PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
|
|
- Ambrose Barker
- 6 years ago
- Views:
Transcription
1 PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1
2 Industrial Control Systems (ICS)/SCADA are All Around Us Water & Sewage Electricity Transportation Critical manufacturing Industrial Automation Oil & Gas and we rely on it every day for our basic functions and needs. [Restricted] ONLY for designated groups and individuals 2
3 Critical Infrastructure and ICS are under constant attack 2016 RANSOMWARE LOCKS TICKET MACHINES OF SAN FRANCISCO S MUNI TRANSIT [Internal Use] for Check Point employees 3
4 Most recent news July 18 th, 2017 The UK energy sector is likely to have been targeted and probably compromised by nation-state hackers, according to a memo from Britain s National Cybersecurity Centre (by NCSC, a subsidiary of GCHQ) July 15 th, 2017 Senior engineers at Ireland s Electricity Supply Board (ESB) were targeted last month by a group understood to have ties to the Kremlin s GRU intelligence agency (The Sunday Times) July 16 th, 2017 Energy sector hacking campaign targeted more than 15 U.S. firms (Cyberscoop) 2016 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals 4
5 Market Trends US - NERC-CIP, NIST Cyber Security Framework Regulation European Union - Directive on security of network and information systems (NIS Directive July-2016), local initiatives, etc. Applicable Utilities (Electric, Water & Sewage) Critical Manufacturing Initial phase in APAC Smart Grid IoT and Smart Cities Growing Awareness Distribution Automation Smart Metering Globally Recent attacks [Internal Use] for Check Point employees 5
6 ICS-CERT Report: United States Critical Infrastructure Increasingly Targeted The Most Targeted Sectors Integrated Threat Prevention Manufacturing, then Energy Most Common Method of Attack Spear Phishing Boundary Protection Boundary Protection was the single most common ICS weakness discovered during assessments. Effective Boundary Protection is a pillar of the cybersecurity Defensein-Depth concept. ICS-CERT: These attacks were enabled by insufficiently architected ICS networks [Internal Use] for Check Point employees 6
7 Best Practices for Securing OT Secure Both OT and IT Environments Protect IT with Advanced Threat Prevention Technologies Clear Segmentation between OT and IT/Internet Deploy Specialized ICS/SCADA Security Technologies [Internal Use] for Check Point employees 7
8 Security Solutions for Industrial Control Systems/SCADA/IoT Visibility Granular Control of ICS/SCADA Traffic Virtual patching Stops exploits of known vulnerabilities Ruggedized Appliances for Harsh Environments Unified IT and OT Management Deep SCADA Protocol Inspection IPS/IDS 1200R Customized Visibility > 25 Protocols > 900 Commands > Values, Registers > 300 dedicated signatures Unified Policy Integration with SIEM systems [Internal Use] for Check Point employees 8
9 Multi-site customers: Electricity, Wind, O&G, Water 9
10 Manufacturing Factory Micro Segmentation in OT Management Facility Main Control Center SCADA Historian SmartEvent Control & monitor SCADA VPN Control Monitor PLC1 PLC2 PLC3 PLC4 Shop Floor / Substation Shop Floor / Substation 10
11 Manufacturing Factory Full IT/OT Convergence [Restricted] ONLY for designated groups and individuals 11
12 CrashOverride/Industroyer New ICS attack platform to Electric Grid Operations CrashOverride (called Industroyer as well) malware was the malware employed in the December 17th, 2016 cyberattack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact. (As reported by ESET and Dragos) ICS-CERT reported on June 14, The tactics, techniques, and procedures (TTPs) described as part of the CrashOverride malware could be modified to target U.S. critical information networks and systems. CrashOverride malware is an extensible platform that could be used to target critical infrastructure sectors, specifically using IEC104 and IEC61850 protocols. The malware issues valid commands directly to RTU s. Using Check Point protocols visibility and baselining would detect and alert on None-Baseline protocols and commands Could exploit Siemens SIPROTEC relay denial-of-service (DoS) vulnerability, leading to a shutdown of the relay. Using CVE to Hamper Protective Relays Check Point published on June 20 th an IPS signature for virtual patching protection of the DoS vulnerability [Restricted] ONLY for designated groups and individuals 12
13 Industrial Security Process Independently log all SCADA activity: Protocols, Commands, Values Define Baseline Set Rules based on Known / Unknown / Not Allowed Identify Deviations and Attacks Based on the defined rules, time of day, attack patterns Alert / Prevent Based on topology In-line or Tap and configuration [Internal Use] for Check Point employees 13
14 Thank you.. Any Question? [Internal Use] for Check Point employees 14
15 THANK YOU [Internal Use] for Check Point employees 15
Cyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationMethods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment
S&L Logo Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment Date: October 24, 2017 Authors/Presenters: J. Matt Cole, PE
More informationNAVIGATING THE WATERS OF THE NEW EU NIS 2016/1148 CYBERSECURITY DIRECTIVE FOR ESSENTIAL SERVICE OPERATORS WHITE PAPER
NAVIGATING THE WATERS OF THE NEW EU NIS 2016/1148 CYBERSECURITY DIRECTIVE FOR ESSENTIAL SERVICE OPERATORS WHITE PAPER MAY 2018 2018 Radiflow, Ltd. All Rights reserved. The information in this document
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationProtecting Control Systems from Cyber Attack: A Primer on How to Safeguard Your Utility May 15, 2012
Protecting Control Systems from Cyber Attack: A Primer on How to Safeguard Your Utility May 15, 2012 Paul Kalv Electric Director, Chief Smart Grid Systems Architect, City of Leesburg Doug Westlund CEO,
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationMeasuring and Evaluating Cyber Risk in ICS Components, Products and Systems
Measuring and Evaluating Cyber Risk in ICS Components, Products and Systems Copyright 2018 UL LLC. All rights reserved. No portion of this material may be reprinted in any form without the express written
More informationWHITE PAPER. Vericlave The Kemuri Water Company Hack
WHITE PAPER Vericlave The Kemuri Water Company Hack INTRODUCTION This case study analyzes the findings of Verizon Security Solutions security assessment of the Kemuri Water Company security breach. The
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationMultistage Cyber-physical Attack and SCADA Intrusion Detection
Multistage Cyber-physical Attack and SCADA Intrusion Detection Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Belfast, 26 th August, 2016 Kieran McLaughlin, BooJoong
More informationSECURING THE SUPPLY CHAIN
SECURING THE SUPPLY CHAIN BY Jerome Farquharson, CISSP, Donald Dustin Williams, PE, AND Courtney Buser The advance of smart grids, smart devices and increasingly interconnected systems provides exceptional
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationSecuring the North American Electric Grid
SESSION ID: TECH-R02 Securing the North American Electric Grid Marcus H. Sachs, P.E. SVP and CSO North American Electric Reliability Corporation @MarcusSachs Critical Infrastructure s Common Denominator
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationIndustrial control system (ICS) security
Industrial control system (ICS) security Contents 1. Operations technology and ICS 2. Threat to ICS sector 3. Adapting standards 4. How PwC can help Operations technology and ICS Operations technology
More informationPREEMPTIVE PREventivE Methodology and Tools to protect utilities
PREEMPTIVE PREventivE Methodology and Tools to protect utilities 2014 2017 1 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 Preemptive goal The main goal of PREEMPTIVE
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationSecurity in grid control centers: Spectrum Power TM Cyber Security
Security in grid control centers: Spectrum Power TM Cyber Security Thomas Schmidt, Information Security Manager siemens.at/future-of-energy Spectrum Power TM 7 Historical Information System Table of content
More informationTHE CYBERX PLATFORM: PROTECT YOUR PEOPLE, PRODUCTION, AND PROFITS HIGHLIGHTS SOLUTION BRIEF
BATTLE-TESTED INDUSTRIAL CYBERSECURITY SOLUTION BRIEF THE CYBERX PLATFORM: PROTECT YOUR PEOPLE, PRODUCTION, AND PROFITS The Industrial Internet of Things (IIOT) is unlocking new levels of productivity,
More informationplaybook OpShield for NERC CIP 5 sales PlAy
playbook OpShield for NERC CIP 5 sales PlAy OpShield for NERC CIP 5 The Problem U.S. bulk power entities are federally mandated to comply with NERC CIP requirements that dictate industrial security and
More informationi-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS
i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS siemens.com/ruggedcom INTERACTIVE REMOTE ACCESS INTELLIGENT ELECTRONIC DEVICES Intelligent Electronic Devices (IEDs) Devices that can provide real-time
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationCybersecurity Vulnerabilities and Process Frameworks for Oil and Gas
Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Presentation to WVONGA Jack L. Shaffer, Jr. Business Transformation Director vcio/ vciso 2017 Cybersecurity in the news Ransomware Wanacry,
More informationCOLLABORATIVE SECURITY. Network Security Endpoint Security Data Security
COLLABORATIVE SECURITY Network Security Endpoint Security Data Security 40+ countries 35% industrial ac4vi4es 20+ Years of Experience 15 000+ customers 900+ partners Key Customers A Global Solution for
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationCybersecurity for the Electric Grid
Cybersecurity for the Electric Grid Electric System Regulation, CIP and the Evolution of Transition to a Secure State A presentation for the National Association of Regulatory Utility Commissioners March
More informationIndegy. Industrial Cyber Security. ISA New Orleans Section. Applying the NIST Framework February 6, 2018
Indegy Industrial Cyber Security ISA New Orleans Section Applying the NIST Framework February 6, 2018 Agenda 1. Introductions 2. Indegy Background 3. NIST Background and History with ICS 4. What is the
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationInsider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey
Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey CyberMaryland Conference 2017 Bob Andersen, Sr. Manager Federal Sales Engineering robert.andersen@solarwinds.com
More informationIntroduction to ICS Security
Introduction to ICS Security Design. Build. Protect. Presented by Jack D. Oden, June 1, 2018 ISSA Mid-Atlantic Information Security Conference, Rockville, MD Copyright 2018 Parsons Federal 2018 Critical
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationRUAG Cyber Security Training Range & Attack Simulation. Peter Hladký Senior Cyber Security Specialist RUAG Defence
RUAG Cyber Security Training Range & Attack Simulation Peter Hladký Senior Cyber Security Specialist RUAG Defence What is the current state of affairs? (In Cyber Security) 2 RUAG Defence 02.12.2016 Recent
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationTOWARDS CYBER SECURED SCADA SYSTEMS
16 th International Conference on Clean Energy (ICCE-2018) 9-11 May 2018, Famagusta, N. Cyprus TOWARDS CYBER SECURED SCADA SYSTEMS Hasan Dag 1, Alen Bohcelyan 2, Isil Yenidogan 1 1 Kadir Has University,
More informationSecuring IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems
Securing IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems Eroshan Weerathunga, Anca Cioraca, Mark Adamiak GE Grid Solutions MIPSYCON 2017 Introduction Threat
More informationSecurity Standardization and Regulation An Industry Perspective
Security Standardization and Regulation An Industry Perspective Dr. Ralf Rammig Siemens AG Megatrends Challenges that are transforming our world Digitalization In the future, we ll be living in a world
More informationBuilding a resilient ICS
Building a resilient ICS By Dr Jules Pagna Disso, @julesdisso Building a resilient Industrial Control System (ICS) 1: From ICS to Critical National Infrastructure 2: Thenatureof the problem 3: Building
More informationICS Security Monitoring
ICS Security Monitoring INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL OIL, GAS & CHEMICALS Moses Schwartz Security Engineer Computer Incident Response Team Bechtel Corporation State
More information2011 North American SCADA & Process Control Summit March 1, 2011 Orlando, Fl
Beyond Compliance Greg Goodrich Supervisor, Enterprise Security New York Independent System Operator 2011 North American SCADA & Process Control Summit March 1, 2011 Orlando, Fl Roles of the NYISO Reliable
More informationIntroducing Cyber Observer
"Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationPROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY OUR MISSION Make the digital world a sustainable and trustworthy environment
More informationFirewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
More informationWEI Conference SDG&E TCRI Project April 25, 2018 Mark Fowler, CISSP
WEI Conference SDG&E TCRI Project April 25, 2018 Mark Fowler, CISSP San Diego Gas & Electric Subsidiary of Sempra Energy 4100 Full-Time Employees Regulated public utility Providing clean, safe & reliable
More informationNew Zealand National Cyber Security Centre Incident Summary
New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly
More informationCybersecurity and Communications Based Train Control
Cybersecurity and Communications Based Train Control RAHEEL QURESHI CYBERSECURITY AUTHORITY URBAN RAIL SIGNALLING (URS) 2016 Thales Canada, Transportation Solutions. All rights reserved. Passing on or
More informationMarch 6, Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices
March 6, 2019 Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices On July 21, 2016, the Federal Energy Regulatory Commission (FERC) directed the North American Electric Reliability
More informationCyber Risk in the Marine Transportation System
Cyber Risk in the Marine Transportation System Cubic Global Defense MAR'01 1 Cubic.com/Global-Defense/National-Security 1 Cubic Global Defense Global Security Team Capabilities Program Management Integration
More informationPassive Real-time Asset Inventory Tracking and Security Monitoring of Grid-edge Devices
Passive Real-time Asset Inventory Tracking and Security Monitoring of Grid-edge Devices Nathan Wallace Cybirical LLC Mandeville, LA, USA nwallace@cybirical.com Brian Proctor SecurityMatters San Diego,
More informationto protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
Executive Summary As a County Government servicing about 1.5 million citizens, we have the utmost responsibility to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
More informationThink Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe
Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity
More informationSecure Development Lifecycle
Secure Development Lifecycle Strengthening Cisco Products The Cisco Secure Development Lifecycle (SDL) is a repeatable and measurable process designed to increase Cisco product resiliency and trustworthiness.
More informationhidden vulnerabilities
hidden vulnerabilities industrial networks in 30 minutes Cyber Security introduction Frank Kemeling Certified Ethical Hacker [CEH] EC-Council Certified Security Analyst [ESCA] Licensed Penetration Tester
More informationThe Importance of Cybersecurity Threat Detection for Utilities
The Importance of Cybersecurity Threat Detection for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationDetection and Analysis of Threats to the Energy Sector (DATES)
Detection and Analysis of Threats to the Energy Sector (DATES) Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein
More informationWhere to Start in Cyber Security
Where to Start in Cyber Security A guide for how to plan, implement and maintain an effective cyber security program for energy industries. Contents 01 Today s threat and vulnerability landscape 03 Where
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationSCADA and Smart Grid Security Tests
SCADA and Smart Grid Security Tests Document number EPCIP: EU Program for Protecting Critical Infrastructures The EU Context Summarized 3 Strategy The general objective of EPCIP (European Programme for
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationManufacturing security: Bridging the gap between IT and OT
Manufacturing security: Bridging the gap between IT and OT For manufacturers, every new connection point is an opportunity. And a risk. The state of IT/OT security in manufacturing On the plant floor,
More informationKaspersky Industrial CyberSecurity. Cybersecurity for Electric Power Infrastructure. #truecybersecurity
Kaspersky Industrial CyberSecurity Cybersecurity for Electric Power Infrastructure www.kaspersky.com/ics #truecybersecurity Contents Introduction 1 Vulnerability of Electric Power Facility Pacs When Faced
More informationVulnerability Disclosure
Vulnerability Disclosure Rita Wells National SCADA Test Bed DoE-OE September 09, 2008 Department of Energy-Office of Electricity Delivery and Energy Reliability: National SCADA Test Bed Program Mission
More informationCyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationEnd-to-End Trust, Segmentation and Segregation in the IIoT
End-to-End Trust, Segmentation and Segregation in the IIoT www.blackridge.us Michael Murray - SVP & GM Cyber Physical Systems www.blackridge.us Company Origin BlackRidge technology originated from a Department
More informationThe SCADA That Didn t Cry Wolf- Who s Really Attacking Your ICS Devices- Part Deux!
The SCADA That Didn t Cry Wolf- Who s Really Attacking Your ICS Devices- Part Deux! #whoami Threat Researcher at Trend Micro- research and blogger on criminal underground, persistent threats, and vulnerabilities.
More informationProtecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities
Cybersecurity Basics For Energy Managers Protecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities Michael Mylrea Manager, Cybersecurity & Energy Technology Pacific
More informationSecurity in a Converging IT/OT World
Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,
More informationComprehensive Cyber Security Features in SIPROTEC & SICAM. SIPROTEC Dag 11. Mei 2017
Comprehensive Cyber Security Features in SIPROTEC & SICAM SIPROTEC Dag 11. Mei 2017 siemens.tld/keyword Changes to Substation Automation and Protection over Time Evolving Threat Landscape (tomorrow today...)
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationWho Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom
WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication
More informationVerizon Software Defined Perimeter (SDP).
Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationConnect Securely in an Unsecure World. Jon Clay Director: Global Threat
Connect Securely in an Unsecure World Jon Clay Director: Global Threat Communications @jonlclay www.cloudsec.com More devices More data More risks Global Risks Landscape 2018 Source: http://www3.weforum.org/docs/wef_grr18_report.pdf
More informationThe Claroty Difference
Solution Brief Bringing Clarity To OT Network Claroty enables customers to secure and optimize the industrial control networks that run the world s most critical infrastructure. The company s enterprise-class
More informationIndustrial Control Systems Providing Advanced Threat Detection
Industrial Control Systems Providing Advanced Threat Detection Gene Stevens, Co-Founder & CTO, ProtectWise Richard Welch, Senior Software Engineer, ProtectWise November 2016 2 AGENDA Introduction Intro
More informationTechnical Reference [Draft] DRAFT CIP Cyber Security - Supply Chain Management November 2, 2016
For Discussion Purposes Only Technical Reference [Draft] DRAFT CIP-013-1 Cyber Security - Supply Chain Management November 2, 2016 Background On July 21, 2016, the Federal Energy Regulatory Commission
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationTrend Micro Cybersecurity Reference Architecture for Operational Technology
Trend Micro Cybersecurity Reference Architecture for Operational Technology Richard Ku - Senior VP Commercial IoT Business & Market Development William Kam - Technical Marketing Manager - IoT 2017 November
More informationBrussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security
Cyber Resiliency Minimizing the impact of breaches on business continuity Jean-Michel Lamby Associate Partner - IBM Security Brussels Think Brussels / Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation
More informationUnderstanding Holistic Effects of Cyber Events on Critical Infrastructure
Understanding Holistic Effects of Cyber Events on Critical Infrastructure Shane Cherry Infrastructure Analysis and Technology Development National and Homeland Security Directorate March 20, 2018 INL/CON-17-42513
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationCyber and Physical Security: Lessons Learned From the Electric Industry. Joel dejesus Dinsmore & Shohl LLP Washington, DC
Cyber and Physical Security: Lessons Learned From the Electric Industry Joel dejesus Dinsmore & Shohl LLP Washington, DC joel.dejesus@dinsmore.com For the Energy and Mineral Law Foundation, Kentucky Mineral
More information