Cybersecurity Dimension of Critical Infrastructure
|
|
- Sherilyn Briggs
- 5 years ago
- Views:
Transcription
1 Cybersecurity Dimension of Critical Infrastructure Views expressed in this presentation are the authors and do not represent the official view of any institution he is affiliated with. ESReDA 52 Seminar, Kaunas 30 May 2017 Vytautas Butrimas NATO ENSEC CoE Member, NCRA of Lithuania
2 What is wrong with this headline? The Largest Cyber Attack In History has been hitting Hong Kong sites - Parmy Olson, Forbes 2014
3 Why? Because when C.I. fails, you life stops.
4 What s happening? IT is coming to ICS/OT Was manually controlled, now digital & remotely controlled Provided wonderful features and efficiencies for the operator Supports modern world but introduced complexity & vulnerabilities And: Cyber defense was not included as a requirement in ICS design 1971 Today
5 IT introduced new vulnerabilities in ICS / OT world Unintentional / intentional cyber incidents A nuclear power plant was recently forced into an emergency shutdown for forty-eight hours after a software update was installed on a single computer.
6 Information technology vs Industrial control systems Significant differences in security priorities If not understood, you will make bad policy! IT security is CIA ICS security is (Safety)AIC
7 Industrial control systems (ICS) space If ICS device is affected physical harm / damage is likely. Denial of Service means: No electricity, no gas. IT: the operation is securing the data ICS: the operation is securing the operation
8 What is an ICS operator s worst nightmare? Loss of View and Loss of Control
9 Is this cybersecurity concern getting across? NO
10 Does government understand how vulnerable their critical infrastructure is and how it can be targeted? Not really the draft cybersecurity requirements state that they are intended to address critical information infrastructure (including industrial control systems), however your draft requirements do not address industrial control systems - Response from 1 entity in the energy sector to Govt. draft regulations
11 Bad news for us: malicious cyber activities of states? Iranian nuclear and oil facilities (STUXNET 2010) Saudi Aramco DOC attack 2012/2013 Belgacom compromised Sandworm Team / Black Energy 2014 BSI reports cyber-attack on German steel mill 2015 TV5Monde 2015/2016 Cyber attack on control systems of Ukraine s pwr grid 2017 WannaCry as latest wake-up-call
12 Bad news: Malicious Cyber Activities of States -2 Case Study: STUXNET 2010 Cyber weapon used by a state against the CI of another. Caused a loss of view and loss of control Disabled safety systems, sent false data to operators Most targets are in Europe and N. America Hi-tech, cheap (10 mln. USD), effective, and deniable
13 Bad news about states - 3: Cyber attack on UKR. regional grid 2015 Cyber intrusions over 6 mo. at 3 regional EPD companies Over 30 substations disabled affecting ¼ mln. Malware loaded on Serial-to-Ethernet comm. devices Control workstation s erased at end of the cyber-attack Operators lost SCADA (loss of view and control)
14 Have we recognized and addressed the threats adequately?
15 Oh, oh a problem: What to do if it is the work of a STATE? But as soon as we find out that it s state-sponsored, or there may be state actors involved, we back away from that. - Interpol digital crime centre director Sanjay Virmani, 2015
16 Still not convinced of the danger? Commander #1: We ve analyzed their attack, sir, and there is a danger. Should I have your ship standing by? Gov. Tarkin: Evacuate? In our moment of triumph? I think you overestimate their chances. Quote from the film Star Wars IV
17 Parts of CI are visible on the Internet: Project Shine Targets are mostly in Europe and N.A.!
18 Project Shine implications (One Iceland tomato farm) 1159 devices visible
19 What the future looks like: More convergence, more vuln. Caveat emptor IIoT and DA improve efficiency, reduce downtime and save money Industry 4.0 integrating manufacturing plant w/ business functions Autonomous control and self configuration Getting a lot of support from Govt. and Industry Not much talk about new vulnerabilities and cybersecurity!!!!
20 Ok, now what can we do about it?
21 Need to address training/knowledge gap ISA 99 / IEC IT IT Cybersecurity Control system OT ISO Too few Control system (OT) Cybersecurity specialists
22 Guides and lessons-learned are available Buyer needs to ask the manufacturer about cybersecurity Standards and training are available IT, OT and Design Engineers need to play as a TEAM!
23 Work globally to keep cyber peace in the new military domain. 1. Nations agree in peacetime to keep out of each other C.I 2. Acceptance of responsibility for their cyberspace 3. Creation of a monitoring and reporting agency
24 Thank you, do you have any questions? Thanks to R. Radvanovsky and J. Brodsky for useful suggestions and comments. Vytautas Butrimas NATO ENSEC CoE Vytautas. enseccoe. org vbutrim Blog contributor:
25 Extra slides 25
26 Should cybersecurity be a priority for protecting CI? In 2006 terrorists at Abqaiq were met with deadly force at the gate In 2015 the C3 systems of this power grid were compromised from cyberspace putting ¼ mln. in darkness.
In the wrong hands it s an open invitation
In the wrong hands it s an open invitation If someone takes over your control system infrastructure it could prove fatal Control systems are indispensable for a number of industrial processes and are lucrative
More informationCyber Security of Industrial Control Systems (ICSs)
Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied
More informationIndegy. Industrial Cyber Security. ISA New Orleans Section. Applying the NIST Framework February 6, 2018
Indegy Industrial Cyber Security ISA New Orleans Section Applying the NIST Framework February 6, 2018 Agenda 1. Introductions 2. Indegy Background 3. NIST Background and History with ICS 4. What is the
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationRole of NATO and Energy Security Centre of Excellence in Supporting Protection of Critical Energy Infrastructure and Enhancing its Resiliency
Role of NATO and Energy Security Centre of Excellence in Supporting Protection of Critical Energy Infrastructure and Enhancing its Resiliency 4 December 2017, Ramat Gan, Israel 15th International Energy
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationExercise of FERC Authority for Cybersecurity of the North American Electric Grid
Exercise of FERC Authority for Cybersecurity of the North American Electric Grid Thomas S. Popik Joseph M. Weiss George R. Cotter FERC Docket RM15-14-000 www.resilientsocieties.org Agenda Overall Concerns
More informationCyber Security Update. Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012
Cyber Security Update Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012 Agenda Timeline Regulatory / Compliance Environment Smart Grid Threats
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationCybersecurity. Sarabjit Purewal Principal Specialist Inspector BSc ACGI PGDip CEng MIET. Humber Chemical Focus Group 21 July 2016
Health and and Safety Executive Cybersecurity Sarabjit Purewal Principal Specialist Inspector BSc ACGI PGDip CEng MIET Humber Chemical Focus Group 21 July 2016 Crown July 2016 What we will cover Why cybersecurity
More informationSecurity in a Converging IT/OT World
Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationCyber Threat Awareness CETAC 2018
Presented by Jeff Sundvick- WAPA Raymond Jeter-SDG&E U.S. CERT-NCCIC Cyber Threat Awareness CETAC 2018 Welcome CETAC 2018 San Ramon Training Facility General Class Information: Safety/Fire evacuation.
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More informationIntroducing the 9202-ETS MTL Tofino industrial Ethernet security appliance
Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance HAKIM- Sales Engineer 1 Cybersecurity of valuable assets and processes in a wide range of industry verticals, such as: Oil & Gas
More informationCybersecurity for the SMB. CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale
Cybersecurity for the SMB CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationIntelligent Buildings and Cybersecurity
Intelligent Buildings and Cybersecurity March 14-18,2017 Frankfurt, Germany Ron Zimmer CABA President & CEO www.caba.org Connect to what s next 1 CABA Board of Directors and Vision CABA Vision Statement
More informationThe five questions I am being asked by National Policy Makers and Utility CEOs; My Best Answers; And Where the Questions Don't Have Answers
The five questions I am being asked by National Policy Makers and Utility CEOs; My Best Answers; And Where the Questions Don't Have Answers The 7th Annual North American SCADA and Process Control Summit
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationCEIP and Energy Security in Perspective of NATO Energy Security Centre of Excellence
CEIP and Energy Security in Perspective of NATO Energy Security Centre of Excellence Dr. Artūras Petkus Head of Strategic Analysis and Research Division NATO Energy Security Centre of Excellence Framework
More informationIoT Utility Day. Securing Critical Infrastructure. Nadya Bartol, CISSP, CGEIT. Vice President of Industry Affairs and Cybersecurity Strategist
IoT Utility Day Securing Critical Infrastructure Nadya Bartol, CISSP, CGEIT Vice President of Industry Affairs and Cybersecurity Strategist July 11, 2016 Securing Critical Infrastructure Nadya Bartol,
More informationEstablishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security
Establishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security Michael John SmartSec 2016, Amsterdam www.encs.eu European Network for Cyber Security The European
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationCybersecurity for the Electric Grid
Cybersecurity for the Electric Grid Electric System Regulation, CIP and the Evolution of Transition to a Secure State A presentation for the National Association of Regulatory Utility Commissioners March
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationWhite paper August The state of cybersecurity in the rail industry
White paper August 2017 The state of cybersecurity in the rail industry Introduction The last thirty years have witnessed major technological advances in computing, networking and the industrial control
More information"DIGITAL GENEVA CONVENTION" IN TIMES OF CYBER (IN)SECURITY?
Panelová debata: Monitorování internetu. Máme se bát o své soukromí? DO WE NEED A "DIGITAL GENEVA CONVENTION" IN TIMES OF CYBER (IN)SECURITY? Microsoft Internet Advertising Conference 2017 2 Internet Advertising
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationIIoT cyber security simulation
IIoT cyber security simulation Prepare for cyber incident response in the Industrial Internet of Things (IIoT) KPMG International kpmg.com In the Industrial Internet of Things (IIoT) era, visionary concepts,
More informationCyber Security Maturity Model
Cyber Security Maturity Model Robert Lentz Former DoD CISO / Deputy Assistant Secretary Cyber Facts Facts About About Intrusions Intrusions 2 Verizon 2010 Data Breach Investigation Report WHO IS BEHIND
More informationSafety System Cyber Security A Practical Approach
Safety System Cyber Security A Practical Approach Kelly Mahoney Protection Systems Team Leader ORNL/SNS ORNL is managed by UT-Battelle for the US Department of Energy Acronyms I would rather not know Cyber-physical
More informationCyber Attacks & Breaches It s not if, it s When
` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities,
More informationuanacia 1+1 MARINE SECURITY OPERATIONS BULLETIN No:
1+1 MARINE SECURITY OPERATIONS BULLETIN No: 2014-001 CLARIFICATION OF TRANSPORT CANADA (TC) MARINE SECURITY MANDATORY THREAT, BREACH AND INCIDENT REPORTING REOUIREMENTS THIS MARINE SECURITY OPERATIONS
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationBringing Cybersecurity to the Boardroom Bret Arsenault
SESSION ID: CXO-T11 Bringing Cybersecurity to the Boardroom Bret Arsenault Corporate Vice President & CISO Microsoft Security has Transcended from to a an 3 How Microsoft Approaches Security Reinventproductivity
More informationProtecting Critical Information Infrastructure in times of increasing cyber conflict
Protecting Critical Information Infrastructure in times of increasing cyber conflict Jan Neutze Director of Cybersecurity Policy (Europe/Middle East/Africa) Microsoft Critical Infrastructures are under
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationICS Security Training Amsterdam Derek Harp, Director SANS ICS Global Programs.
ICS Security Training Amsterdam Derek Harp, Director SANS ICS Global Programs www.sans.org/ics ICS Security Survey 2015 Highlights Over 300 respondents in this year s SANS ICS Security Survey, with a broad
More informationICS/SCADA INSECURITIES AND SOLUTIONS
; White Paper Presented By: Cybersecurity Department Enlightened, Inc. 1101 Connecticut Avenue, NW, Suite 800 Washington D.C. 20036 Company POC: Antwanye Ford, 202.728.7190, marketing@enlightened.com Small
More informationCybersecurity for IoT to Nuclear
Seminar Series Cybersecurity for IoT to Nuclear Fred Cohn, Program Director Property of Schneider Electric Who Am I? Program Director, Schneider Electric Product Security Office Cybersecurity Strategy
More informationSharing What Matters. Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data
Sharing What Matters Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data Dan Gunter, Principal Threat Analyst Marc Seitz, Threat Analyst Dragos, Inc. August 2018 Today s Talk at
More informationENISA S WORK ON ICS AND SMART GRID SECURITY
AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationCyber Threat Intelligence Debbie Janeczek May 24, 2017
Cyber Threat Intelligence Debbie Janeczek May 24, 2017 AGENDA Today s Cybersecurity Challenges What is Threat Intelligence? Data, Information, Intelligence Strategic, Operational and Tactical Threat Intelligence
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationIndustrial control system (ICS) security
Industrial control system (ICS) security Contents 1. Operations technology and ICS 2. Threat to ICS sector 3. Adapting standards 4. How PwC can help Operations technology and ICS Operations technology
More informationCybersecurity Vulnerabilities and Process Frameworks for Oil and Gas
Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Presentation to WVONGA Jack L. Shaffer, Jr. Business Transformation Director vcio/ vciso 2017 Cybersecurity in the news Ransomware Wanacry,
More informationNew Zealand National Cyber Security Centre Incident Summary
New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly
More informationHow NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity
How NSFOCUS Protected the G20 Summit Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity SPONSORED BY Rosefelt is responsible for developing NSFOCUS threat intelligence and web
More informationTRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I.
TRAINING WEEK COURSE OUTLINE May 9-13 2016 RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I. Page2 FACILITATOR S BIOGRAPHY John Tannahill, CA, CISM, CGEIT, CRISC is a management consultant specializing
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationIT security for energy infrastructures
IT security for energy infrastructures Next-generation firewalls made in Germany Cybersecurity Because of a lack of security mechanisms at both application level and data link layer level, conventional
More informationCyber Risk in the Marine Transportation System
Cyber Risk in the Marine Transportation System Cubic Global Defense MAR'01 1 Cubic.com/Global-Defense/National-Security 1 Cubic Global Defense Global Security Team Capabilities Program Management Integration
More informationBad Idea: Creating a U.S. Department of Cybersecurity
December 2018 Bad Idea: Creating a U.S. Department of Cybersecurity Suzanne Spaulding and Mieke Eoyang A lack of cybersecurity can have serious consequences the theft of money or data, an interruption
More informationManufacturing security: Bridging the gap between IT and OT
Manufacturing security: Bridging the gap between IT and OT For manufacturers, every new connection point is an opportunity. And a risk. The state of IT/OT security in manufacturing On the plant floor,
More informationYou knew the job was dangerous when you took it! Defending against CS malware
You knew the job was dangerous when you took it! Defending against CS malware Presented By: Doug Cavit Microsoft Where PI geeks meet 9/23/2010 NERC HILF 6/10 Adequately addressing vulnerabilities will
More informationGerhard Brndt, ABB AG, BU Power Generation Cyber Security and Compliance in Increasingly Distributed and Aging Power Generation Infrastructures
Gerhard Brndt, ABB AG, BU Power Generation Cyber Security and Compliance in Increasingly Distributed and Aging Power Generation Infrastructures ABB Group June 20, 2012 Slide 1 Situation of today The potential
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationSTANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
More informationICS Security Rapid Digital Risk Assessment
ICS Security Rapid Digital Risk Assessment Identifying, Measuring, Understanding Dieter Sarrazyn dieter.sarrazyn@toreon.com @dietersar SANS EUROPEAN ICS SECURITY SUMMIT Stephen Smith Stephen@ONRIX.eu Agenda
More informationUN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security
UN General Assembly Resolution 68/243 GEORGIA General appreciation of the issues of information security Widely publicized cyber attacks and, to some expert opinions, cyber war - conducted against Georgia
More informationUnderstanding Holistic Effects of Cyber Events on Critical Infrastructure
Understanding Holistic Effects of Cyber Events on Critical Infrastructure Shane Cherry Infrastructure Analysis and Technology Development National and Homeland Security Directorate March 20, 2018 INL/CON-17-42513
More informationControl System Security SCADA/DCS. By Chaiyakorn Apiwathanokul,, CISSP Chief Security Officer PTT ICT Solutions Company Limited
Control System Security SCADA/DCS By Chaiyakorn Apiwathanokul,, CISSP Chief Security Officer PTT ICT Solutions Company Limited Objectives To understand the current situation and threats against Control
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationCivil Nuclear Power - The Cyber Security Perspective
Civil Nuclear Power - The Cyber Security Perspective Guido Gluschke g.gluschke@uniss.org Institute for Security and Safety (ISS) at the Brandenburg University of Applied Sciences, Germany Deutsche Physikalische
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationSecuring the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
More informationSecuring strategic advantage
Securing strategic advantage Protecting industrial control systems Cyber Supplier to UK Government Plan Design Enable In delivering our vision to be the best infrastructure company in the world, we pride
More informationEUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity
EUROPEAN COMMISSION JOINT RESEARCH CENTRE Information Note JRC activities in the field of Cybersecurity Date: 28 January, 2016 JRC activities in the field of Cybersecurity 1. Societal and political context
More informationWhere to Start in Cyber Security
Where to Start in Cyber Security A guide for how to plan, implement and maintain an effective cyber security program for energy industries. Contents 01 Today s threat and vulnerability landscape 03 Where
More informationIEC in Digital Substation and Cyber security
ABB GRID AUTOMATION IEC 61850 in Digital Substation and Cyber security 72 nd Annual Georgia Tech Protective Relaying Conference Steven Kunsman, May 4, 2018 The digital systems Communication services SV,
More informationThe Road to Industry 4.0
The Road to Industry 4.0 Secure remote access and active cyber protection for industrial machinery Hamburg, May 22, 2017 Fabian Bahr G+D Group Business Units and Divisions G+D Mobile Security Financial
More informationICS/SCADA INSECURITIES AND SOLUTIONS
; White Paper Presented By: Liana Parakesyan, M.S. Cybersecurity Specialist, Cybersecurity Department Enlightened, Inc. 1101 Connecticut Avenue, NW, Suite 800 Washington D.C. 20036 Company POC: Antwanye
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Risk in the Marine Transportation System MAR'01 1 Objectives IDENTIFY motivations behind a cyber attack. IDENTIFY various types of
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationFERC Hydroproject Cyber Security [FERC 3A Section 9 versus CIP v5]
FERC Hydroproject Cyber Security [FERC 3A Section 9 versus CIP v5] Presentation Goals Provide a clear distinction between the intent of FERC cyber security and NERC CIP cyber security Discuss opportunities
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationThe Future of Industrial Control Systems Security
The Future of Industrial Control Systems Security Amir Samoiloff, CEO, Siga Security Ilan Gendelman, CTO, Siga Security www.sigasec.com The Importance of Operating Technology Systems Modern life relies
More informationEmerging Security Challenges November 22, 2012, Baku
Emerging Security Challenges November 22, 2012, Baku NATO ENSEC COE: planned activities and importance for NATO-South Caucasus cooperation DR. ARŪNAS MOLIS Chief of Research and Analysis Energy Security
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationDigital Forensic Science: Ideas, Gaps and the Future. Dr. Joshua I. James
Digital Forensic Science: Ideas, Gaps and the Future Dr. Joshua I. James Joshua@cybercrimetech.com 2015-08-09 Overview Digital Forensic Science where are we now? Past Present Where are we going? Future
More informationCyber Security. June 2015
Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events
More informationProtecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition
VIENNA CYBER SECURITY WEEK 2018 Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition SECURITY & DIPLOMACY 29-30 January 15A Favoritenstraße, 1040 Taubstummengasse
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More information(U) Cyber Threats to the Homeland
UNCLASSIFIED (U) Cyber Threats to the Homeland October 2016 The overall classification of this briefing is: (U) Warning: This product may contain US person information that has been deemed necessary for
More information