Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016"

Transcription

1 Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016

2 Agenda Overview What s new in PI Security Demo What s coming next Call to Action 2

3 Cyber Security is more of a Marathon than a Sprint Release Cadence Quicker response time More agile and predictable Most, not all products Ethical Disclosure Policy Transparency Do no harm https://techsupport.osisoft.com/troubleshooting/ethical-disclosure-policy 3

4 Boundary Protection is Essential Transmission & Distribution SCADA Critical Systems Limits direct access to critical systems while expanding the value use of information. Plant DCS PLCs Infrastructure Environmental Systems Other critical operations systems Security Perimeter Reduce the risks on critical systems

5 Best Practices are Advancing Engineering Bow-Tie Model ICS Security Bow-Tie Evaluating Cyber Risk in Engineering Environments: A Proposed Framework and Methodology https://www.sans.org/reading-room/whitepapers/ics/evaluating-cyber-risk-engineering-environments-proposedframework-methodology-37017

6 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Classic PI System Kill Chain Many opportunities to defend Attack scenarios are complex Resists common malware 1 The Internet WEB Page Drive By Processbook Client Admin OS Access Unauthenticated access PI Data Archive Unauthorized access to data Administrative access to operating system Interface Node Control system pwned 5 Control System Social Engineering Web Browser Compromise User OS Access Administrative access to operating system PI Data Archive Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Interface Node Compromise Control system slow or unresponsive Phishing Network Node Access Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Spread malware to client connections https://pisquare.osisoft.com/groups/security/blog/2016/08/02/bow-tie-for-cyber-security-0x01-how-to-tie-a-cyber-bow-tie 6

7 What s New in PI Security 7

8 Classic PI Client Desktop Processbook 2015 R2 Memory corruption defenses (VS2013) Removes.NET Framework 3.5 dependency Improves support for EMET PI SDK 2016 Memory corruption defenses (VS2015) MS Runtime Updates Transport Security (Data Integrity and Privacy) KB How To Enhance Security in PI ProcessBook Using EMET 8

9 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Modern PI System Kill Chain Latest defensive technology More separation from threat to target Shifts cost from defender to attacker 1 The Internet WEB Page Drive By Coresight Client in Web Browser Admin OS Access Unauthenticated access Coresight Server Unauthorized access to data Unauthenticated access PI Server Unauthorized access to data Administrative access to operating system Connector Control system pwned 6 Control System Social Engineering Web Browser Compromise User OS Access Authenticated Access Coresight Server Compromise Manipulation of configuration Administrative access to operating system PI Server Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Connector Compromise Control system slow or unresponsive Phishing Network Node Access Exploit vulnerable product or service Missing or tainted data sent to users or downstream services Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Admin Access to OS/ SQL Server Service delays or unresponsive Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Overload Server (DoS) Spread malware to client connections Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Coresight acts as client to another resource Spread malware to client connections PI Square: Hardcore PI Coresight Hardening 9

10 Advanced Security in PI Coresight 2016 R2 Login using an external Identity Provider No need to expose corporate AD credentials PI Coresight OpenID Connect Claims ID Provider Active Directory PI Server PI3, WCF Business Network Business Partner/Cloud/Mobile Network 10

11 Security Changes for PI Server 11

12 PI AF Recent Security Changes 2015 Identity Mappings Service Hardening AF Client to Data Archive Transport Security 2016 IsManualDataEntry Annotate Permission File Attachment Checks File Type MS Office Text rtf, txt Image ProcessBook Allowed Extensions csv, docx, pdf, xlsx gif, jpeg, jpg, png, svg, tiff pdi PI System Explorer 2016 User Guide: Security for Annotations 12

13 PI Data Archive Recent Security Changes 2015 Compiler Defenses Code Safety Transport Security 2016 Auto Recovery Archive Reprocessing 13

14 Security Changes for PI System Interfaces 14

15 PI Buffer Subsystem 2015 Code Safety Transport Security with Windows Authentication 2016 Service Accounts Managed Service Account (Domain only) Virtual Service Account API BUFSERV for Windows

16 PI Interfaces New options for securing Data Source Read PI Interface Input Write Output Operating System 16

17 PI Interfaces New options for securing Data Source Read PI Interface Input Write X X Output White list Operating System New Features: 1. Least privileges 2. Read-only and read-write 3. White list output points 17

18 Code Hardened PI Interfaces Hardened PI Interface for ESCA HABConnect Alarms and Events PI Interface for Cisco Phone PI Interface for ESCA HABConnect PI to PI Interface PI Interface for CA ISO ADS Web Service PI Interface for IEEE C PI Interface for Performance Monitor PI Interface for Siemens Spectrum Power TG PI Interface for OPC DA PI Interface for Relational Database (RDBMS via ODBC) PI Interface for Universal File and Stream Loading (UFL) Hardened + Read-Only Available PI Interface for Foxboro I/A 70 Series PI Interface for Metso maxdna PI Interface for Citect PI Interface for SNMP Trap PI Interface for Modbus Ethernet PLC PI Interface for OPC HDA PI Interface for GE FANUC Cimplicity HMI PI Interface for ACPLT/KS 18

19 Transport Security Everywhere From Connection PI Trust NTLM RC4/MD5 Active Directory (Kerberos) AES256/SHA1* PI Buffer Subsystem PI Connectors PI Datalink PI Processbook PI Interfaces 19

20 Introducing PI API 2016 for Windows Integrated Security 20

21 PI API 2016 for Windows Integrated Security Compiler Defenses Code Safety Transport Security Data Integrity and Privacy Backward Compatible No changes to existing PI Interfaces PI Mapping is Required, PI API 2016 does not attempt PI Trust connection! 21

22 22

23 Security Changes in Progress 23

24 PI Connector Architecture PI Connectors PI Connector Relay Certificates Windows Security Edge DMZ Enterprise 24

25 PI System Connector Source PI System & PI System Connector PI Connector Relay Destination PI System PI Points Real-time Data Elements Templates Control DMZ Corporate 25

26 Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact Attack & Defend Reduce Impact PI System Kill Chain with Relay Latest defensive technology More separation from threat to target Flexible and defensible architecture 1 The Internet WEB Page Drive By Coresight WEB Client Admin OS Access Unauthenticated access Coresight Server Unauthorized access to data Unauthenticated access PI Archive & AF Servers Unauthorized access to data Administrative access to operating system Connector Relay Control system pwned Administrative access to operating system Connector Control system pwned 7 Control System Social Engineering Web Browser Compromise User OS Access Authenticated Access Coresight Server Compromise Manipulation of configuration Administrative access to operating system PI Archive or AF Compromise Missing or tainted data sent to users or downstream services Exploit vulnerable product or service to inject malware on interface node Connector Relay Compromise Control system slow or unresponsive Exploit vulnerable product or service to inject malware on interface node Connector Compromise Control system slow or unresponsive Phishing Network Node Access Exploit vulnerable product or service Missing or tainted data sent to users or downstream services Authenticated PI data access Service delays or unresponsive Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Use interface output points for sending data to control systems Loss of control including anomalous actuator operation Admin Access to OS/ SQL Server Service delays or unresponsive Exploit vulnerable service on PI Server Manipulation of configuration Use interfaces to overload control system Loss of view including fake sensor data Use interfaces to overload control system Loss of view including fake sensor data Overload Server (DoS) Spread malware to client connections Overload PI Server Pivot to other servers (PI Server as client to another server or unauthorized call home) Use PI data as part of a covert command and control channel Use PI data as part of a covert command and control channel Coresight acts as client to another resource Spread malware to client connections 26

27 Infrastructure Hardened PI System Global. Trusted. Sustainable. 27

28 What is Infrastructure Hardened? Extremely Reliable Well Tested Proven Capability Trusted Security Development Lifecycle Process Training Requirements Design Implementation Verification Release Response 28

29 29

30 Microsoft Project Springfield Early Adopter Resists pathological PI SQL data queries Cortana Ready Data Safe import and export of AF asset structures Robust support for intensive bulk data calls Reliable access to archive data

31 Key PI System Security Resources https://techsupport.osisoft.com/troubleshooting/pi-system-cyber-security https://www.youtube.com/user/osisoftlearning/ https://pisquare.osisoft.com/groups/security

32 Actions Defend your critical systems Establish an update cadence Take advantage of integrated security 32

33 Contact Information Brian Bostwick Market Principal, Cyber Security Bryan Owen PE Principal Cyber Security Manager 33

34 Thank You

What s New in PI Security?

What s New in PI Security? What s New in PI Security? Presented by Bryan Owen PE Felicia Mohan Agenda Overview What s new Demo What s coming next Call to Action 3 Cyber Security is more of a Marathon than a Sprint Release Cadence

More information

What s new in PI System Security?

What s new in PI System Security? What s new in PI System Security? Presented by Brian Bostwick Kevin Geneva The Seven Most Dangerous New Attack Techniques SANS: Alan Paller, Ed Skoudis, Michael Assante, Johannes Ullrich 1. Ransomware

More information

What s new in PI System Security?

What s new in PI System Security? What s new in PI System Security? Presented by Brian Bostwick Felicia Mohan Infrastructure Hardened PI System Global. Trusted. Sustainable. 2 What is Infrastructure Hardened? Extremely Reliable Well Tested

More information

Are Mobile Technologies Safe Enough for Industrie 4.0?

Are Mobile Technologies Safe Enough for Industrie 4.0? Are Mobile Technologies Safe Enough for Industrie 4.0? Presented by Bryan Owen PE Mobile Technology is Awesome! Cameras Drone UAVs GPS Sensors Smart phones Wearables https://www.osisoft.com/presentations/geospatial-sensor---driven-analytics-using-drones/

More information

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic

More information

Connectivity from A to Z Roadmap for PI Connectors and PI Interfaces

Connectivity from A to Z Roadmap for PI Connectors and PI Interfaces Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Rajesh Balaraman, Team Lead Xiaoli Tang, Software Developer Technology Evolves What if I asked you to:

More information

ANATOMY OF AN ATTACK!

ANATOMY OF AN ATTACK! ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable

More information

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection Zero Trust on the Endpoint Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection March 2015 Executive Summary The Forrester Zero Trust Model (Zero Trust) of information

More information

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical

More information

IC32E - Pre-Instructional Survey

IC32E - Pre-Instructional Survey Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into

More information

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen - Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security

More information

CyberArk Privileged Threat Analytics

CyberArk Privileged Threat Analytics CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical

More information

OPSWAT Metadefender. Superior Malware Threat Prevention and Analysis

OPSWAT Metadefender. Superior Malware Threat Prevention and Analysis OPSWAT Metadefender Superior Malware Threat Prevention and Analysis OPSWAT Products Threat protection and security Threat prevention and analysis 30+ anti-malware engines 90+ data sanitization engines

More information

How to Pick the Right PI Developer Technology for your Project

How to Pick the Right PI Developer Technology for your Project How to Pick the Right PI Developer Technology for your Project Presented by Ray Verhoeff Product Manager Topics What Problems are you trying to solve? Where are you solving them? About PI Developer Technologies

More information

PI Connector for Ping 1.0. User Guide

PI Connector for Ping 1.0. User Guide PI Connector for Ping 1.0 User Guide OSIsoft, LLC 777 Davis St., Suite 250 San Leandro, CA 94577 USA Tel: (01) 510-297-5800 Fax: (01) 510-357-8136 Web: http://www.osisoft.com PI Connector for Ping 1.0

More information

OSIsoft Release Notes

OSIsoft Release Notes OSIsoft Release Notes PI OPC DA Server 2017 Version 2.2.1 2017 OSIsoft, LLC. All rights reserved Table of Contents Overview... 1 Fixes and Enhancements... 1 Fixes... 1 Enhancements... 2 Known Issues...

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

Modicon M580 PAC. CSPN Security Target. Version

Modicon M580 PAC. CSPN Security Target. Version Modicon M580 PAC CSPN Security Target Version 1.5-1 - Introduction A CSPN security target is a document specifying the scope of a CSPN evaluation [CSPN]. The Security Target serves as a basis for agreement

More information

Critical Hygiene for Preventing Major Breaches

Critical Hygiene for Preventing Major Breaches SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos

More information

Challenge: Harden the PI System against cyber threats. Copyr i ght 2014 O SIs oft, LLC.

Challenge: Harden the PI System against cyber threats. Copyr i ght 2014 O SIs oft, LLC. 1 Challenge: Harden the PI System against cyber threats Presented by Bryan S. Owen PE 4: Least Privileges 3 Hmmm. How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just getting started.

More information

IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP

IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP North America Latin America Europe 877.224.8077 info@coalfire.com coalfire.com Coalfire sm and CoalfireOne sm are registered service

More information

PI Server 2010: Satyam Godasi Sr. Developer. Jay Lakumb Product Manager. Denis Vacher Group Lead. Copyright 2010, OSIsoft LLC. All rights reserved.

PI Server 2010: Satyam Godasi Sr. Developer. Jay Lakumb Product Manager. Denis Vacher Group Lead. Copyright 2010, OSIsoft LLC. All rights reserved. PI Server 2010: Jay Lakumb Product Manager Denis Vacher Group Lead Satyam Godasi Sr. Developer PI Enterprise Server 2010 What is PI Server 2010? Protecting Your Investment Deploying/Configuring Unlocking

More information

Cyber Threats: What Should I Do to Harden my PI System?

Cyber Threats: What Should I Do to Harden my PI System? Cyber Threats: What Should I Do to Harden my PI System? Presented by Vadim Sizykh Omar Mohsen 2 4: Least Privileges 3 Hmmm How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just

More information

Copyri g h t 2012 OSIso f t, LLC. 1

Copyri g h t 2012 OSIso f t, LLC. 1 1 Architecture and Best Practices (Recommendation for PI Systems) Presented by John Daniels Customer Support Engineer Agenda PI System High Availability PI Server level (such as PI Server HA, AF HA, PI

More information

the SWIFT Customer Security

the SWIFT Customer Security TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This

More information

Agenda: Insurance Academy Event

Agenda: Insurance Academy Event Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security

More information

Cyber Security for Process Control Systems ABB's view

Cyber Security for Process Control Systems ABB's view Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control

More information

Web Security. Outline

Web Security. Outline Security CS 161/194-1 Anthony D. Joseph November 21, 2005 s Outline Static and Dynamic Content Firewall review Adding a DMZ Secure Topologies 2 1 Polls How many people have set up a personal web server?

More information

Building Resilience in a Digital Enterprise

Building Resilience in a Digital Enterprise Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.

More information

Computers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady

Computers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day

More information

ABB Process Automation, September 2014

ABB Process Automation, September 2014 ABB Process Automation, September 2014 ABB Process Automation Services Services that add life to your products, systems and processes September 26, 2014 Slide 1 1 ABB Process Automation Services A proven

More information

New Technologies for Cyber Security

New Technologies for Cyber Security New Technologies for Cyber Security Presented by Jim Davidson jdavidson@osisoft.com Security Products Manager OSIsoft, LLC Bryan Owen bowen@osisoft.com Cyber Security Manager OSIsoft, LLC 2 How Do Breaches

More information

Field Agents* Secure Deployment Guide

Field Agents* Secure Deployment Guide GFK-3009 Field Agents* Secure Deployment Guide Jan 2017 These instructions do not purport to cover all details or variations in equipment, nor to provide for every possible contingency to be met during

More information

Cyber Resiliency & Agility Call to Action

Cyber Resiliency & Agility Call to Action Cyber Resiliency & Agility Call to Action MITRE Resiliency Workshop May 31, 2012 Suzanne Hassell Engineering Fellow Raytheon Network Centric Systems shassell@raytheon.com Copyright 2012 Raytheon Company.

More information

Cyber security for digital substations. IEC Europe Conference 2017

Cyber security for digital substations. IEC Europe Conference 2017 Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:

More information

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda THREAT MODELING IN SOCIAL NETWORKS Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda INTRODUCTION Social Networks popular web service. 62% adults worldwide use social media 65% of world top companies

More information

Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC

Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions

More information

UCOS User-Configurable Open System

UCOS User-Configurable Open System UCOS User-Configurable Open System User-Configurable Open System (UCOS) UCOS is a complete control system solution. It includes graphical development software, a graphical human machine interface (HMI),

More information

RSA Fraud & Risk Intelligence Solutions

RSA Fraud & Risk Intelligence Solutions RSA Fraud & Risk Intelligence Solutions Separating Customers from Criminals May 2015 1 Mobile Social Identities IOT Alternative Authentication Market Disruptors Biometrics Cross Channel Intelligence Sharing

More information

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office

More information

Solutions Business Manager Web Application Security Assessment

Solutions Business Manager Web Application Security Assessment White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security

More information

Connectivity 101 for Remote Monitoring Systems

Connectivity 101 for Remote Monitoring Systems Connectivity 101 for Remote Monitoring Systems Paul Wacker Moxa, Inc. Manager - Edge Connectivity Ariana Drivdahl Moxa, Inc. Product Marketing Manager Pain Points of Remote Monitoring Pressure to enhance

More information

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich RIPE RIPE-17 Table of Contents The Langner Group Washington Hamburg Munich RIPE Operations Technology Management Plan (MP-17) 0.1 Purpose... 4 0.2 Process Overview... 4 0.3 Implementation Scope... 5 0.4

More information

Protect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013

Protect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013 Protect Your Application with Secure Coding Practices Barrie Dempster & Jason Foy JAM306 February 6, 2013 BlackBerry Security Team Approximately 120 people work within the BlackBerry Security Team Security

More information

Industrial Control System Security white paper

Industrial Control System Security white paper Industrial Control System Security white paper The top 10 threats to automation and process control systems and their countermeasures with INSYS routers Introduction With the advent of M2M (machine to

More information

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

Threat Modeling. Bart De Win Secure Application Development Course, Credits to Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,

More information

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response AUTHENTICATION Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response Who we are Eric Scales Mandiant Director IR, Red Team, Strategic Services Scott Koller

More information

Mobile Devices prioritize User Experience

Mobile Devices prioritize User Experience Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile

More information

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection White Paper The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection February, 2017 Introduction The North American Electric Reliability Corporation (NERC) maintains

More information

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) Koji NAKAO, NICT, Japan (Expert of UNECE WP29/TFCS) General Flow of works in WP29/TFCS and OTA Data protection

More information

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

The SANS Institute Top 20 Critical Security Controls. Compliance Guide The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise

More information

DeltaV Mobile Cybersecurity Overview

DeltaV Mobile Cybersecurity Overview DeltaV Mobile Cybersecurity Overview This document provides an in-depth overview of cybersecurity considerations for your DeltaV Mobile installation. DeltaV Mobile App DeltaV DeltaV Mobile Server Web View

More information

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance HAKIM- Sales Engineer 1 Cybersecurity of valuable assets and processes in a wide range of industry verticals, such as: Oil & Gas

More information

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP

More information

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2

More information

Securing Your Most Sensitive Data

Securing Your Most Sensitive Data Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way

More information

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107) Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience

More information

VIVOTEK. Security Hardening Guide

VIVOTEK. Security Hardening Guide VIVOTEK Security Hardening Guide Version 1.0 2018 VIVOTEK Inc., All rights reserved. 1 January 01, 2018 About this Document The intended use of this guide is to harden devices and also provide collateral

More information

Understanding OPC: Basic Overview

Understanding OPC: Basic Overview Understanding OPC: Basic Overview Colin Winchester VP Operations Nathan Pocock Chief Architect & Developer Understanding OPC: Basic Overview Agenda 60 Minutes Original problem How to share data Original

More information

Cybersecurity and Communications Based Train Control

Cybersecurity and Communications Based Train Control Cybersecurity and Communications Based Train Control RAHEEL QURESHI CYBERSECURITY AUTHORITY URBAN RAIL SIGNALLING (URS) 2016 Thales Canada, Transportation Solutions. All rights reserved. Passing on or

More information

Private Clouds: Opportunity to Improve Data Security and Lower Costs. InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy

Private Clouds: Opportunity to Improve Data Security and Lower Costs. InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy Private Clouds: Opportunity to Improve Data Security and Lower Costs InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy Private Clouds: Opportunity to Improve Data Security and

More information

Intel Active Management Technology Overview

Intel Active Management Technology Overview Chapter 5 Intel Active Management Technology Overview Management is doing things right; leadership is doing the right things. Peter Drucker (1909 2005) As we discussed in the last chapter, Intel Active

More information

B-Scada and Security

B-Scada and Security +1 352.564.9610 info@b-scada.com www.scada.com B-Scada and Security How B-Scada s Status Products Keep Your Data Secure B-Scada and Security There are four communication relationships in the system that

More information

Cybersecurity with Automated Certificate and Password Management for Surveillance

Cybersecurity with Automated Certificate and Password Management for Surveillance Cybersecurity with Automated Certificate and Password Management for Surveillance October 2017 ABSTRACT This reference architecture guide describes the reference architecture of a validated solution to

More information

Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic

Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic Presented by Stephen Friedenthal, IoT Solutions Architect About Cisco Systems, Inc. San Fran Companies want to derive

More information

.NET Secure Coding for Client-Server Applications 4-Day hands on Course. Course Syllabus

.NET Secure Coding for Client-Server Applications 4-Day hands on Course. Course Syllabus .NET Secure Coding for Client-Server Applications 4-Day hands on Course Course Syllabus Course description.net Secure Coding for Client-Server Applications 4-Day hands on Course Secure programming is the

More information

NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes

NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright 2012 2011 by Waterfall

More information

HUAWEI TECHNOLOGIES CO., LTD. Huawei FireHunter6000 series

HUAWEI TECHNOLOGIES CO., LTD. Huawei FireHunter6000 series HUAWEI TECHNOLOGIES CO., LTD. Huawei 6000 series Huawei 6000 series can detect APT (Advanced Persistent Threat) attacks, which altogether exploit multiple techniques (including zero-day vulnerabilities

More information

Independent DeltaV Domain Controller

Independent DeltaV Domain Controller Independent DeltaV Domain Controller The domain controller functionality can be de-coupled from the ProfessionalPLUS / Application stations in DeltaV systems version 14.3 and higher. Table of Contents

More information

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks

More information

Automating the Top 20 CIS Critical Security Controls

Automating the Top 20 CIS Critical Security Controls 20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises

More information

CompTIA Cybersecurity Analyst+

CompTIA Cybersecurity Analyst+ CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity

More information

ADVANCED TRAINING INSTITUTE, HYDERABAD

ADVANCED TRAINING INSTITUTE, HYDERABAD Revision:01 LEARNING CONTENT Page 1 of 8 III COURSE CODE IA-01 COURSE TITLE PLC PROGRAMMING FOR INDUSTRIAL AUTOMATION OBJECTES On completion of the course, the learner will be able to explain the applications

More information

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control

More information

Comprehensive Cyber Security Features in SIPROTEC & SICAM. SIPROTEC Dag 11. Mei 2017

Comprehensive Cyber Security Features in SIPROTEC & SICAM. SIPROTEC Dag 11. Mei 2017 Comprehensive Cyber Security Features in SIPROTEC & SICAM SIPROTEC Dag 11. Mei 2017 siemens.tld/keyword Changes to Substation Automation and Protection over Time Evolving Threat Landscape (tomorrow today...)

More information

Vulnerability analysis of 2013 SCADA issues. Amol Sarwate Director of Vulnerability Labs, Qualys Inc.

Vulnerability analysis of 2013 SCADA issues. Amol Sarwate Director of Vulnerability Labs, Qualys Inc. Vulnerability analysis of 2013 SCADA issues Amol Sarwate Director of Vulnerability Labs, Qualys Inc. Agenda SCADA components 2013 Vulnerability Analysis Recommendations and Proposals SCADA DCS ICS Accidents

More information

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001) CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001) Gregg, Michael ISBN-13: 9781118083192 Table of Contents Foreword xxi Introduction xxvii Assessment Test xliv Chapter 1 Cryptographic

More information

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Protecting Against Online Fraud. F5 EMEA Webinar August 2014 Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture

More information

Windows 10 Security & Audit

Windows 10 Security & Audit Windows 10 Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC, CSX-P jtannahi@rogers.com Windows 10 Editions Home Pro Enterprise Education Mobile IoT Editions 1 Windows 10 Builds Windows 10 (initial

More information

13 Ways Through A Firewall What you don t know will hurt you

13 Ways Through A Firewall What you don t know will hurt you 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions CIPS ICE: The Tech Day 2013 (Calgary) Proprietary Information -- Copyright

More information

PI OPC DA Server User Guide

PI OPC DA Server User Guide PI OPC DA Server 2017 User Guide OSIsoft, LLC 1600 Alvarado Street San Leandro, CA 94577 USA Tel: (01) 510-297-5800 Fax: (01) 510-357-8136 Web: http://www.osisoft.com PI OPC DA Server 2017 User Guide 1992-2017

More information

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk Wayward Wi-Fi How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk 288 MILLION There are more than 288 million unique Wi-Fi networks worldwide. Source: Wireless Geographic Logging

More information

Using Defense in Depth to Safely Present SCADA Data for Read-Only and Corporate Reporting. Rick Bryson

Using Defense in Depth to Safely Present SCADA Data for Read-Only and Corporate Reporting. Rick Bryson Using Defense in Depth to Safely Present SCADA Data for Read-Only and Corporate Reporting Rick Bryson 2017 by Schweitzer Engineering Laboratories, Inc. All rights reserved. All brand or product names appearing

More information

Security in grid control centers: Spectrum Power TM Cyber Security

Security in grid control centers: Spectrum Power TM Cyber Security Security in grid control centers: Spectrum Power TM Cyber Security Thomas Schmidt, Information Security Manager siemens.at/future-of-energy Spectrum Power TM 7 Historical Information System Table of content

More information

ClearPath Secure Java Overview For ClearPath Libra and Dorado Servers

ClearPath Secure Java Overview For ClearPath Libra and Dorado Servers 5/18/2007 Page 1 ClearPath Secure Java Overview For ClearPath Libra and Dorado Servers Technical Presentation 5/18/2007 Page 2 Agenda ClearPath Java for Core Business Transformation Overview Architectural

More information

Advanced Security Measures for Clients and Servers

Advanced Security Measures for Clients and Servers Advanced Security Measures for Clients and Servers Wayne Harris MCSE Senior Consultant Certified Security Solutions Importance of Active Directory Security Active Directory creates a more secure network

More information

McAfee Embedded Control for Retail

McAfee Embedded Control for Retail McAfee Embedded Control for Retail System integrity, change control, and policy compliance for retail point of sale systems McAfee Embedded Control for retail maintains the integrity of your point-of-sale

More information

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision A Stonesoft Management Center Release Notes 5.10.2 Revision A Table of contents 1 About this release...3 System requirements... 3 Build version...4 Compatibility... 5 2 New features...6 3 Enhancements...

More information

Toward Open Source Intrusion Tolerant SCADA. Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania

Toward Open Source Intrusion Tolerant SCADA. Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania Outline What is SCADA? SCADA Vulnerabilities What is Intrusion Tolerance? Prime PvBrowser Our

More information

RSA NetWitness Suite Respond in Minutes, Not Months

RSA NetWitness Suite Respond in Minutes, Not Months RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations

More information

HP Rack Thermal Sensor Monitoring Solution

HP Rack Thermal Sensor Monitoring Solution HP Rack Thermal Sensor Monitoring Solution Presented by HP IT Global Data Center Services: Tools & Automation Agenda Introduction Background: Rack Thermal Sensors Business & Technical Requirements PI System

More information

SAP Security in a Hybrid World. Kiran Kola

SAP Security in a Hybrid World. Kiran Kola SAP Security in a Hybrid World Kiran Kola Agenda Cybersecurity SAP Cloud Platform Identity Provisioning service SAP Cloud Platform Identity Authentication service SAP Cloud Connector & how to achieve Principal

More information

NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses

NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses INL/EXT-10-18381 NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses May 2010 The INL is a U.S. Department of Energy National Laboratory operated by Battelle Energy

More information

HIPAA Regulatory Compliance

HIPAA Regulatory Compliance Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health

More information

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud Christopher Covert Principal Product Manager Enterprise Solutions Group Copyright 2016 Symantec Endpoint Protection Cloud THE PROMISE OF CLOUD COMPUTING We re all moving from challenges like these Large

More information

QuickBooks Online Security White Paper July 2017

QuickBooks Online Security White Paper July 2017 QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a

More information

ABB Ability Cyber Security Services Protection against cyber threats takes ability

ABB Ability Cyber Security Services Protection against cyber threats takes ability ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.

More information

e-commerce Study Guide Test 2. Security Chapter 10

e-commerce Study Guide Test 2. Security Chapter 10 e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the

More information

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045 Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,

More information