What s new in PI System Security?
|
|
- Jessie Hicks
- 6 years ago
- Views:
Transcription
1 What s new in PI System Security? Presented by Brian Bostwick Kevin Geneva
2 The Seven Most Dangerous New Attack Techniques SANS: Alan Paller, Ed Skoudis, Michael Assante, Johannes Ullrich 1. Ransomware 2. IoT Attack Platforms 3. Ransomware + IoT 4. Control System Attacks 5. Weak cryptography 6. Ad-hoc Web Services 7. Threats on NoSQL DB 2
3 OSIsoft Security Mindset Security champions in all facets of OSIsoft Ethical disclosure for software vulnerabilities Incident response readiness Independent ratings and verification
4 OSIsoft Security Mindset Security champions in all facets of OSIsoft Ethical disclosure for software vulnerabilities Incident response readiness Independent ratings and verification
5 Baseline PI System Security Use the PI Security Audit Tool to assess and improve PI System defenses. ID Server Validation Result Severity Message Category Area AU10001 CP-VM1 Domain Membership Check Fail Severe Machine is not a member of an AD Domain. Machine Domain AU10002 CP-VM1 Operating System SKU Fail Severe The following product is used: Server Standard Machine Operating System AU20002 CP-VM1 PI Admin Trusts Disabled Fail Severe The piadmin user can be assigned to a trust. PI System PI Data Archive AU20004 CP-VM1 Edit Days Fail Severe EditDays not specified, using non-compliant default of 0. PI System PI Data Archive AU10004 CP-VM1 AppLocker Enabled Fail Moderate AppLocker is not configured to enforce. Machine Policy AU20001 CP-VM1 PI Data Archive Table Security Fail Moderate The following databases present weaknesses: PIBatch; PIBATCHLEGACY; PICampaign; PIDBSEC; PIDS; PIHeadingSets; PIModules; PITransferRecords; PIUSER. PI System PI Data Archive AU20009 CP-VM1 PI Data Archive SPN Check Fail Moderate The Service Principal Name does NOT exist or is NOT assigned to the correct Service Account. PI System PI Data Archive AU10005 CP-VM1 UAC Enabled Fail Low Recommended UAC feature ValidateAdminCodeSignatures disabled. Machine Policy AU10003 CP-VM1 Firewall Enabled Pass N/A Firewall enabled. Machine Policy PI Data Archive SubSystem AU20003 CP-VM1 Versions Pass N/A Version is compliant PI System PI Data Archive AU20005 CP-VM1 Auto Trust Configuration Pass N/A Tuning parameter compliant: Create the trust entry for the loopback IP address PI System PI Data Archive AU20006 CP-VM1 Expensive Query Protection Pass N/A Using the compliant default of 260. PI System PI Data Archive AU20007 CP-VM1 Explicit login disabled Pass N/A Using compliant policy: All authentication options enabled. PI System PI Data Archive AU20008 CP-VM1 piadmin is not used Pass N/A No Trust(s) or Mapping(s) identified as weaknesses. PI System PI Data Archive
6 Top Three DHS ICS-CERT Weaknesses 1. Boundary Protection: Architecture issues including ICS discoverable on the internet 2. Least Functionality: Unnecessary open ports 3. Authenticator Management: Simple passwords and lack of encryption
7 Boundary Protection with the PI System Transmission & Distribution SCADA Critical Systems Limits direct access to critical systems while expanding the value use of information. Plant DCS PLCs Infrastructure Environmental Systems Other critical operations systems Security Perimeter Reduce the risks on critical systems
8 Undesirable Topology a) PI Connector Servers Node x b) PI Connector/ Connector PI Interface Node x PI Servers PI Servers Control Network DMZ Enterprise Network 8
9 Today s Workaround PI Connector/ Connector PI Interface Node PI Server PI to PI Interface PI Servers PI Servers PI Server Security Control Network DMZ PI Server Security Enterprise Network 9
10 PI Connector Relay PI Connector Relay Node PI Servers PI Servers Control Network Certificates DMZ PI Server Security Enterprise Network 10
11 PI System Connector Deployment Source PI System PI System Connector PI Connector Relay Destination PI System (1 or More) Site1 PI 3 Security PI Points Real-time Data Site2 Site3 PI 3 Security PI 3 Security Certificates/ Encryption PI 3 Security Elements Templates Plant DMZ Corporate 11
12 Claims Authentication protects Active Directory Advanced Security in PI Coresight 2016 R2 and PI WebAPI 2017 Login using an external Identity Provider No need to expose corporate AD credentials PI Coresight OpenID Connect Claims ID Provider Active Directory PI Server PI3, WCF Business Network Business Partner/Cloud/Mobile Network 12
13 Least Functionality Server Core PI Server Recommended on Windows Server Core Less installed, less running, No GUI applications Fewer open ports Less patching Less Maintenance Lower TCO. More Secure Microsoft Mechanics. "Exploring Nano Server for Windows Server 2016 with Jeffrey Snover." Online video clip. YouTube, 10 Feb. 2016
14 Least Functionality Architecture Browser Based Thin Client with PI Vision Server Less installed, less running Less patching Less Maintenance Lower TCO. More Secure
15 PI Interfaces New options for securing Data Source Read PI Interface Input Write Output Operating System 15
16 PI Interfaces New options for securing Data Source Read PI Interface Input Write X X Output White list Operating System New Features: 1. Least privileges 2. Read-only and read-write 3. White list output points 16
17 PI Interfaces: Hardened and Read Only Hardened PI Interface for ESCA HABConnect Alarms and Events PI Interface for Cisco Phone PI Interface for ESCA HABConnect PI to PI Interface PI Interface for CA ISO ADS Web Service PI Interface for IEEE C PI Interface for Performance Monitor PI Interface for Siemens Spectrum Power TG PI Interface for Relational Database (RDBMS via ODBC) PI Interface for Universal File and Stream Loading (UFL) Hardened + Read-Only Available PI Interface for Foxboro I/A 70 Series PI Interface for Metso maxdna PI Interface for Citect PI Interface for SNMP Trap PI Interface for Modbus Ethernet PLC PI Interface for OPC HDA PI Interface for GE FANUC Cimplicity HMI PI Interface for ACPLT/KS PI Interface for OPC DA 17
18 Authentication Management Use Windows Integrated Security (WIS)
19 HA Collectives: Enhanced Security Added support for Transport Security Now available in Data Archive, between HA Collective Nodes, PI SDK, AF SDK, and API 2016 for WIS All Collective members must be upgraded Implemented via Certificates You can use your own, or the one we generate for you 19
20 PI API 2016 for Windows Integrated Security Connection to PI uses Windows security only Login is over PI network port TCP 5450 Active Directory is recommended but not required 20
21 Goal: Encrypted Data with WIS PI Interface PI Server Workgroup Buffer runs as.\student01 s OPC Interface runs as.\opc Domain Buffer has mapping OPC Interface uses trust 21
22 Goal: Encrypted Data with WIS PI Trust PI Mapping IP Addr + App Name PI Identity Windows Account = PI Identity 22
23 Goal: Encrypted Data with WIS PI Interface PI Server Install PI API 2016 Follow KB 1457 s Windows Credential Manager 23
24 DEMO 24
25 Key PI System Security Resources
26 Infrastructure Hardened PI System Global. Trusted. osisoft 26
27 What is Infrastructure Hardened? Extremely Reliable Well Tested Proven Capability Trusted Security Development Lifecycle Process Training Requirements Design Implementation Verification Release Response 27
28 Actions with your Security Mindset Protect your boundaries Use strong authentication and least privileges Baseline and prioritize 28
29 Contact Information Brian Bostwick Cyber Security Market Principal OSIsoft, LLC Kevin Geneva Systems Engineer OSIsoft, LLC 29
30 Questions Please wait for the microphone before asking your questions Please remember to Complete the Online Survey for this session State your name & company osisoft 30
31 Thank You
What s new in PI System Security?
What s new in PI System Security? Presented by Brian Bostwick Felicia Mohan Infrastructure Hardened PI System Global. Trusted. Sustainable. 2 What is Infrastructure Hardened? Extremely Reliable Well Tested
More informationCyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016
Cyber Security Bryan Owen PE Principal Cyber Security Manager October 11, 2016 Agenda Overview What s new in PI Security Demo What s coming next Call to Action 2 Cyber Security is more of a Marathon than
More informationWhat s New in PI Security?
What s New in PI Security? Presented by Bryan Owen PE Felicia Mohan Agenda Overview What s new Demo What s coming next Call to Action 3 Cyber Security is more of a Marathon than a Sprint Release Cadence
More informationCyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
More informationHardcore PI System Hardening
Hardcore PI System Hardening Jozef Sujan, Lubos Mlcoch 1 Agenda 1. No-nonsense approach to Cyber Security 2. The Power of... PowerShell 3. Deadly Sins of PI Administrators Note: All examples in this presentation
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationOSIsoft Technologies for the Industrial IoT and Industry 4.0
OSIsoft Technologies for the Industrial IoT and Industry 4. Dan Lopez, Senior Systems Engineer Wednesday November 27 Industry 4. and Industrial IoT The Development of Industry 4. Industry. Industry 2.
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Rajesh Balaraman, Team Lead Xiaoli Tang, Software Developer Technology Evolves What if I asked you to:
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for PI Connectors and PI Interfaces Presented by Tadeas Marciniak, Field Service Engineer Zdenek Ryska, Software Developer ODBC HTML/XML IPMI SNMP S88 2 PI Interfaces New
More information2009 OSIsoft, LLC. OSIsoft vcampus Live! where PI geeks meet OSIsoft, LLC. OSIsoft vcampus Live! 2009 where PI geeks meet
2009 OSIsoft, LLC. OSIsoft vcampus Live! where PI geeks meet 1 Considerations of the new PI Security Model Bryan S. Owen OSIsoft Cyber Security Manager 2 Security Roadmap 3 Security Reality Today State
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Zdenek Ryska, Senior Software Developer Technology Evolves What if I asked you to: Call your coworker?
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationPI System Pervasive Data Collection
PI System Pervasive Data Collection Presented by Christian Leroux Enterprise Program Manager Chris Felts Sr. Product Manager OSIsoft on Industrial IoT Connecting people with sensor based data in ways that
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationAbout NitroSecurity. Application Data Monitor. Log Mgmt Database Monitor SIEM IDS / IPS. NitroEDB
About NitroSecurity NitroEDB IDS / IPS SIEM Log Mgmt Database Monitor Application Data Monitor Born from the INL Highly Optimized Core Architecture, Using Patented Technology - 8 unique mechanisms to improve
More informationI Want to Be Secure: Best Practices for Securing Your PI System
I Want to Be Secure: Best Practices for Securing Your PI System Presented by Michael Jakob, Head of Field Service and Customer Support EMEA What is a best practice for security? Security is all about risk
More informationIIoT Data Collection with the PI System
IIoT Data Collection with the PI System REGIONAL SEMINARS 27 Michael Norton 8-Nov-7 Copyright 27 OSIsoft, LLC Copyright 27 OSIsoft, LLC REGIONAL SEMINARS 27 Copyright 27 OSIsoft, LLC OSIsoft on Industrial
More informationHow to Pick the Right PI Developer Technology for your Project
How to Pick the Right PI Developer Technology for your Project Presented by Ray Verhoeff Product Manager Topics What Problems are you trying to solve? Where are you solving them? About PI Developer Technologies
More informationNew Technologies for Cyber Security
New Technologies for Cyber Security Presented by Jim Davidson jdavidson@osisoft.com Security Products Manager OSIsoft, LLC Bryan Owen bowen@osisoft.com Cyber Security Manager OSIsoft, LLC 2 How Do Breaches
More informationAre Mobile Technologies Safe Enough for Industrie 4.0?
Are Mobile Technologies Safe Enough for Industrie 4.0? Presented by Bryan Owen PE Mobile Technology is Awesome! Cameras Drone UAVs GPS Sensors Smart phones Wearables https://www.osisoft.com/presentations/geospatial-sensor---driven-analytics-using-drones/
More informationHow to Pick the Right PI Developer Technology for your Project
How to Pick the Right PI Developer Technology for your Project Presented by Patrice Thivierge Fortin Regional Services Lead, France Why talking about picking the right PI Developer Technology? To provide
More informationThe Power of Connection
The Power of Connection Presented by Mana Afshari, Systems Engineer mafshari@osisoft.com Why is Connectivity Important? Context Need Solution More data sources available Advanced analyses require information
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationOSIsoft Technologies for the Industrial IoT and Industry 4.0 Chris Felts, Sr. Product Manager Houston Regional Seminar, October 4, 2017
OSIsoft Technologies for the Industrial IoT and Industry 4. Chris Felts, Sr. Product Manager Houston Regional Seminar, October 4, 27 Copyright 27 OSIsoft, LLC Introduction Copyright 27 OSIsoft, LLC 2 Industry
More informationCyber Threats: What Should I Do to Harden my PI System?
Cyber Threats: What Should I Do to Harden my PI System? Presented by Vadim Sizykh Omar Mohsen 2 4: Least Privileges 3 Hmmm How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationWindows Integrated Security what it is, why you should use it
Windows Integrated Security what it is, why you should use it Presented by Martin Bryant OSIsoft Field Service Engineer Martin Bryant is a field service engineer and trainer based in OSIsoft s Houston
More informationWhy Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic
Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic Presented by Stephen Friedenthal, IoT Solutions Architect About Cisco Systems, Inc. San Fran Companies want to derive
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationNERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes
NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright 2012 2011 by Waterfall
More informationSAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts
SAP Cybersecurity Solution Brief Objectives Solution Benefits Quick Facts Secure your SAP landscapes from cyber attack Identify and remove cyber risks in SAP landscapes Perform gap analysis against compliance
More informationOSIsoft IIoT Overview Chicago Regional Seminar 2016
OSIsoft IIoT Overview Chicago Regional Seminar 2016 Chris Felts Sr. Product Manager September 21, 2016 IIoT Reference Architecture Presented by Cisco at the IoT World Forum, October, 2014 2 Embedded-Based
More informationHow-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018
How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018 Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationMINIMUM SECURITY CONTROLS SUMMARY
APPENDIX D MINIMUM SECURITY CONTROLS SUMMARY LOW-IMPACT, MODERATE-IMPACT, AND HIGH-IMPACT INFORMATION SYSTEMS The following table lists the minimum security controls, or security control baselines, for
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More informationTestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified
TestOut Network Pro - English 4.1.x COURSE OUTLINE Modified 2017-07-06 TestOut Network Pro Outline - English 4.1.x Videos: 141 (18:42:14) Demonstrations: 81 (10:38:59) Simulations: 92 Fact Sheets: 145
More informationImplementing Security in Windows 2003 Network (70-299)
Implementing Security in Windows 2003 Network (70-299) Level 1 Authorization & Authentication 2h 20m 20s 1.1 Group Strategy 1.2 Group Scopes 1.3 Built-in Groups 1.4 System or Special Groups 1.5 Administrating
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationBuilding a Secure PI Web API Environment
Building a Secure PI Web API Environment Presented by Mike Sloves Ray Verhoeff User Conference 2017 Themes 2 What do we mean by secure? Basic summary of security concepts: Minimizing the Attack Vector
More informationW H IT E P A P E R. Salesforce Security for the IT Executive
W HITEPAPER Salesforce Security for the IT Executive Contents Contents...1 Introduction...1 Background...1 Settings Related to Security and Compliance...1 Password Settings... 1 Session Settings... 2 Login
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationGoing Without CPU Patches on Oracle E-Business Suite 11i?
Going Without CPU Patches on E-Business Suite 11i? September 17, 2013 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation About
More informationVulnerability analysis of 2013 SCADA issues. Amol Sarwate Director of Vulnerability Labs, Qualys Inc.
Vulnerability analysis of 2013 SCADA issues Amol Sarwate Director of Vulnerability Labs, Qualys Inc. Agenda SCADA components 2013 Vulnerability Analysis Recommendations and Proposals SCADA DCS ICS Accidents
More informationFencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1
Fencing the Cloud with Identity Roger Casals Senior Director Product Management Shared vision for the Identity: Fencing the Cloud 1 Disclaimer Copyright 2014 Symantec Corporation. All rights reserved.
More informationHow to Put Your AF Server into a Container
How to Put Your AF Server into a Container Eugene Lee Technology Enablement Engineer 1 Technology Challenges 2 Cloud Native bring different expectations 3 We are becoming more impatient Deploy Code Release
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationPI Connector for Ping 1.0. User Guide
PI Connector for Ping 1.0 User Guide OSIsoft, LLC 777 Davis St., Suite 250 San Leandro, CA 94577 USA Tel: (01) 510-297-5800 Fax: (01) 510-357-8136 Web: http://www.osisoft.com PI Connector for Ping 1.0
More informationhidden vulnerabilities
hidden vulnerabilities industrial networks in 30 minutes Cyber Security introduction Frank Kemeling Certified Ethical Hacker [CEH] EC-Council Certified Security Analyst [ESCA] Licensed Penetration Tester
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationHow-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018
How-to Guide: Tenable Nessus for Microsoft Azure Last Updated: April 03, 2018 Table of Contents How-to Guide: Tenable Nessus for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationConnectivity 101 for Remote Monitoring Systems
Connectivity 101 for Remote Monitoring Systems Paul Wacker Moxa, Inc. Manager - Edge Connectivity Ariana Drivdahl Moxa, Inc. Product Marketing Manager Pain Points of Remote Monitoring Pressure to enhance
More informationMobility Windows 10 Bootcamp
Mobility Windows 10 Bootcamp Length: 8 days Format: Bootcamp Time: Day About This Course This boot camp is designed to provide students with the knowledge and skills required to install and configure Windows
More informationChallenge: Harden the PI System against cyber threats. Copyr i ght 2014 O SIs oft, LLC.
1 Challenge: Harden the PI System against cyber threats Presented by Bryan S. Owen PE 4: Least Privileges 3 Hmmm. How do we get started? 4 Knowledge Base Step by Step 5 Excellent! We are just getting started.
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationNew to PI SDK and AF SDK 2010
New to PI SDK and AF SDK 2010 Presented By: Jay Lakumb and Charlie Henze, OSIsoft Where PI geeks meet 9/23/2010 PI SDK Buffering Use Cases Functionality Demo New PI SDK Utility Next Steps Where PI geeks
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationVishal Shirodkar Technology Specialist Microsoft India Session Code:
Vishal Shirodkar Technology Specialist Microsoft India Session Code: Session Objectives And Takeaways Explain how DirectAccess differs from a traditional VPN Identify some of the key requirements for installing
More informationStudents should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:
Secure Java Web Application Development Lifecycle - SDL (TT8325-J) Day(s): 5 Course Code: GK1107 Overview Secure Java Web Application Development Lifecycle (SDL) is a lab-intensive, hands-on Java / JEE
More informationGE CIMPLICITY HMI/SCADA SECURE DEPLOYMENT GUIDE
GE CIMPLICITY HMI/SCADA SECURE DEPLOYMENT GUIDE Version 2.3 October 2017 Disclaimer of Warranties and Liability The information contained in this manual is believed to be accurate and reliable. However,
More informationB-Scada and Security
+1 352.564.9610 info@b-scada.com www.scada.com B-Scada and Security How B-Scada s Status Products Keep Your Data Secure B-Scada and Security There are four communication relationships in the system that
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationOSIsoft Release Notes
OSIsoft Release Notes PI OPC DA Server 2017 Version 2.2.1 2017 OSIsoft, LLC. All rights reserved Table of Contents Overview... 1 Fixes and Enhancements... 1 Fixes... 1 Enhancements... 2 Known Issues...
More informationHikCentral V1.3 for Windows Hardening Guide
HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote
More informationRasGas Use Case: Owl DualDiode Solution
RasGas Use Case: Owl DualDiode Solution Presented by Dennis Lanahan Owl Computing Technologies Mayan Shah RasGas Company Limited Agenda Webinar Series and Partner Solution Showcase Introduction RasGas
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationRansomware. How to protect yourself?
Ransomware How to protect yourself? ED DUGUID, CISSP, VCP CONSULTANT, WEST CHESTER CONSULTANTS Ransomware Ransomware is a type of malware that restricts access to the infected computer system in some way,
More informationIE156: ICS410: ICS/SCADA Security Essentials
IE156: ICS410: ICS/SCADA Security Essentials IE156 Rev.001 CMCT COURSE OUTLINE Page 1 of 6 Training Description: In this five-day intensive training, participants will develop and reinforce a common language
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationSecuring your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationPractical Network Defense Labs
Practical Network Defense Labs ABOUT This document showcases my practical hands-on engagements in the elearnsecurity HERA labs environment for the Network Defense Professional certification course. I utilized
More informationExpanding Your System past just a PI Historian A 2016 Update
Expanding Your System past just a PI Historian A 2016 Update Bruce McCamant, TSI September 15, 2016 USERS GROUP Copyright 2015 OSIsoft, LLC. Triencon Services, Inc. An Energy Services Company Providing
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationIIoT Data Collection with the PI System
REGIONAL SUMMIT 27 Copyright 27 OSIsoft, LLC IIoT Data Collection with the PI System Presented by Sasha Krivonosova, Systems Engineer REGIONAL SUMMIT 27 @osisoft Copyright 27 OSIsoft, LLC OSIsoft on Industrial
More informationSecurity in the Privileged Remote Access Appliance
Security in the Privileged Remote Access Appliance 2003-2018 BeyondTrust, Inc. All Rights Reserved. BEYONDTRUST, its logo, and JUMP are trademarks of BeyondTrust, Inc. Other trademarks are the property
More informationPI Developer Technologies Roadmap Presented by: Frank Garriel, David Hearn, & Bodo Bachmann
PI Developer Technologies Roadmap Presented by: Frank Garriel, David Hearn, & Bodo Bachmann 1 PI Developer Technologies PI OPC Servers PI Web API Presented by: Frank Garriel 3 Performance & Scalability
More informationPI Developer Technologies Roadmap. #OSIsoftUC #PIWorld 2018 OSIsoft, LLC
PI Developer Technologies Roadmap PI Developer Technologies PI OPC Servers PI Web API Presented by: Frank Garriel Performance & Scalability PI Web API 2017 R2 Channels Heartbeat Raw Throughput Improvement
More informationIntroduction to ICS Security
Introduction to ICS Security Design. Build. Protect. Presented by Jack D. Oden, June 1, 2018 ISSA Mid-Atlantic Information Security Conference, Rockville, MD Copyright 2018 Parsons Federal 2018 Critical
More informationLegacy-Compliant Data Authentication for Industrial Control System Traffic
Legacy-Compliant Data Authentication for Industrial Control System Traffic John Henry Castellanos, Daniele Antonioli, Nils Ole Tippenhauer and Martín Ochoa Singapore University of Technology and Design
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationWhite Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection
White Paper The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection February, 2017 Introduction The North American Electric Reliability Corporation (NERC) maintains
More informationn Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network
Always Remember Chapter #1: Network Device Configuration There is no 100 percent secure system, and there is nothing that is foolproof! 2 Outline Learn about the Security+ exam Learn basic terminology
More informationData Collection at the Edge with OSIsoft Message Format
Data Collection at the Edge with OSIsoft Message Format Presented by: Jeremy Korman, Product Marketing Manager Konstantin Chudnovskiy, SaaS Products Team Leader Frank Gasparro, Edge Products Group Lead
More informationVMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway
VMware AirWatch Content Gateway for Linux VMware Workspace ONE UEM 1811 Unified Access Gateway You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationTestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified
TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationCASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)
CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001) Gregg, Michael ISBN-13: 9781118083192 Table of Contents Foreword xxi Introduction xxvii Assessment Test xliv Chapter 1 Cryptographic
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More information