarms and Events PI Interface for Cisco Phone PI Interface for ESCA HABConnect PI to PI Interface PI Interface for CA ISO ADS Web Service PI Interface for IEEE C PI Interface for Performance Monitor PI Interface for Siemens Spectrum Power TG PI Interface for OPC DA PI Interface for Relational Database (RDBMS via ODBC) PI Interface for Universal File and Stream Loading (UFL) Hardened + Read-Only Available PI Interface for Foxboro I/A 70 Series PI Interface for Metso maxdna PI Interface for Citect PI Interface for SNMP Trap PI Interface for Modbus Ethernet PLC PI Interface for OPC HDA PI Interface for GE FANUC Cimplicity HMI PI Interface for ACPLT/KS 18
19 Transport Security Everywhere From Connection PI Trust NTLM RC4/MD5 Active Directory (Kerberos) AES256/SHA1* PI Buffer Subsystem PI Connectors PI Datalink PI Processbook PI Interfaces 19
20 Introducing PI API 2016 for Windows Integrated Security 20
21 PI API 2016 for Windows Integrated Security Compiler Defenses Code Safety Transport Security Data Integrity and Privacy Backward Compatible No changes to existing PI Interfaces PI Mapping is Required, PI API 2016 does not attempt PI Trust connection! 21
22 22
23 Security Changes in Progress 23
24 PI Connector Architecture PI Connectors PI Connector Relay Certificates Windows Security Edge DMZ Enterprise 24
25 PI System Connector Source PI System & PI System Connector PI Connector Relay Destination PI System PI Points Real-time Data Elements Templates Control DMZ Corporate 25
26 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact PI System Kill Chain with Relay Latest defensive technology More separation from threat to target Flexible and defensible architecture 1 The Internet WEB Page Drive By Coresight WEB Client Admin OS Access Unauthenticated access Coresight Server Unauthorized access to data Unauthenticated access PI Archive & AF Servers Unauthorized access to data Administrative access to operating system Connector Relay Control system pwned Administrative access to operating system Connector Control system pwned 7 Control System Social Engineering Web Browser Compromise User OS Access Authenticated Access Coresight Server Compromise Manipulation of configuration Administrative access to operating system PI Archive or AF Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Connector Relay Compromise Control system slow or unresponsive Exploit vulnerable product or service to inject malware on interface node Connector Compromise Control system slow or unresponsive Phishing Network Node Access Exploit vulnerable product or service Missing or tainted data sent to users or downstream services Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Admin Access to OS/ SQL Server Service delays or unresponsive Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Use interfaces to overload control system Loss of view including fake sensor data Overload Server (DoS) Spread malware to client connections Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Use PI data as part of a covert command and control channel Coresight acts as client to another resource Spread malware to client connections 26
27 Infrastructure Hardened PI System Global. Trusted. Sustainable. 27
28 What is Infrastructure Hardened? Extremely Reliable Well Tested Proven Capability Trusted Security Development Lifecycle Process Training Requirements Design Implementation Verification Release Response 28
29 29
30 Microsoft Project Springfield Early Adopter Resists pathological PI SQL data queries Cortana Ready Data Safe import and export of AF asset structures Robust support for intensive bulk data calls Reliable access to archive data
31 Key PI System Security Resources
32 Actions Defend your critical systems Establish an update cadence Take advantage of integrated security 32
33 Contact Information Brian Bostwick Market Principal, Cyber Security Bryan Owen PE Principal Cyber Security Manager 33
34 Thank You
What s New in PI Security?
What s New in PI Security? Presented by Bryan Owen PE Felicia Mohan Agenda Overview What s new Demo What s coming next Call to Action 3 Cyber Security is more of a Marathon than a Sprint Release Cadence
More informationWhat s new in PI System Security?
What s new in PI System Security? Presented by Brian Bostwick Kevin Geneva The Seven Most Dangerous New Attack Techniques SANS: Alan Paller, Ed Skoudis, Michael Assante, Johannes Ullrich 1. Ransomware
More informationCyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
More informationWhat s new in PI System Security?
What s new in PI System Security? Presented by Brian Bostwick Felicia Mohan Infrastructure Hardened PI System Global. Trusted. Sustainable. 2 What is Infrastructure Hardened? Extremely Reliable Well Tested
More informationAre Mobile Technologies Safe Enough for Industrie 4.0?
Are Mobile Technologies Safe Enough for Industrie 4.0? Presented by Bryan Owen PE Mobile Technology is Awesome! Cameras Drone UAVs GPS Sensors Smart phones Wearables https://www.osisoft.com/presentations/geospatial-sensor---driven-analytics-using-drones/
More informationHardcore PI System Hardening
Hardcore PI System Hardening Jozef Sujan, Lubos Mlcoch 1 Agenda 1. No-nonsense approach to Cyber Security 2. The Power of... PowerShell 3. Deadly Sins of PI Administrators Note: All examples in this presentation
More information2009 OSIsoft, LLC. OSIsoft vcampus Live! where PI geeks meet OSIsoft, LLC. OSIsoft vcampus Live! 2009 where PI geeks meet
2009 OSIsoft, LLC. OSIsoft vcampus Live! where PI geeks meet 1 Considerations of the new PI Security Model Bryan S. Owen OSIsoft Cyber Security Manager 2 Security Roadmap 3 Security Reality Today State
More informationNew to PI SDK and AF SDK 2010
New to PI SDK and AF SDK 2010 Presented By: Jay Lakumb and Charlie Henze, OSIsoft Where PI geeks meet 9/23/2010 PI SDK Buffering Use Cases Functionality Demo New PI SDK Utility Next Steps Where PI geeks
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Zdenek Ryska, Senior Software Developer Technology Evolves What if I asked you to: Call your coworker?
More informationThe Power of Connection
The Power of Connection Presented by Mana Afshari, Systems Engineer mafshari@osisoft.com Why is Connectivity Important? Context Need Solution More data sources available Advanced analyses require information
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Rajesh Balaraman, Team Lead Xiaoli Tang, Software Developer Technology Evolves What if I asked you to:
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for PI Connectors and PI Interfaces Presented by Tadeas Marciniak, Field Service Engineer Zdenek Ryska, Software Developer ODBC HTML/XML IPMI SNMP S88 2 PI Interfaces New
More informationOSIsoft Technologies for the Industrial IoT and Industry 4.0
OSIsoft Technologies for the Industrial IoT and Industry 4. Dan Lopez, Senior Systems Engineer Wednesday November 27 Industry 4. and Industrial IoT The Development of Industry 4. Industry. Industry 2.
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationZero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection
Zero Trust on the Endpoint Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection March 2015 Executive Summary The Forrester Zero Trust Model (Zero Trust) of information
More informationFirewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationHow to Pick the Right PI Developer Technology for your Project
How to Pick the Right PI Developer Technology for your Project Presented by Patrice Thivierge Fortin Regional Services Lead, France Why talking about picking the right PI Developer Technology? To provide
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationPremediation. The Art of Proactive Remediation. Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C.
Premediation The Art of Proactive Remediation Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C. Overview Case Study Remediation Overview Premediation
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More informationCybersecurity for IoT to Nuclear
Seminar Series Cybersecurity for IoT to Nuclear Fred Cohn, Program Director Property of Schneider Electric Who Am I? Program Director, Schneider Electric Product Security Office Cybersecurity Strategy
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationCOPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51
Acknowledgments Introduction Part I: The Basics in Depth 1 Chapter 1: Windows Attacks 3 Attack Classes 3 Automated versus Dedicated Attacker 4 Remote versus Local 7 Types of Attacks 8 Dedicated Manual
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationExpanding Your System past just a PI Historian A 2016 Update
Expanding Your System past just a PI Historian A 2016 Update Bruce McCamant, TSI September 15, 2016 USERS GROUP Copyright 2015 OSIsoft, LLC. Triencon Services, Inc. An Energy Services Company Providing
More informationOPSWAT Metadefender. Superior Malware Threat Prevention and Analysis
OPSWAT Metadefender Superior Malware Threat Prevention and Analysis OPSWAT Products Threat protection and security Threat prevention and analysis 30+ anti-malware engines 90+ data sanitization engines
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationHow to Pick the Right PI Developer Technology for your Project
How to Pick the Right PI Developer Technology for your Project Presented by Ray Verhoeff Product Manager Topics What Problems are you trying to solve? Where are you solving them? About PI Developer Technologies
More informationComputers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady
Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day
More information# ROLE DESCRIPTION / BENEFIT ISSUES / RISKS
As SharePoint has proliferated across the landscape there has been a phase shift in how organizational information is kept secure. In one aspect, business assets are more secure employing a formally built
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More informationModicon M580 MUCH MORE than a PLC. the first epac!
Modicon M580 MUCH MORE than a PLC the first epac! The new Modicon M580 is MUCH MORE than a simple PAC it is the epac with Ethernet built right into its core. Developed on the back of our latest innovations
More informationBuilding Secure Systems
Building Secure Systems Antony Selim, CISSP, P.E. Cyber Security and Enterprise Security Architecture 13 November 2015 Copyright 2015 Raytheon Company. All rights reserved. Customer Success Is Our Mission
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationTHREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda
THREAT MODELING IN SOCIAL NETWORKS Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda INTRODUCTION Social Networks popular web service. 62% adults worldwide use social media 65% of world top companies
More informationArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT
ArcGIS Enterprise Security: An Introduction Randall Williams Esri PSIRT Agenda ArcGIS Enterprise Security for *BEGINNING to INTERMIDIATE* users ArcGIS Enterprise Security Model Portal for ArcGIS Authentication
More informationOSIsoft Release Notes
OSIsoft Release Notes PI OPC DA Server 2017 Version 2.2.1 2017 OSIsoft, LLC. All rights reserved Table of Contents Overview... 1 Fixes and Enhancements... 1 Fixes... 1 Enhancements... 2 Known Issues...
More informationICALEPCS 2013 San Francisco
UNIDIRECTIONAL SECURITY GATEWAYS Unidirectional Security Gateways Stronger Than Firewalls ICALEPCS 2013 San Francisco Andrew Ginter VP Industrial Security Waterfall Security Solutions Proprietary Information
More informationModicon M580 PAC. CSPN Security Target. Version
Modicon M580 PAC CSPN Security Target Version 1.5-1 - Introduction A CSPN security target is a document specifying the scope of a CSPN evaluation [CSPN]. The Security Target serves as a basis for agreement
More informationIndustrial Control System Security white paper
Industrial Control System Security white paper The top 10 threats to automation and process control systems and their countermeasures with INSYS routers Introduction With the advent of M2M (machine to
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationWindows IoT Security. Jackie Chang Sr. Program Manager
Windows IoT Security Jackie Chang Sr. Program Manager Rest Physical access to a device will not give access to data Data & Control Execution Data owner has full control over data processing Motion Transport
More informationTools, Techniques, and Methodologies: A Survey of Digital Forensics for SCADA Systems
Tools, Techniques, and Methodologies: A Survey of Digital Forensics for SCADA Systems Presenters: Rima Asmar Awad, Saeed Beztchi Co-Authors: Jared M. Smith, Stacy Prowell, Bryan Lyles Overview Supervisory
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationStrategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare
Strategy is Key: How to Successfully Defend and Protect Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare 1 Speaker Introduction Karl West Chief Information Security Officer Intermountain
More informationServer Tailgating A Chosen- Plaintext Attack on RDP. - Eyal Karni - Yaron Zinar - Roman Blachman
Server Tailgating A Chosen- Plaintext Attack on RDP - Eyal Karni - Yaron Zinar - Roman Blachman Speaker Info Eyal Karni Security Researcher @ Preempt Yaron Zinar Lead Security Researcher @ Preempt Roman
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationFile Routing & Collaboration. I.T. & Client Configuration Guide. Version 7.0
File Routing & Collaboration I.T. & Client Configuration Guide Version 7.0 DIGITAL WORKSPACE 7.0 V1 Date Modified 08/19/2016 Revision History Date Version Description Author August 19, 2016 1 Original
More informationSecurity Solutions. Overview. Business Needs
Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationDetecting Insider Attacks on Databases using Blockchains
Detecting Insider Attacks on Databases using Blockchains Shubham Sharma, Rahul Gupta, Shubham Sahai Srivastava and Sandeep K. Shukla Department of Computer Science and Engineering Indian Institute of Technology,
More informationWho Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom
WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication
More informationChallenge: Harden the PI System against cyber threats. Copyr i ght 2014 O SIs oft, LLC.
1 Challenge: Harden the PI System against cyber threats Presented by Bryan S. Owen PE 4: Least Privileges 3 Hmmm. How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just getting started.
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationThe Future of Industrial Control Systems Security
The Future of Industrial Control Systems Security Amir Samoiloff, CEO, Siga Security Ilan Gendelman, CTO, Siga Security www.sigasec.com The Importance of Operating Technology Systems Modern life relies
More informationImplementing Security in Windows 2003 Network (70-299)
Implementing Security in Windows 2003 Network (70-299) Level 1 Authorization & Authentication 2h 20m 20s 1.1 Group Strategy 1.2 Group Scopes 1.3 Built-in Groups 1.4 System or Special Groups 1.5 Administrating
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationIMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP
IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP North America Latin America Europe 877.224.8077 info@coalfire.com coalfire.com Coalfire sm and CoalfireOne sm are registered service
More informationAgenda: Insurance Academy Event
Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security
More informationDetecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC
Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions
More informationGoogle on BeyondCorp: Empowering employees with security for the cloud era
SESSION ID: EXP-F02 Google on BeyondCorp: Empowering employees with security for the cloud era Jennifer Lin Director, Product Management, Security & Privacy Google Cloud What is BeyondCorp? Enterprise
More informationLegacy-Compliant Data Authentication for Industrial Control System Traffic
Legacy-Compliant Data Authentication for Industrial Control System Traffic John Henry Castellanos, Daniele Antonioli, Nils Ole Tippenhauer and Martín Ochoa Singapore University of Technology and Design
More informationDetails withheld at reviewer request. Process Design and Automation (Pty)Ltd Phone: +27 (0)
Adroit Technologies End-user details Name: Details withheld at reviewer request SI details Name: Kobus Sutherland Designation: Director Company: Process Design and Automation (Pty)Ltd Phone: +27 (0)12
More informationOSIsoft IIoT Overview Chicago Regional Seminar 2016
OSIsoft IIoT Overview Chicago Regional Seminar 2016 Chris Felts Sr. Product Manager September 21, 2016 IIoT Reference Architecture Presented by Cisco at the IoT World Forum, October, 2014 2 Embedded-Based
More informationMicrosoft SDL 한국마이크로소프트보안프로그램매니저김홍석부장. Security Development Lifecycle and Building Secure Applications
Release Conception Microsoft SDL Security Development Lifecycle and Building Secure Applications KRnet 2010 2010. 6. 22. 한국마이크로소프트보안프로그램매니저김홍석부장 Hongseok.Kim@microsoft.com Agenda Applications under Attack
More informationPI Server 2010: Satyam Godasi Sr. Developer. Jay Lakumb Product Manager. Denis Vacher Group Lead. Copyright 2010, OSIsoft LLC. All rights reserved.
PI Server 2010: Jay Lakumb Product Manager Denis Vacher Group Lead Satyam Godasi Sr. Developer PI Enterprise Server 2010 What is PI Server 2010? Protecting Your Investment Deploying/Configuring Unlocking
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationUCOS User-Configurable Open System
UCOS User-Configurable Open System User-Configurable Open System (UCOS) UCOS is a complete control system solution. It includes graphical development software, a graphical human machine interface (HMI),
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationCourse Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture
About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (1 st Week) Outline Course Information and Policies Course Syllabus 1. Overview Course Information Instructor: Prof. Dr. Hasan H. BALIK, balik@yildiz.edu.tr,
More informationThe Claroty Difference
Solution Brief Bringing Clarity To OT Network Claroty enables customers to secure and optimize the industrial control networks that run the world s most critical infrastructure. The company s enterprise-class
More informationNew Technologies for Cyber Security
New Technologies for Cyber Security Presented by Jim Davidson jdavidson@osisoft.com Security Products Manager OSIsoft, LLC Bryan Owen bowen@osisoft.com Cyber Security Manager OSIsoft, LLC 2 How Do Breaches
More informationIndependent DeltaV Domain Controller
Independent DeltaV Domain Controller The domain controller functionality can be de-coupled from the ProfessionalPLUS / Application stations in DeltaV systems version 14.3 and higher. Table of Contents
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationCyber Threats: What Should I Do to Harden my PI System?
Cyber Threats: What Should I Do to Harden my PI System? Presented by Vadim Sizykh Omar Mohsen 2 4: Least Privileges 3 Hmmm How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just
More information*NSTAC Report to the President on the Internet of Things.
North Carolina Highway Signs Compromised By a Foreign Hacker* Penetration of a Water Treatment Facility by a Foreign Hacker* *NSTAC Report to the President on the Internet of Things. www.dhs.gov/sites/default/files/publications/
More informationAUTOMATED SECURITY ASSESSMENT AND MANAGEMENT OF THE ELECTRIC POWER GRID
AUTOMATED SECURITY ASSESSMENT AND MANAGEMENT OF THE ELECTRIC POWER GRID Sherif Abdelwahed Department of Electrical and Computer Engineering Mississippi State University Autonomic Security Management Modern
More informationIE156: ICS410: ICS/SCADA Security Essentials
IE156: ICS410: ICS/SCADA Security Essentials IE156 Rev.001 CMCT COURSE OUTLINE Page 1 of 6 Training Description: In this five-day intensive training, participants will develop and reinforce a common language
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationCyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies lwihl@scalable-networks.com 2 The Need OT security particularly in the
More information