Securing strategic advantage
|
|
- Adele Franklin
- 5 years ago
- Views:
Transcription
1 Securing strategic advantage Protecting industrial control systems Cyber Supplier to UK Government Plan Design Enable
2 In delivering our vision to be the best infrastructure company in the world, we pride ourselves on leading global protection of critical assets and businesses. This encompasses physical and information assets, particularly those involved in the control of industrial processes. 2
3 Identity assurance We have experience of delivering identity assurance solutions in a number of environments covering commercial, military and civil aviation sites and premises. Behavioural We help customers understand the importance of creating a positive culture within an organisation where management and staff contribute effortlessly towards shared protective security objectives. Business Continuity Atkins services are designed to put in place clear planned responses to business continuity challenges. Bringing it all together Atkins Holistic Security approach Industrial control systems For industrial control systems, availability and reliability are the key priorities, in contrast with IT in general, where the overriding concern is confidentiality. Physical Covering all aspects of physical security across commercial infrastructure, transport systems, military facilities and airport security services. Cyber Our impact focused, risk based approach builds the appropriate cyber security controls into the fabric of organisations. We ensure you can deter, defend and detect the inevitable attempts to compromise your operation. Securing strategic advantage 3
4 Atkins Holistic Security Proposition Physical, cyber and personnel security generally remain separate in many organisations. Our holistic security offering enables you to get a better understanding of overall organisational security risks by applying converged governance and risk management across all assets. In combination with our programme and security risk management expertise, this approach ensures better protection for assets, staff and information; your critical business enablers. 4
5 Industrial and Process Control Cyber Security Business processes relying upon industrial control systems are required to have high operational demands. System and data integrity are essential to satisfactory operation, with the absolute necessity to operate in real time. Availability or reliability of plant systems is the foremost priority, in contrast with IT in general, where the prime concern is confidentiality, the intellectual property of the process, recipe, product or the automation software. Understanding security risks to organisations and assessing the critical operations Develop a holistic security strategy to address challenges across the organisation, whether technical, procedural, or personnel based Establish resilience through realising cyber security events are inevitable. Appropriate planning and incident response will minimise impacts and enable a rapid return to business as usual. Assess and evaluate Operate Enterprise Situational Awareness Programme management Design Assurance and governance Education and training Test and commission Build 5
6 The scale of the challenge A number of publications, both in the UK and internationally, have underlined the importance of protecting critical national infrastructure and the scale of the challenge in doing so. The UK Parliamentary Office for Science and Technology (POST), a body that provides independent analysis of policy issues with a science and technology basis, published a briefing entitled Cyber Security in the UK (1). The briefing highlighted recent events in cyber security and discussed the potential for large-scale attacks on national infrastructure, emerging issues related to this, as well as the implementation of cyber security. Topics included the responsibility for UK cyber security, the types of attacks, industrial control systems and the need to improve resilience, security and knowledge in both industry and Government. Governance Compliance Cyber and information security Risk management Assurance Architecture 6
7 This was followed by the UK Government s Cyber Security Strategy (2), which outlines a programme of activity to work closely with companies responsible for critical national infrastructure systems. Moreover, it announces the Government s intention to work with a wider range of companies than those currently associated with national infrastructure; anywhere the threat to revenues and intellectual property is capable of causing significant economic damage is now firmly on the Government s radar. Furthermore data available from online media such as blogs, social networking sites and specialist publications could be used to mount a cyber attack on UK infrastructure, according to the report commissioned by the Institution of Engineering and Technology(IET). Key information regarding vulnerabilities in company systems is now openly available from a range of sources on the internet, said the report, entitled Using Open Source Intelligence to Improve ICS & SCADA Security. This research, published at the IET s Cyber Security for Industrial Control Systems seminar in London, found many industrial sector websites and academic papers provide information which identifies CNI-related staff and their social media information. (3) Article: Cyber Security and Critical National Infrastructure. Dr Richard Piggin, Atkins 1. POSTnote 389, September UK Cyber Security Strategy, Cabinet Office, November IET ICS Cyber Security for IndustrialControl Systems event, February 2014 Understand business objectives Vulnerability assessment Analytical assessment Recommendations 7
8 Protecting Global Infrastructure Confidential Critical National Infrastructure Client Vulnerability Assessment Atkins undertook an open source vulnerability assessment of a UK Critical National Infrastructure company focused upon Industrial Control Systems (ICS) and SCADA. The aim was to understand ICS information available in the public domain which could be obtained by a potential adversary in order to enable an assessment of the potential threats and the implementation of appropriate mitigation measures to improve security and safety. An analytical investigation was undertaken using, mainstream media, blogs, social media, sector-specific journals, academic material, web 2.0 and industrial sector websites. Once specific information was known, an assessment of the likely threat was made and recommendations proposed to reduce the open source footprint and to take compensating measures. The assessment is divided into various categories, including mapping, social media, ICS, and outward facing IT architecture. Publicly available tools were used to demonstrate the identification of networked control systems, their vulnerabilities and the exploits that may be used to attack them. This highlighted the low technical knowledge required to successfully mount an attack against Industrial Control Systems. 8
9 Confidential Global Oil and Gas Client Developing a major programme to protect process control systems Atkins has been working with one of the world s largest energy sector clients to help them develop a single framework approach for development of cyber security architecture. The method of achieving this encompassed first understanding the organisational objectives of the client and using a business objective orientated approach to establish asset criticality. Having understood what was critical to delivering business objectives the framework could then be developed to allow the client to focus its security on those areas that were actually critical to delivering the business objectives. The resulting framework was then used to establish a comprehensive single programme of work to ensure that the organisation was truly secure and facilitated, rather than impeded, doing business successfully. Industrial and process control systems are inevitably a key part of the organisation s critical business processes and central to the programme of development work. 9
10 Atkins securing strategic advantage: Atkins has the experience and expertise to help its clients deliver strategic advantage through an holistic approach to security: Atkins has considerable experience of designing and implementing protective security regimes for physical and information assets. We have a depth of understanding of the approach to protecting clients assets including: networks information intellectual property critical infrastructure; and control systems. Accessing information, entertainment and services digitally is now part of daily life, both at home, at work, from schools through to hospitals, from fire brigades to airports, and from offices to the armed services. In delivering our vision to be the best infrastructure company in the world, we pride ourselves on leading global protection of critical assets and business. This encompasses physical and informational property, particularly those which control critical processes. Physical, cyber and personnel security generally remain separate in many organisations. Our holistic security offering enables you to get a better understanding of overall organisational security risks by applying converged governance and risk management across all assets. We deliver high quality security consultancy services to clients across a wide range of capabilities and sectors. Our consultants are ready to help. For information on how Atkins can help guide you through the challenges of delivering effective security in your organisation please contact us via 10 holistic@atkinsglobal.com
11 Our capability encompasses: Physical security Cyber Security Industrial and Process Control Cyber Security Behavioural security Identity Assurance Business Continuity We bring all these capabilities together in an innovative holistic security approach. Our sector coverage includes: Critical national infrastructure Public sector Oil and Gas Defence and Intelligence In combination with our programme and security risk management expertise, this approach ensures better protection for assets, staff and information; your critical business enablers. Atkins engineers work with clients ensuring their information communications systems add value to our clients security projects. 11
12 Cyber Supplier to UK Government Andrew Cooke Business Development Director Security Atkins 11th/12th Floors Eagle Tower Montpellier, Drive Cheltenham Gloucestershire, GL50 1TA England T: F: M: E: Ian Buffey Technical Director Security Atkins 11th/12th Floors Eagle Tower Montpellier, Drive Cheltenham Gloucestershire,GL50 1TA England M: F: E: Atkins Security Woodcote Grove Ashley Road Epsom Surrey KT18 5BW Atkins Limited except where stated otherwise. The Atkins logo, Carbon Critical Design and the strapline Plan Design Enable are trademarks of Atkins Limited.
Integrating Cyber Security and Safety Systems Engineering Disciplines with a common Code of Practice
Integrating Cyber Security and Safety Systems Engineering Disciplines with a common Code of Practice Dr Richard Piggin 16 November 2017 - Atkins Limited 1 Introduction Background Motivation Safety Engineering
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationSECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives
SECURING THE UK S DIGITAL PROSPERITY Enabling the joint delivery of the National Cyber Security Strategy's objectives 02 November 2016 2 SECURING THE UK S DIGITAL PROSPERITY SECURING THE UK S DIGITAL PROSPERITY
More informationDefence services. Independent systems and technology advice that delivers real value. Systems and Engineering Technology
Defence services Independent systems and technology advice that delivers real value Systems and Engineering Technology Frazer-Nash Consultancy Working in the UK and internationally, Frazer-Nash is making
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationPolicy. Business Resilience MB2010.P.119
MB.P.119 Business Resilience Policy This policy been prepared by the Bi-Cameral Business Risk and Resilience Group and endorsed by the Management Boards of both Houses. It is effective from December to
More informationCybersecurity. Securely enabling transformation and change
Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why
More informationFuture Resilience of the UK Electricity System Are we resilient to meet the needs of this rapidly changing world?
Future Resilience of the UK Electricity System Are we resilient to meet the needs of this rapidly changing world? 15th January 2019 Aim of this Energy Research Partnership Project Is to identify and assess
More informationPrinciples for a National Space Industry Policy
Principles for a National Space Industry Policy Commonwealth of Australia 2011 DIISR 11/144 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationCritical Infrastructure Security Vulnerability Assessment. A New Approach. Norman Bird - Senior Technical Lead - Nuclear Security
Critical Infrastructure Security Vulnerability Assessment A New Approach Norman Bird - Senior Technical Lead - Nuclear Security Critical Infrastructure Protection and Resilience Europe (CIPRE) Securing
More informationIndustrial control systems
Industrial control systems Attractive targets for cyber-attacks A five-point strategy for a secure environment The risk of a cyber-attack is real and continues to rise Cyber threats to industrial control
More informationProtecting information across government
Report by the Comptroller and Auditor General Cabinet Office Protecting information across government HC 625 SESSION 2016-17 14 SEPTEMBER 2016 4 Key facts Protecting information across government Key facts
More informationCyber Risk in the Marine Transportation System
Cyber Risk in the Marine Transportation System Cubic Global Defense MAR'01 1 Cubic.com/Global-Defense/National-Security 1 Cubic Global Defense Global Security Team Capabilities Program Management Integration
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationIncident Response. Tony Drewitt Head of Consultancy IT Governance Ltd
Incident Response Tony Drewitt Head of Consultancy IT Governance Ltd www.itgovernance.co.uk IT Governance Ltd: GRC One-Stop-Shop Thought Leaders Specialist publisher Implementation toolkits ATO Consultants
More informationCybersecurity, Trade, and Economic Development
Cybersecurity, Trade, and Economic Development G7 ICT Priorities: Technology, Innovation, and the Global Economy UNCTAD E-Commerce Week Danielle Kriz Senior Director, Global Policy Palo Alto Networks April
More informationCritical Infrastructure Protection & Resilience Europe / Asia. Conference Discussion Reviews
Critical Infrastructure Protection & Resilience Europe / Asia Conference Discussion Reviews Torch Marketing / KNM Media Delivering strategic routes to critical markets Why Critical Infrastructure Protection
More informationObjectives of the Security Policy Project for the University of Cyprus
Objectives of the Security Policy Project for the University of Cyprus 1. Introduction 1.1. Objective The University of Cyprus intends to upgrade its Internet/Intranet security architecture. The University
More informationISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF
SEPTEMBER 2017 ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF STATE OF ISRAEL PRIME MINISTER S OFFICE NATIONAL CYBER DIRECTORATE Vision and Objective 5 Development of Israel s national cyber security
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationSPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES
SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES Dear Executive, you requested more information, here are three quick questions Would you know if your company
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationRobert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group
Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group Presentation Objectives Introductions Cyber security context Cyber security in the maritime sector Developing cybersecurity
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationCIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS. Overview of CIP in Australia
CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS Overview of CIP in Australia Greg Scott Leader, Critical Infrastructure Project Risk & Impact Analysis Group Geoscience Australia Greg.Scott@ga.gov.au
More informationAndrew Durant/Ellen Sullivan
AGENDA ITEM: 3.5 INFORMATION MANAGEMENT, TECHNOLOGY AND GOVERNANCE COMMITTEE DATE OF MEETING: 2 OCTOBER 2018 Subject : Approved and Presented by: Prepared by: Other Committees and meetings considered at:
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationNew Zealand National Cyber Security Centre Incident Summary
New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly
More informationDIGITAL TRUST Making digital work by making digital secure
Making digital work by making digital secure MARKET DRIVERS AND CHALLENGES THE ROLE OF IT SECURITY IN THE DIGITAL AGE 2 In today s digital age we see the impact of poor security controls everywhere. Bots
More informationGuidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17
GUIDELINES ON SECURITY MEASURES FOR OPERATIONAL AND SECURITY RISKS UNDER EBA/GL/2017/17 12/01/2018 Guidelines on the security measures for operational and security risks of payment services under Directive
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationOUR VISION To be a global leader of computing research in identified areas that will bring positive impact to the lives of citizens and society.
Join the Innovation Qatar Computing Research Institute (QCRI) is a national research institute established in 2010 by Qatar Foundation for Education, Science and Community Development. As a primary constituent
More informationPREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.
PREPARE FOR TAKE OFF Accelerate your organisation s journey to the Cloud. cloud. Contents Introduction Program & Governance BJSS Cloud Readiness Assessment: Intro Platforms & Development BJSS Cloud Readiness
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationUnit 3 Cyber security
2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 3 - revised September 2016 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning
More informationForensics and Active Protection
Forensics and Active Protection Computer and Network Forensics Research Project 2003 Work Update Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Outline CNF Project Goal
More informationGDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ
GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation
More informationAn Introduction To Security Planning
An Introduction To Security Planning A strategic planning consultancy designed to enhance the management and operational delivery of protective security services within any business and organisation 1
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationCall for expression of interest in leadership roles for the Supergen Energy Networks Hub
Call for expression of interest in leadership roles for the Supergen Energy Networks Hub Call announced: 4 th September 2017 Deadline for applications: Midday 29 th September 2017 Provisional decision
More informationOffice of Infrastructure Protection Overview
Office of Infrastructure Protection Overview Harvey Perriott Protective Security Advisor North Texas District U.S. Department of Homeland Security Vision and Mission Vision A safe, secure, and resilient
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationNHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy
NHS Gloucestershire Clinical Commissioning Group 1 Document Control Title of Document Gloucestershire CCG Author A Ewens (Emergency Planning and Business Continuity Officer) Review Date February 2017 Classification
More informationConnecting you to the future. Telecommunications, Smart Systems & Industrial IoT, Security & Critical Infrastructure Protection, Outside Plant Design
Connecting you to the future Telecommunications, Smart Systems & Industrial IoT, Security & Critical Infrastructure Protection, Outside Plant Design 400+ Telecommunications Professionals World-class REPUTATION
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationour vision our mission BE A SOLUTION-DRIVEN ADVISOR WITH OUTSTANDING EXPERTISE. ALWAYS BE THE FIRST CHOICE FOR CLIENTS, PARTNERS AND EMPLOYEES.
RAIL our mission BE A SOLUTION-DRIVEN ADVISOR WITH OUTSTANDING EXPERTISE. our vision ALWAYS BE THE FIRST CHOICE FOR CLIENTS, PARTNERS AND EMPLOYEES. 01 WE ARE GLOBAL 34,000 500 40 02 WE ARE LOCAL 1,518
More informationElectrical Solutions in action
Electrical Solutions in action Taking the safe route Product series May 2018 The Power of Electrical Solutions Powering Resilience By ensuring all aspects of your electricity network run perfectly, you
More informationImproving the Resilience of Critical Infrastructure from Natural Hazards
Improving the Resilience of Critical Infrastructure from Natural Hazards David Murphy Assistant Director Natural Hazards Team Civil Contingencies Secretariat Outline Civil Contingencies Secretariat Vulnerability
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Security Assessment MAR'01 1 Lesson Topics ISPS Code Requirement The Assessment Process ISPS Code Requirements What is the purpose
More informationGENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION
GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION Hrvoje Sagrak 1 Introduction In an interconnected world that we live in, protection of our societies and values relies highly
More informationM&A Cyber Security Due Diligence
M&A Cyber Security Due Diligence Prepared by: Robert Horton, Ollie Whitehouse & Sherief Hammad Contents Page 1 Introduction 3 2 Technical due diligence goals 3 3 Enabling the business through cyber security
More informationPosition Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.
Position Description Engagement Manager Business unit: Position purpose: Direct reports: Directorate overview: Business Unit Overview Remuneration indicator: Outreach & Engagement Information Assurance
More informationSection One of the Order: The Cybersecurity of Federal Networks.
Summary and Analysis of the May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Introduction On May 11, 2017, President Donald
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593
COUNCIL OF THE EUROPEAN UNION Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593 LEGISLATIVE ACTS AND OTHER INSTRUMTS Subject : Council Resolution on a European approach towards a
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationNuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia
Nuclear power aspects ITU/ENISA Regional Conference on Cybersecurity, Sofia Guido Gluschke November 30, 2016 Technische Hochschule Brandenburg University of Applied Sciences 1 Introduction Guido Gluschke
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationTAN Jenny Partner PwC Singapore
1 Topic: Cybersecurity Risks An Essential Audit Consideration TAN Jenny Partner PwC Singapore PwC Singapore is honoured to be invited to contribute to the development of this guideline. Cybersecurity Risks
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationMax Security Solutions
Max Security Solutions Max Security Solutions Proactive Risk Management What we do Max Security provides comprehensive security and risk management solutions for the business sector, private clients and
More informationBuilding a resilient ICS
Building a resilient ICS By Dr Jules Pagna Disso, @julesdisso Building a resilient Industrial Control System (ICS) 1: From ICS to Critical National Infrastructure 2: Thenatureof the problem 3: Building
More informationICB Industry Consultation Body
ICB Industry Consultation Body POSITION PAPER Regulatory Response to ATM Cyber-Security Increasing reliance on inter-connected ATM systems, services and technologies increases the risk of cyber-attacks.
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationExpress Monitoring 2019
Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities
More informationThe University of Queensland
UQ Cyber Security Strategy 2017-2020 NAME: UQ Cyber Security Strategy DATE: 21/07/2017 RELEASE:0.2 Final AUTHOR: OWNER: CLIENT: Marc Blum Chief Information Officer Strategic Information Technology Council
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationManchester Metropolitan University Information Security Strategy
Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationSecure Societies Work Programme Call
Secure Societies Work Programme 2018-2020 2019 Call Andrea DE CANDIDO Deputy Head of Unit Innovation and Industry for Security European Commission andrea.de-candido@ec.europa.eu Outline 1. Policy context
More informationTransforming the utilities industry. How our insight and infrastructure can help you thrive in a changing world
Transforming the utilities industry How our insight and infrastructure can help you thrive in a changing world The utilities industry is changing You need to be leaner, greener and smarter. And we re here
More informationCritical Infrastructure Partnership
Critical Infrastructure Partnership Overview Chris Boyer AVP Global Public Policy December 11, 2017 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationRUAG Cyber Security Understand Cyber. Protect Values.
RUAG Cyber Security Understand Cyber. Protect Values. Your Cyber Security maturity depends on your awareness and the appropriate behaviour of every single user. RUAG Cyber Security empowers and efficiently
More informationHow a global industry player addresses the Cybersecurity challenges of Air Transport
How a global industry player addresses the Cybersecurity challenges of Air Transport ICAO Cyber Summit and Exhibition Making Sense of Cyber Dubai, United Arab Emirates 4 6 April 2017 thomas.hutin@thalesgroup.com
More informationIMPACT Global Response Centre. Technical Note GLOBAL RESPONSE CENTRE
Technical Note GLOBAL RESPONSE CENTRE INTRODUCTION IMPACT s Global Response (GRC) acts as the foremost cyber threat resource centre for the global. It provides emergency response to facilitate identification
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationTHE LINK BETWEEN ENTERPRISE RISK MANAGEMENT AND DISASTER MANAGEMENT
THE LINK BETWEEN ENTERPRISE RISK MANAGEMENT AND DISASTER MANAGEMENT International Recovery Forum 2014 ~ The Role of Private Sector in Disaster Recovery ~ 21 January 2014 Kobe, Japan Dr Janet L. Asherson
More informationEnergy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials
+ NGA State Learning Lab on Energy Assurance Coordination May 13-15, 2015 Trenton, New Jersey Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National
More informationWireless e-business Security. Lothar Vigelandzoon
Wireless e-business Security Lothar Vigelandzoon E-business evolution Increased business drivers for cost efficiency & market penetration Increased Importance of brand reputation Distance between IT and
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More information