Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Size: px
Start display at page:

Download "Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks."

Transcription

1 Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic overloads can effect a control system. Accidental miss configuration or well intentioned but unauthorized control system changes. Directed attacks by internal or external threats. Increasing the security of the assets also increases the integrity of the production system. 2 1

2 Why Now? The rapidly changing world of technology makes computer systems more vulnerable to a cyber attack. Increase in attacks on general IT systems and directed attacks on companies results in an increase in threats to control systems. Open systems have proven to be desirable and effective but expose a control system to greater risks. Government and Companies are responding with cyber security standards for control systems. Awareness that control systems contain valuable data, can effect business and are vulnerable has increased the focus. Dedicated attacks increasing for Industrial companies. Researcher focus on control systems is increasing awareness and providing tools. 3 Security Security implementation is a solution and not a product People, Policies, Architectures, Products Security requires a multilayer or Defense in Depth (DiD) approach Security Plan, Network Separation, Perimeter protection, Network Segmentation, Device Hardening, Monitoring & Update Vendor s responsibilities Design products & solutions with security features Ensure they enable customers to comply with security standards Provide recommendations and methodologies to guide implementation End User s responsibilities Define security procedures (organizational security) Mandate responsible people (personal security) Ensure compliance with security standards 4 2

3 How to Secure a System Policies and Procedures, Staff Training, Secure Architecture Protect the perimeter Routers, Firewalls, VPN Segment the network DMZ between Trusted Zones Segments within Trusted Zones Protect the computers AntiVirus, White-listing, Access control Harden the controllers / devices Device security, External protection Monitor and React Logs, traffic monitoring, alarms Act on unauthorized events 5 Security is a risk evaluation Customers and vendors should both handle security based on risk Evaluate the risks, take actions on the risks above a defined level. Both systems and products can be evaluated for risk and should be. Risks on a product can be mitigated by another component of the system Risk = Threat x Vulnerability x Consequence Threat, a person or event with the potential to cause a loss. Vulnerability, a weakness that can be exploited by an adversary or an accident. Consequence, the amount of loss or damage that can be expected from a successful attack. Mitigation - Something that is done to reduce the risk, Normally reducing the vulnerability or raising the skills needed to exploit it 6 3

4 Address the highest risks first The highest risk for cyber security is the most exposed systems. IT Systems Remote access systems PC Systems SCADA Systems 7 largest cyber security issues from Industrial Defender (number 1 company in Industrial cyber security) Inadequate security staffing / training Insecure perimeter firewalls Insufficient patching of PCs and software Inadequate separation on corporate and plant networks Weak Passwords Unnecessary 3 rd party products Inadequate documentation 7 How to Manage a Secure System Keep the computers protected A/V protection Appl. White-listing Administer access control Monitor Device Hardening Device settings External devices Monitor traffic, log users, log events, and trap alarms Act when unauthorized events occur Patch! Patch! Patch! IT DMZ OT 8 4

5 Schneider Electric s Recommendation The Defence in Depth Approach (DiD) 6 key steps: 1. Security Plan Network Separation 3. Perimeter Protection 4 4. Network Segmentation 5 5. Device Hardening 6. Monitoring & Update 9 Defense-in-Depth Step #1: Security Plan Define: Roles and responsibilities. Allowed activities, actions and processes. Consequences of non-compliance. Full network assessment: Communication paths. Audit of all devices. Security settings. Network drawings. Vulnerability assessment: Potential threats. Consequences. Risk assessment and mitigation. Assessment and Design Service Connexium Network Manager Product Alerts 10 5

6 Defence in Depth Step #2: Network Separation Separate the Industrial Automation & Control System from the outside world Create a buffer network (DMZ) between the IACS network and the rest of the world, using routers and firewalls Block inbound traffic to the IACS except through the DMZ firewall Limit outbound traffic to essential and authorized traffic only DMZ host for servers Vijeo Historian mirror Web servers Authentication server Remote access server Anti-virus server Connexium Eagle 20 ETG Routers Hirschmann Routers, Mach, Mice 11 Defence in Depth Step #3: Perimeter Protection Protect the Industrial Automation & Control System perimeter using a firewall Validate packets and protocols Manage authorization of certain data packets Restrict IP address or user access via authorization and authentication Protect critical parts of the process with additional firewalls within the IACS Connexium Eagle Connexium Tofino ETG Gateways Secure remote accesses Use the VPN technology of routers and firewalls Use the latest authentication and authorization technologies. They re evolving fast. 12 6

7 Defence in Depth Step #4: Network Segmentation and Zones Create Security Zones Limit and monitor access between zones. Limits the effect of a security issue, alerts when an issue occurs. Use managed switches Limit access to network packets. Precisely segment the network using VLANs Limit rates of multicast and broadcast messages to protect from DoS type attacks Limit physical connections using port security ConneXium Switches Connexium Tofino Firewall 13 Defence in Depth Step #5: Device Hardening On all devices Replace default passwords with strong passwords Shut off unused ports, communication services and hardware interfaces Set up broadcast limiter functions Use multicast message filtering Avoid generating requests faster than system can handle On PCs and HMI terminals Forbid or seriously control the use of any external memory On Unity Pro and Vijeo Citect Set up all security features: passwords, user profiles, operator action logging On ConneXium switches Restrict access on ports to assigned addresses only On remote I/Os Restrict access to authorized PACs only Vijeo Citect PCs Vijeo Historian PCs Unity Pro PACs Magelis HMI terminals ConneXium switches Modicon STB I/O islands Altivar speed drives Any I/O or instrument on fieldbus 14 7

8 Defence in Depth Step #6: Monitor and Update Monitor, Manage and Protect service 24/7 remote security monitoring Configuration monitoring Reporting for Audit Compliance Network and Host Intrusion Detection systems Monitor Authentication traps. Unauthorized login attempts. Unusual activity. Windows Event Viewer. Network load. Device log files. Monitor, Manage, Protect Service Citect Log Files Unity Pro log files PLC Event Viewers PLC Diagnostics and access lists 15 Defense in Depth Why? Every mitigation mentioned has a weakness, method to break through Eg IP address spoofing An attack can be launched from behind the devices Internal attacker Capture of a device already in the system 6 key steps: 1. Security Plan 2. Network Separation 3. Perimeter Protection 4. Network Segmentation 5. Device Hardening 6. Monitoring & Update 16 8

9 Schneider Electric s Security Solution Information for Customers Web portal for guidance, vulnerabilities and information Secure products New products developed to Industrial security standards. Legacy products protected using pre configured security appliances. Secure Network Infrastructure. Security Certification Lab Secure reference architectures Secure PlantStruxure architectures validated by leading security experts. Assessment and Design Services Assessment Service allowing security to be applied where it is needed most. Design Service customizing the secure PlantStruxure architecture creating a unique solution for each customer. Monitoring Services Tools and services to continually monitor a plant configuration and operation to ensure security and production is maintained. 17 Cyber Security Web Presence White Papers Product Vulnerability data Vulnerability list for all products Mitigation recommendations Patches and Firmware updates Secure Vulnerability reporting Cyber Security news stories Product releases and updates Industry News RSS feed for vulnerability and news 18 9

10 Secure Products New products developed to Industry security standards Achilles certified for robustness, ISA Secure certified for complete security. Legacy Products Protected using industry leading Connexium Tofino application firewalls. Low cost, Industrially rated. Deep packet inspection for read only access or fixed variable access Secure Network Infrastructure Connexium range of secure network infrastructure products. Includes Schneider Connexium Eagle and Tofino firewalls. Security certification Center 19 Secure Reference Architectures How can I Reduce Vulnerability to Cyber Attacks. Guidelines on Industrial Control System Security. Risk Assessment, Security Planning, Recommended Architectures, Methods of Attack. Secure PlantStruxure architectures incorporating key security features Network Separation and server locations Perimeter Protections product and settings Network Segmentation and security zones recommendations with data flows identified. Device Hardening and Monitoring recommendations for PlantStruxure devices

11 Design and Assessment Service Identify vulnerabilities in a customers system Quantify the risks to the system based on threats and identified vulnerabilities Make recommendations on Architecture Product hardening Training Processes Partnership with Wurldtech and SiS Leaders in security assessments Strong player in security standards 21 Monitor, Manage, Protect Monitoring and Management of Control System Devices, Protocols, Communications, User Accounts, Product/Firmware Versions, Device Settings. Host Intrusion Detection Network Intrusion Detection Protection of Control System Boundary and Security Zone Firewalls Application White listing Compliance audit and change management Partnership with Industrial Defender Number 1 in Smart Grid security (Pike Research) Hardware and service offer 22 11

12 Summary Cyber Security is becoming critical for control systems. IT-based lessons, methods, and tools apply with adaptation. A Defense-in-Depth approach is the best approach: Mitigates risk. Improves system reliability. Schneider Electric offers Information Assessment and Design Services Secure Products Recommended Architectures Monitor, Manage and Protect Services 23 Schneider Electric PlantStruxure NOW! PRESENTER & SESSION NOW! 24 12

IC32E - Pre-Instructional Survey

IC32E - Pre-Instructional Survey Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into

More information

Are Your People and Systems Protected?

Are Your People and Systems Protected? Are Your People and Systems Protected? Four Types of Threats Intruder Cyber Weather Electrical 2 Intruder Threats Two Sources Animals Individuals Malicious Intent Non-Malicious Intent 3 Emerging Standards

More information

ANATOMY OF AN ATTACK!

ANATOMY OF AN ATTACK! ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable

More information

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen - Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security

More information

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance HAKIM- Sales Engineer 1 Cybersecurity of valuable assets and processes in a wide range of industry verticals, such as: Oil & Gas

More information

HikCentral V1.3 for Windows Hardening Guide

HikCentral V1.3 for Windows Hardening Guide HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote

More information

Expanding Cyber Security Management for Critical Infrastructure

Expanding Cyber Security Management for Critical Infrastructure Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands

More information

Cybersecurity. Good Practices Guide. HA Issue 1 July 2017

Cybersecurity. Good Practices Guide. HA Issue 1 July 2017 Cybersecurity Good Practices Guide HA032968 Issue 1 July 2017 2017 All rights are strictly reserved. No part of this document may be reproduced, modified, or transmitted in any form by any means, nor may

More information

HikCentral V.1.1.x for Windows Hardening Guide

HikCentral V.1.1.x for Windows Hardening Guide HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote

More information

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

How Can I Reduce Vulnerability to Cyber Attacks? V2.2

How Can I Reduce Vulnerability to Cyber Attacks? V2.2 How Can I Reduce Vulnerability to Cyber Attacks? V2.2 System Technical Note Cybersecurity Recommendations Design your architecture Important Information Notice People responsible for the application, implementation

More information

Education Network Security

Education Network Security Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

LESSONS LEARNED IN SMART GRID CYBER SECURITY

LESSONS LEARNED IN SMART GRID CYBER SECURITY LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com

More information

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP

More information

Industrial Security Getting Started

Industrial Security Getting Started Industrial Security Getting Started Unrestricted Siemens A/S siemens.com/industrial-security Agenda 09:00 - Getting started. The Framework 10:00 - Coffee break 10:15 - Patch Management, Asset and Network

More information

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government

More information

T22 - Industrial Control System Security

T22 - Industrial Control System Security T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial

More information

Digital Wind Cyber Security from GE Renewable Energy

Digital Wind Cyber Security from GE Renewable Energy Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well

More information

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client

More information

Protecting productivity with Industrial Security Services

Protecting productivity with Industrial Security Services Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices

More information

Best Practices in ICS Security for System Operators

Best Practices in ICS Security for System Operators Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted

More information

Cyber security for digital substations. IEC Europe Conference 2017

Cyber security for digital substations. IEC Europe Conference 2017 Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:

More information

Continuous protection to reduce risk and maintain production availability

Continuous protection to reduce risk and maintain production availability Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading

More information

Just How Vulnerable is Your Safety System?

Just How Vulnerable is Your Safety System? Theme 3: Cyber Security Just How Vulnerable is Your Safety System? Colin Easton MSc, CEng, FInstMC, MIET, ISA Senior Member TUV Rhienland FS Senior Expert PHRA & SIS 6 th July 2017 1 Safety System Security

More information

10 FOCUS AREAS FOR BREACH PREVENTION

10 FOCUS AREAS FOR BREACH PREVENTION 10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual

More information

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber

More information

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants

More information

Cyber security - why and how

Cyber security - why and how Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC

More information

SANS SCADA and Process Control Europe Rome 2011

SANS SCADA and Process Control Europe Rome 2011 SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity

More information

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control

More information

Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017

Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017 Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017 Unrestricted Siemens 2017 usa.siemens.com/mia Table of contents Industrial

More information

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person) Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,

More information

Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group

Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group Submitted on behalf of the U.S. Department of Energy National

More information

Information Security Controls Policy

Information Security Controls Policy Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January

More information

Industrial Defender ASM. for Automation Systems Management

Industrial Defender ASM. for Automation Systems Management Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping

More information

K12 Cybersecurity Roadmap

K12 Cybersecurity Roadmap K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the

More information

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.

More information

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements

More information

IEC A cybersecurity standard approaching the Rail IoT

IEC A cybersecurity standard approaching the Rail IoT IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)

More information

Cyber Security Solutions for Industrial Controls

Cyber Security Solutions for Industrial Controls Cyber Security Solutions for Industrial Controls bhge.com OVERVIEW In a complex world of ever-changing technologies, Baker Hughes, a GE company realizes the importance of having an experienced partner

More information

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1. Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change

More information

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being

More information

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

The SANS Institute Top 20 Critical Security Controls. Compliance Guide The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise

More information

Total Security Management PCI DSS Compliance Guide

Total Security Management PCI DSS Compliance Guide Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to

More information

Plant Security Services Protecting productivity in the digital era October

Plant Security Services Protecting productivity in the digital era October Plant Security Services Protecting productivity in the digital era October2017 Restricted www.siemens.com/plant-security-services Internet of (hacked) Things Page 2 Use case - No OT cybersecurity company

More information

IE156: ICS410: ICS/SCADA Security Essentials

IE156: ICS410: ICS/SCADA Security Essentials IE156: ICS410: ICS/SCADA Security Essentials IE156 Rev.001 CMCT COURSE OUTLINE Page 1 of 6 Training Description: In this five-day intensive training, participants will develop and reinforce a common language

More information

Beyond the F.U.D. How to start securing your DCS network today.

Beyond the F.U.D. How to start securing your DCS network today. Beyond the F.U.D. (Fear, Uncertainty, and Doubt) Process Systems How to start securing your DCS network today. Securing Your Process Control Network You work in the Process Control industry, so I m sure

More information

Secure Industrial Automation Remote Access Connectivity. Using ewon and Talk2M Pro solutions

Secure Industrial Automation Remote Access Connectivity. Using ewon and Talk2M Pro solutions ewon Security Paper Secure Industrial Automation Remote Access Connectivity Using ewon and Talk2M Pro solutions www.ewon.us Last Modified: January 13, 2015 Overview ewon is a global provider of secure

More information

Firewalls (IDS and IPS) MIS 5214 Week 6

Firewalls (IDS and IPS) MIS 5214 Week 6 Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part

More information

Security Standards for Electric Market Participants

Security Standards for Electric Market Participants Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system

More information

You knew the job was dangerous when you took it! Defending against CS malware

You knew the job was dangerous when you took it! Defending against CS malware You knew the job was dangerous when you took it! Defending against CS malware Presented By: Doug Cavit Microsoft Where PI geeks meet 9/23/2010 NERC HILF 6/10 Adequately addressing vulnerabilities will

More information

WHITE PAPER. Vericlave The Kemuri Water Company Hack

WHITE PAPER. Vericlave The Kemuri Water Company Hack WHITE PAPER Vericlave The Kemuri Water Company Hack INTRODUCTION This case study analyzes the findings of Verizon Security Solutions security assessment of the Kemuri Water Company security breach. The

More information

CISNTWK-440. Chapter 5 Network Defenses

CISNTWK-440. Chapter 5 Network Defenses CISNTWK-440 Intro to Network Security Chapter 5 Network Defenses 1 Objectives Explain how to enhance security through network design Define network address translation and network access control List the

More information

SECURITY PRACTICES OVERVIEW

SECURITY PRACTICES OVERVIEW SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim

More information

Securing Access to Network Devices

Securing Access to Network Devices Securing Access to Network s Data Track Technology October, 2003 A corporate information security strategy will not be effective unless IT administrative services are protected through processes that safeguard

More information

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified TestOut Network Pro - English 4.1.x COURSE OUTLINE Modified 2017-07-06 TestOut Network Pro Outline - English 4.1.x Videos: 141 (18:42:14) Demonstrations: 81 (10:38:59) Simulations: 92 Fact Sheets: 145

More information

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would

More information

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies

More information

Secure Access & SWIFT Customer Security Controls Framework

Secure Access & SWIFT Customer Security Controls Framework Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted

More information

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:

More information

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical

More information

QuickBooks Online Security White Paper July 2017

QuickBooks Online Security White Paper July 2017 QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a

More information

Fortinet Recommended Security Best Practices. V1.2 February

Fortinet Recommended Security Best Practices. V1.2 February Fortinet Recommended Security Best Practices V1.2 February 2018 1 Table of Contents 1. What is the Security Fabric 3 2. What is the Security Rating Feature? 3 3. Why would I use this Feature? 3 3.1 Security

More information

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting

More information

Submitted on behalf of the DOE National SCADA Test Bed. Jeff Dagle, PE Pacific Northwest National Laboratory (509)

Submitted on behalf of the DOE National SCADA Test Bed. Jeff Dagle, PE Pacific Northwest National Laboratory (509) Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group (CSSWG) Submitted on behalf of the DOE National SCADA Test

More information

Security Issues and Best Practices for Water Facilities

Security Issues and Best Practices for Water Facilities Security Issues and Best Practices for Water Facilities Standards Certification Jeff Hayes Business Development Manager Beijer Electronics Education & Training Publishing Conferences & Exhibits 2013 ISA

More information

Security Solutions. Overview. Business Needs

Security Solutions. Overview. Business Needs Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.

More information

Interactive Remote Access FERC Remote Access Study Compliance Workshop October 27, Eric Weston Compliance Auditor Cyber Security.

Interactive Remote Access FERC Remote Access Study Compliance Workshop October 27, Eric Weston Compliance Auditor Cyber Security. Interactive Remote Access Compliance Workshop October 27, 2016 Eric Weston Compliance Auditor Cyber Security 2 Agenda Interactive Remote Access Overview Review of Use Cases and Strategy 1 Interactive Remote

More information

Operational Guidelines for Industrial Security

Operational Guidelines for Industrial Security Operational Guidelines for Industrial Security Proposals and recommendations for technical and organizational measures for secure operation of plant and machinery Version 1.1 Operational Guidelines for

More information

NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes

NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright 2012 2011 by Waterfall

More information

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported

More information

Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls

Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September 2017 CYBER SECURITY PROGRAM: Policies to Controls Can You Answer These Questions? 1 What s my company s exposure to the latest industrial

More information

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights IBM Secure Proxy Advanced edge security for your multienterprise data exchanges Highlights Enables trusted businessto-business transactions and data exchange Protects your brand reputation by reducing

More information

Google Cloud Platform: Customer Responsibility Matrix. December 2018

Google Cloud Platform: Customer Responsibility Matrix. December 2018 Google Cloud Platform: Customer Responsibility Matrix December 2018 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect

More information

NETWORK THREATS DEMAN

NETWORK THREATS DEMAN SELF-DEFENDING NETWORK NETWORK THREATS DEMAN NEW SECURITY: STRATEGIES TECHNOLOGIES Self-Propagating Threats A combination of: self propagating threats Collaborative applications Interconnected environments

More information

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business

More information

Google Cloud Platform: Customer Responsibility Matrix. April 2017

Google Cloud Platform: Customer Responsibility Matrix. April 2017 Google Cloud Platform: Customer Responsibility Matrix April 2017 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect Cardholder

More information

NEN The Education Network

NEN The Education Network NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected

More information

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits

More information

Cybersecurity Training

Cybersecurity Training Standards Certification Education & Training Publishing Conferences & Exhibits Cybersecurity Training Safeguarding industrial automation and control systems www.isa.org/cybetrn Expert-led training with

More information

Security analysis and assessment of threats in European signalling systems?

Security analysis and assessment of threats in European signalling systems? Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide

More information

Using ANSI/ISA-99 Standards to Improve Control System Security

Using ANSI/ISA-99 Standards to Improve Control System Security Tofino Security White Paper Version 1.1 Published May 2012 Using ANSI/ISA-99 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. Why the Push for Productivity has degraded

More information

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich RIPE RIPE-17 Table of Contents The Langner Group Washington Hamburg Munich RIPE Operations Technology Management Plan (MP-17) 0.1 Purpose... 4 0.2 Process Overview... 4 0.3 Implementation Scope... 5 0.4

More information

i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS

i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS siemens.com/ruggedcom INTERACTIVE REMOTE ACCESS INTELLIGENT ELECTRONIC DEVICES Intelligent Electronic Devices (IEDs) Devices that can provide real-time

More information

Who Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom

Who Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication

More information

Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk

Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry

More information

EVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM. Wurldtech Security Technologies

EVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM. Wurldtech Security Technologies EVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM Wurldtech Security Technologies Objectives Discuss how to: Evaluation of effectiveness

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

WHITE PAPER. PCI and PA DSS Compliance with LogRhythm

WHITE PAPER. PCI and PA DSS Compliance with LogRhythm PCI and PA DSS Compliance with LogRhythm April 2011 PCI and PA DSS Compliance Assurance with LogRhythm The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance

More information

Defense in Depth Security in the Enterprise

Defense in Depth Security in the Enterprise Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection

More information

Cloud Computing Lectures. Cloud Security

Cloud Computing Lectures. Cloud Security Cloud Computing Lectures Cloud Security 1/17/2012 Why security is important for cloud computing? Multi Tenancy, that is same infrastructure, platform, Service is shared among vendors. It is accessed over

More information

5. Execute the attack and obtain unauthorized access to the system.

5. Execute the attack and obtain unauthorized access to the system. Describe how a combination of preventive, detective, and corrective controls can be employed to provide reasonable assurance about information security. Before discussing the preventive, detective, and

More information

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the

More information

Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment

Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment S&L Logo Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment Date: October 24, 2017 Authors/Presenters: J. Matt Cole, PE

More information

How can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits

How can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits How can I use ISA/IEC- 62443 (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits What is ISA 62443? A series of ISA standards that addresses

More information

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Transforming Security from Defense in Depth to Comprehensive Security Assurance Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new

More information

Addressing Cyber Threats in Power Generation and Distribution

Addressing Cyber Threats in Power Generation and Distribution Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems

More information