Could your Building Catch a Virus?
|
|
- Mitchell Carroll
- 6 years ago
- Views:
Transcription
1 Could your Building Catch a Virus? Measuring the Impact of Cyber Security Threats on Building Management Systems 3rd Interna(onal Conference ENERGY in BUILDINGS 2014 Konstan(nos Karagiannis 1 kk@getechgr Co- authors: Deeph Chana 2, David Fisk 1 1 Laing O Rourke Centre for Systems Engineering & Innova(on, Department of Civil and Environmental Engineering, Imperial College London 2 Ins(tute for Security Science and Technology, Imperial College London 15 November 2014
2 Presenta(on Structure Background Part I: From ICS to CPS,IoT,BMS and cyber incidents that affected the industry Methodology & Analysis Part II: - Iden(fica(on of Threats & Vulnerabili(es - Using Shodan to find exposed BMSs on the Internet Discussion & Conclusions Part III: - BMS & Literature - Case study Assessment - Cyber Security in BMS: IT vs OT
3 Part I From ICS to CPS and the IoT ICS: consists of combina(ons of control components (eg, electrical, mechanical, hydraulic, pneuma(c) that act together to achieve an industrial objec(ve (eg, manufacturing, transporta(on of ma`er or energy) Cyber Security? CPS: is a system of systems, in which the cyber technologies and the physical processes are highly integrated, in order to add new capabili(es into physical system IoT: the interconnec(on of uniquely iden(fiable embedded compu(ng- like devices within the exis(ng Internet infrastructure
4 From ICS to CPS and the IoT Part I BMS Source:(Edward A Lee,UC Berkeley)
5 Part I Classifica(on of ICS Hybrid: nowadays modern control system components allow integra(on at a level where SCADA and DCS may be combined, depending on the applica(on SCADA: systems that are implemented for data acquisi(on and control, on dispersed geographical sites in large distances (WAN) SCADA DCS: systems used in sites located in the same neighbourhood especially for process control in manufacturing (LAN) DCS ICS Source:(ICS- CERT, 2013)
6 Part I Where do BMS stand in rela(on to ICS? Ø BMS can be considered more as DCS than SCADA However, due to customisa(on in many instances they adopt SCADA features Ø BMS mostly use DDC (Direct Digital Control) as control system components and hardly PLCs Ø BMS controllers are pre- engineered and preconfigured in order to achieve cost reduc(on and execute less complex func(ons that building services require Ø BMS use regularly different standards and protocols especially designed for building automa(on (ex BACnet), where high- bandwidth and low- latency are not as crucial as in cri(cal and industrial environments Ø BMS are designed to be easy to configure, space and cost efficient and incorporate energy management func(ons that are not requested in industrial control systems yet
7 Part I What BMS actually do? BMS use hardware, sogware and communica(on networks to control and monitor the MEP (Mechanical, Electrical and Plumbing) systems of a building Source:(Hermann Merz, 2009)
8 Part I BMS Architecture & Benefits Improved indoor condi9ons and staff produc9vity Increased plant reliability and life Opera9ng costs reduc9on Increased security and safety BMS or BEMS are a key element in the con9nuous improvement of Buildings Energy Efficiency and can easily adapt into new Building Opera9ons Strategies
9 Part I History of Building Automa(on Standalone, Different technologies First centralised computerised control system Microprocess ors, HMI, Energy management func(ons Lower Hardware cost, DDC, proprietary sogware and protocols Open protocols, remote access, internet, touch panels BEMS, COTS,IP, Wireless, smartphones 1940 s 1960 s 1970 s 1980 s 1990 s 2000 s 2010 s Current and future trends Ex(nc(on of proprietary protocols Web- enabled controllers instead of SCADA sogware BMS will serve more as an umbrella for other subsystems BMS will move to the cloud BMS will be integrated into the Smart Grid
10 Part I History of Building Automa(on Integra(on Source:(Harrison, 1998)
11 Part I Cyber incidents in ICS There is a drama(c increase of 782% cyber incidents, reported from 2006 to 2012 according to the US Computer Emergency Readiness Team (CERT) Source:Fernandez Ivan, 2013 In 2013, ICS- CERT responded to 256 incidents reported either directly from asset owners or through other trusted partners Source:(ICS- CERT, 2011) Source:(ICS- CERT, 2013)
12 Part I Cyber incidents & examples in BMS Super Bowl XLVII Blackout 2012: Play was interrupted for 34 minutes because of a 22- minute par(al power outage Even though the incident was limited to mechanical failure, cyber security experts say the Super Bowl blackout is the closest public example of the consequences of when control systems fail, or even worse, fall into the wrong hands (Source : Korber Sabrina,2013) US Business : In 2012, unauthorized IP addresses accessed the ICS network of a New Jersey air condi(oning company, US Business 1 The intruders were able to access a backdoor into the ICS system that allowed access to the HVAC control system US Business 1 was using a system, which has been widely reported in the media to contain mul(ple vulnerabili(es that could allow an a`acker to remotely control the system (Source : FBI, 2012) The Carrell Clinic 2009: The leader of a malicious hacker collec(ve gain unauthorized access to the HVAC system of The Carrell Clinic in Dallas pos(ng images that showed the HVAC control window for the hospital's surgery unit A test alarm seqng was turned to inac(ve (Source : Goodin Dan, 2009)
13 Part I Cyber incidents & examples in BMS Google Wharf 7 Building 2013: Cyber security researchers from Cylance had successfully gained access to Google's Wharf 7 building s BMS in Sydney The researchers later posted about it on their blog It showed floor and roof blueprints, as well as water and HVAC systems Later they said If Google can fall vic(m to an ICS a`ack, anyone can (Source : Rios Billy, 2013) North Shore Private Hospital 2013: The Hospital's BMS is overseen by an Australian building automa(on firm, and was secured using the user name "admin" and password "anyonesguess (Source : Grubb Ben, 2013) Target 2014: In the Target incident earlier this year, phishers got access to the enterprise network of Target and stole card creden(als of millions of customers and it is believed although there is no clear evidence yet that it was through the HVAC control and monitoring system that was remotely managed by a third- party vendor (Source : Krebs Brian, 2014)
14 Part II Iden(fica(on of Threats & Vulnerabili(es Threats Vulnerabili9es using Threat agents exploit known or unknown vulnerabili9es of the BMS to damage assets and create risk to asset owners require Countermeasures to minimize to Risk Assets Source:(ISA , 2013)
15 Part II Iden(fica(on of Threats The ISO/IEC FIDIS 27005:2008 defines threat as any poten(al cause of incident that can have nega(ve consequences in a system or an organiza(on Threats are related to other terms as threat sources and threat events or incidents Inten(onal Internal Cyber Threats Threat Sources a study (EJ Byres; J Lowe, 2004) regarding cyber- a`acks in control systems showed that incidents: : 31% external : 70% external Uninten(onal External
16 Part II Internal& External Threat Sources Internal threat sources External threat sources Disgruntled employees Maintenance staff Facility management staff Vendors and third- party Suppliers Contractors and System Integrators Terrorists Na(on- State Hackers Compe(tors and Industrial spies Non- professional hackers and script kiddies Criminal groups and malware/spyware hackers Ethical hacking
17 Part II Iden(fica(on of Vulnerabili(es System vulnerabili(es can be defined as weaknesses of the system that can be exploited by poten(al a`ackers Vulnerabili(es policy and procedure Hardware Configura(on Network & Communica(ons Sogware
18 Part II Policy and Procedure & Configura(on Vulnerabili(es Vulnerabili(es Policy and Procedure Lack of security standards and guidelines Lack of training and awareness Poor or no commissioning Poor or no security policy in design Inadequate maintenance Inappropriate personnel Lack of organiza(on s security policy Configura(on No or inadequate access control Weak passwords
19 Part II Hardware, Sogware, Network & Communica(ons Vulnerabili(es Hardware Inadequate tes(ng and cer(fica(on Unauthorised physical access to equipment No backup power Sogware Buffer overflow Denial of service (DoS) SQL Injec(on Lack of security sogware Unpatched systems Network and communica(ons No security perimeter No network segmenta(on Lack of encryp(on and authen(ca(on No or misconfigured firewalls Wireless communica(ons
20 Part II Live example: Using Shodan to iden(fy BMS vulnerabili(es Shodan: a computer search engine launced in 2009 by John Matherly that iden(fies specific computer devices connected to the internet like servers, routers, industrial controllers etc Ø interrogates ports to receive the returning banners Banners can be defined as metadata that the client receives from the server Ø Uses filter op(ons to narrow searches (country, hostname, IP, OS, port) Ø In 2011, a two- year study (LevereQ E,2011) indicated 7,500 of industrial control devices including BMS were exposed on the internet Ø Re- evalua(on in 2013 showed that devices increased to 57,409
21 Part II Live example: Using Shodan to iden(fy BMS vulnerabili(es Step 1 BMS query: 1,054 devices found Step 2 Bacnet query: 5,534 Bacnet devices iden9fied
22 Part II Live example: Case study of Bacnet controller in Shodan Controller X: Released recently programmable DDC controller Bacnet /IP Embedded web- server integrated func(ons such as (me schedules, calendar, data and alarm historian Designed for energy efficiency In Shodan: 208 results 12 cases the domain name was an academic ins9tu9on controllers were added in the Shodan database in 2014 In 3 months 59% increase Device ID revealed Name of the Hotel revealed Firmware and Sobware versions revealed Model type revealed IP internal and external revealed Vendor s Y name revealed Equipment controlled and its loca9on revealed
23 Part II Live example: Case study of Bacnet controller in Shodan A controller X was connected to the internet in order to assess the capability of Shodan to iden(fy BMS devices Controller X: q did not control any real plant equipment q was configured with a sogware tool in order to allow communica(on with the Bacnet/IP network q The router s firewall was disabled to allow requested ports to operate q IP was assigned to controller X q the web- interface of the controller was accessed by inser(ng the assigned IP address to a web browser q A search was performed in Shodan using the country filter op(on Results: The controller X was iden(fied by Shodan search engine aber 19 days The informa(on in Shodan disclosed the ISP name, controller s X public IP and geoloca(on, vendor s ID, applica(on sogware version, firmware version, device ID, model name and the dummy plant equipment the controller is assigned to control in the descrip(on field
24 Part III Conclusion 1: Clarifica(on of BMS The research in literature concerning BMS has shown that there is no clear classifica(on of BMS as ICS Buildings are not regarded as cri(cal environments nor require the accuracy and safety of industrial processes In ICS (me is cri(cal and system failure can have severe consequences No clear dis(nc(on between BMS and ICS in cyber security literature Lack of specific guidelines and ambiguity in literature, create a vulnerability for BMS in terms of cyber security
25 Part III Conclusion 2: Case study results Shodan is a useful tool for penetra(on tes(ng whilst a dangerous tool for poten(al a`ackers Shodan does not reveal informa(on that is not already there Shodan does not provide real- (me data Shodan randomly selects IP addresses and then randomly interrogates ports If Shodan have never visited the desired network, it will not index the device requested Ø BMS devices iden9fied in Shodan may not be s9ll exposed Ø A greater number of BMS devices may be exposed that Shodan have not indexed yet
26 Part III BMS Cyber Security: IT vs OT Why IT solu(ons are not enough? IT Life(me 3 to 5 years OT Life(me of almost 10 years Confiden(ality, Integrity, Availability Availability, Integrity, Confiden(ality Delays ogen acceptable Delays may be safety- cri(cal Systems follow usually same structure More complex systems require deep knowledge of the controlled equipment
27 Part III BMS Cyber Security: What is the answer? BMS : Small market compared to other markets of building construc(on Has shown a sharp increase the last 10 years Higher integra(on in the future (Smart Grid, Smart Ci(es) The establishment of a mature and robust BMS Cyber Security program requires the a`en(on of people, the implementa(on of processes and the effec(ve use of technology Process BMS Cyber Security Technology People
28 Part III Summary and Future Work Ø The integral part of cyber security in Building Management Systems is neglected significantly by the industry Ø The con(nuous incorpora(on of commercial- off- the shelf products has resulted in increasing the vulnerabili(es in BMS Ø The immediate need for security guidelines and policies tailored specifically for building automa(on is crucial to defend the BMS from poten(al cyber- a`acks Ø It is very important to assess available tools like Shodan in future work how can contribute in iden(fying vulnerabili(es in BMSs Ø A defence- in- depth strategy requires the involvement of a BMS cyber security expert that will act as the bridge between Opera(on and Informa(on Technology
29 Could your Building Catch a Virus? Measuring the Impact of Cyber Security Threats on Building Management Systems Konstan(nos Karagiannis kk@getechgr
Cyber Security and Power System Communica4ons Essen4al Parts of a Smart Grid Infrastructure. Talal El Awar
Cyber Security and Power System Communica4ons Essen4al Parts of a Smart Grid Infrastructure Author: Goran N. Ericsson, Senior Member, IEEE Talal El Awar Submi.ed in Par3al Fulfillment of the Course Requirements
More informationCyber Security Capabilities
Cyber Security Capabilities Informa:on Assurance ü Vulnerability Assessment ü Penetra8on Tes8ng ü Informa8on Security Assessment ü Applica8on Security Evalua8on ü Network Traffic Assessment ü Cri8cality
More informationStrengthening Cybersecurity Workforce Development December 2017
Strengthening Cybersecurity Workforce Development December 2017 Agenda 1. Introduc3ons SANS GIAC Team 2. Goal: 2017 Execu3ve Order 3. SANS GIAC NICE Workforce Framework (NCWF) Mapping Overview 4. Workforce
More informationCyber Attacks & Breaches It s not if, it s When
` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities,
More informationAssessing Medical Device. Cyber Risks in a Healthcare. Environment
Assessing Medical Device Medical Devices Security Cyber Risks in a Healthcare Phil Englert Director Technology Operations Environment Catholic Health Ini
More informationProtecting Smart Buildings
Protecting Smart Buildings The next frontier of critical infrastructure security Suzanne Rijnbergen - MBA visibility detection control Who am I? Global Director Professional Services @SecurityMatters (ForeScout)
More informationVendor Management: SSAE 18. Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner
Vendor Management: SSAE 18 Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner Audio Handouts Questions Welcome Joseph Kirkpatrick is the Managing Partner at KirkpatrickPrice
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationPattern Recognition and Applications Lab WEB Security. Giorgio Giacinto.
Pattern Recognition and Applications Lab WEB Security Giorgio Giacinto giacinto@diee.unica.it Sicurezza Informa1ca, 2015-2016 Department of Electrical and Electronic Engineering University of Cagliari,
More informationTHE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:
June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the
More information13th Florence Rail Forum: Cyber Security in Railways Systems. Immacolata Lamberti Andrea Pepato
13th Florence Rail Forum: Cyber Security in Railways Systems Immacolata Lamberti Andrea Pepato November 25, 2016 Cyber Security context and Cyber Attacks trend Critical Infrastructures (CIs) are both physical
More informationEVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM. Wurldtech Security Technologies
EVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM Wurldtech Security Technologies Objectives Discuss how to: Evaluation of effectiveness
More informationHalkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN
Halkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN http://www.halkynconsulting.co.uk info@halkynconsulting.co.uk Password Security By T Wake CISSP CISM CEH 20/06/2011 Contents
More informationTop 10 Web Application Vulnerabilities
Top 10 Web Application Vulnerabilities Why you should care about them plus a live hacking demo!! Why should you care?! Insecure so*ware is undermining our financial, healthcare, defense, energy, and other
More informationLarge-scale Testbed and Cyber Range Organiza6on and Design
CYBER RANGE ORGANIZATION AND DESIGN Large-scale Testbed and Cyber Range Organiza6on and Design Razvan Beuran, Ken-ichi Chinen Outline 1. Mo9va9on & overview 2. Making use of StarBED 3. Case studies 4.
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationEAS- SEC: Framework for Securing Enterprise Business Applica;ons
Invest in security to secure investments EAS- SEC: Framework for Securing Enterprise Business Applica;ons Alexander Polyakov CTO ERPScan About ERPScan The only 360- degree SAP Security solu8on - ERPScan
More informationCISC So*ware Quality Assurance
CISC 327 - So*ware Quality Assurance Lecture 29b Web Applica>on Security CISC327-2003 2017 J.R. Cordy, S. Grant, J.S. Bradbury, J. Dunfield Outline Web Applica>on Security SQL Injec>on Parameter Manipula>on
More informationHow can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits
How can I use ISA/IEC- 62443 (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits What is ISA 62443? A series of ISA standards that addresses
More informationCyber Security of Industrial Control Systems (ICSs)
Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied
More informationIntegra(on of Accident Management Strategies into Sta(on Opera(on Fred Dermarkar Vice President Engineering Strategy Ontario Power Generation
Integra(on of Accident Management Strategies into Sta(on Opera(on Fred Dermarkar Vice President Engineering Strategy Ontario Power Generation IAEA International Expert Meeting on Human and Organizational
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationIntroduction to Securing Critical Infrastructure
Her kan tekst skrives Her kan tekst skrives Introduction to Securing Critical Infrastructure Her kan tekst skrives Keith Frederick CISSP, CAP, CRISC, Author securenok.com Topics A)acks on the Oil and Gas
More informationObjec&ves. Review: Security. Google s AI is wri&ng poetry SQL INJECTION ATTACK. SQL Injec&on. SQL Injec&on. Security:
Objec&ves Security: Ø Injec&on a6acks Ø Cross-site scrip&ng Ø Insecure direct object reference Group photo Review: Security Why has the Web become such a huge target? How can you protect against security
More informationNew PCI DSS Version 3.0: Can it Reduce Breaches? Dharshan Shanthamurthy, CEO, SISA Informa2on Security Inc. Core Competencies C11
New PCI DSS Version 3.0: Can it Reduce Breaches? Dharshan Shanthamurthy, CEO, SISA Informa2on Security Inc. Core Competencies C11 SISA Informa2on Security Formal Risk Assessment Specialists Authors of
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationPutting the Pieces Together:
Putting the Pieces Together: Leveraging Current Audits to Solve the HITRUST Puzzle Presenter Gene Geiger, A-LIGN Partner - HITRUST Prac77oner CPA CISSP CCSK QSA PCIP ISO 27K LA performance resourceful
More informationUnderstanding Holistic Effects of Cyber Events on Critical Infrastructure
Understanding Holistic Effects of Cyber Events on Critical Infrastructure Shane Cherry Infrastructure Analysis and Technology Development National and Homeland Security Directorate March 20, 2018 INL/CON-17-42513
More informationCompu&ng Services Strengthening Authen&ca&on. October 2016
Compu&ng Services Strengthening Authen&ca&on October 2016 ID and password pair is the sole means of authen4ca4ng access AUTHENTICATION Current State o Email o File storage o Enterprise applica1ons (including
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationSubmitted on behalf of the DOE National SCADA Test Bed. Jeff Dagle, PE Pacific Northwest National Laboratory (509)
Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group (CSSWG) Submitted on behalf of the DOE National SCADA Test
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationCyber Security 2010 THE THREATS! THE FUTURE!
Cyber Security 2010 THE THREATS! THE FUTURE! Tom Barberio - Enterprise Technology Manager (CIO) Synerfac Technical Staffing March 16, 2010 Special Presentation to University of Delaware CIS DEPT Graduate
More informationPotential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group
Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group Submitted on behalf of the U.S. Department of Energy National
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationSecurity in a Converging IT/OT World
Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,
More informationToday s Objec4ves. Data Center. Virtualiza4on Cloud Compu4ng Amazon Web Services. What did you think? 10/23/17. Oct 23, 2017 Sprenkle - CSCI325
Today s Objec4ves Virtualiza4on Cloud Compu4ng Amazon Web Services Oct 23, 2017 Sprenkle - CSCI325 1 Data Center What did you think? Oct 23, 2017 Sprenkle - CSCI325 2 1 10/23/17 Oct 23, 2017 Sprenkle -
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationISO27001 Preparing your business with Snare
WHITEPAPER Complying with ISO27001 Preparing your business with Snare T he technical controls imposed by ISO (International Organisation for Standardization) Standard 27001 cover a wide range of security
More informationCybersecurity Curricular Guidelines
Cybersecurity Curricular Guidelines Ma2 Bishop, University of California Davis, co-chair Diana Burley The George Washington University, co-chair Sco2 Buck, Intel Corp. Joseph J. Ekstrom, Brigham Young
More informationIntroduction to ICS Security
Introduction to ICS Security Design. Build. Protect. Presented by Jack D. Oden, June 1, 2018 ISSA Mid-Atlantic Information Security Conference, Rockville, MD Copyright 2018 Parsons Federal 2018 Critical
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationData Centers & Technology:
Data Centers & Technology: Risk in the digital landscape Presented by; Ralph de Mesquita Principal Risk Analyst, Risk Engineering UK Agenda Rise of cloud providers Four scenarios: where are the insurable
More informationCyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationThinManager and FactoryTalk View SE. John Ter8n; ESE, Inc.
ThinManager and FactoryTalk View SE John Ter8n; ESE, Inc. Who Am I John Ter8n Director of Manufacturing Informa8on Systems Who We Are Founded in 1981 Headquartered in Marshfield, Wisconsin 100% Employee-
More informationSecuring Network Devices with the IEC Standard What You Should Know. Vance Chen Product Manager
with the IEC 62443-4-2 Standard What You Should Know Vance Chen Product Manager Industry Background As the Industrial IoT (IIoT) continues to expand, more and more devices are being connected to networks.
More informationICS Breach, what to do after oh no, frameworks and issues of IM/IT. Dr. Samuel Liles
ICS Breach, what to do after oh no, frameworks and issues of IM/IT Dr. Samuel Liles http://selil.com Agenda Through the lens of risk Cybery thoughts From ICS to IoT Threats Vulnerabilities Frameworks Just
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationSenate Subcommi-ee on Flooding & Evacua5ons. Presenta5on by Commission on State Emergency Communica5ons August 24, 2010 Houston, Texas
Senate Subcommi-ee on Flooding & Evacua5ons Presenta5on by Commission on State Emergency Communica5ons August 24, 2010 Houston, Texas Overview of 9-1- 1 in Texas "9-1- 1 service" means a telecommunica5ons
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationModel- Based Security Tes3ng with Test Pa9erns
Model- Based Security Tes3ng with Test Pa9erns Julien BOTELLA (Smartes5ng) Jürgen GROSSMANN (FOKUS) Bruno LEGEARD (Smartes3ng) Fabien PEUREUX (Smartes5ng) Mar5n SCHNEIDER (FOKUS) Fredrik SEEHUSEN (SINTEF)
More informationASERCOM cyber-security guideline for connected HVAC/R equipment
ASERCOM cyber-security guideline for connected HVAC/R equipment Preface Many HVAC/R components like compressors, fans or controllers have connectivity features today. This includes Bluetooth, Wi-Fi or
More information2014 TRANSIT CEOs SEMINAR. Cybersecurity What Every CEO Should Know to Help Secure the System
2014 TRANSIT CEOs SEMINAR Cybersecurity What Every CEO Should Know to Help Secure the System APTA Enterprise Cyber Security WG update Vulnerable Systems Cyber attacks may be targeted toward one or more
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationComposite Compliance: Demonstra1ng Suitability of Cloud Layering for Sensi1ve and Regulated Workloads
Composite Compliance: Demonstra1ng Suitability of Cloud Layering for Sensi1ve and Regulated Workloads Heather Hinton, PhD hhinton@us.ibm.com IBM Dis1nguished Engineer Master Inventor, Member IBM AoT 7
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationSecure Access & SWIFT Customer Security Controls Framework
Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationBuilding Automation & Control System Vulnerabilities
1 Building Automation & Control System Vulnerabilities by Is there an open door into your facility? Dave Brooks, PhD Associate Professor, Security Science School of Science 1 2 OVERVIEW Background of Research
More informationCLOUD SERVICES. Cloud Value Assessment.
CLOUD SERVICES Cloud Value Assessment www.cloudcomrade.com Comrade a companion who shares one's ac8vi8es or is a fellow member of an organiza8on 2 Today s Agenda! Why Companies Should Consider Moving Business
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationNAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6)
NAVAL DISTRICT WASHINGTON SMARTSHORE CASE STUDY Jeff Johnson NDW CIO (N6) 1 Creating Cyber Secure Enterprise Control Systems Networks Agenda US Navy, NDW Industrial Controls overview The new cyber threat
More informationSANS SCADA and Process Control Europe Rome 2011
SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity
More informationNETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.
NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING. The old mantra of trust but verify just is not working. Never trust and verify is how we must apply security in this era of sophisticated breaches.
More informationBack to the Future Cyber Security
Back to the Future Cyber Security A manifesto for Cyber Security and the Industrial Legacy Introduction Industrial facilities and infrastructure form the core of our economy and society. These advanced
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationLeveraging Building Automation Systems to support ongoing commissioning
Leveraging Building Automation Systems to support ongoing commissioning Building Automation Systems Introduction Show me the money Critical components Building Automation System Architectures Protocols
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationSummary of Cyber Security Issues in the Electric Power Sector
Summary of Cyber Security Issues in the Electric Power Sector Jeff Dagle, PE Chief Electrical Engineer Energy Technology Development Group Pacific Northwest National Laboratory (509) 375-3629 jeff.dagle@pnl.gov
More informationNo Industry 4.0 without Security
24-04-2017 No Industry 4.0 without Security 24-04-2017 Introduction to Atos and Industry 4.0 Who is Atos? At a glance Revenue 2016 (M EUR) * Employees 2016 (Global) Employees 2016 (Germany) Countries 12,000
More informationStrategies for Selecting the Right Open Source Framework for Cross-Browser Testing
BW6 Test Automation Wednesday, June 6th, 2018, 1:30 PM Strategies for Selecting the Right Open Source Framework for Cross-Browser Testing Presented by: Eran Kinsbruner Perfecto Brought to you by: 350 Corporate
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationhidden vulnerabilities
hidden vulnerabilities industrial networks in 30 minutes Cyber Security introduction Frank Kemeling Certified Ethical Hacker [CEH] EC-Council Certified Security Analyst [ESCA] Licensed Penetration Tester
More informationON-LINE EXPERT SUPPORT THROUGH VPN ACCESS
ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS P. Fidry, V. Rakotomanana, C. Ausanneau Pierre.fidry@alcatel-lucent.fr Alcatel-Lucent, Centre de Villarceaux, 91620, Nozay, France Abstract: As a consequence of
More informationSCALE 15x (c) 2017 Ty Shipman
Please view my linked-in page (under See more) to get a copy of this presenta
More informationSANS and GIAC Certifications in alignment with the NICE Cyber Security Workforce Framework
SANS and s in alignment with the NICE Cyber Security Workforce Framework NIST Special Publication 800-181 Ensuring a trained and certified cyber security workforce Using the NICE Framework Newhouse, William,
More informationWelcome to a world where technology flows through the heart of your business environment. Welcome to CDC
Welcome to a world where technology flows through the heart of your business environment Welcome to CDC Overview 4 Urban Campus 5 Intelligent Campus Management Solution 6 Key Features 7 Integra Management
More informationImproving the cyber security posture of New Zealand Barry Brailey NZITF Chair
New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair Programme Introduc7on Background The Birth of a Trust Group Ongoing work Q&A Who Am I? Manager,
More informationVulnerability Risk management for everyone. ENOG12
Vulnerability Risk management for everyone arkenoi@gmail.com ENOG12 the open Net mobilize technical Internet community provide technical exper@se talk to other stakeholders Why bother Risk Management is
More informationAn introduc/on to Sir0i
Authen4ca4on and Authorisa4on for Research and Collabora4on An introduc/on to Sir0i Addressing Federated Security Incident Response Hannah Short CERN hannah.short@cern.ch TF-CSIRT May, 2016 Agenda Federated
More informationSecuring the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationFirewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
More informationVerizon Software Defined Perimeter (SDP).
Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationUKIP needs to gather and use certain information about individuals.
UKIP Data Protection Policy Context and overview Key details Policy Update Prepared by: D. Dennemarck / S. Turner Update approved by Management on: November 6, 2015 Policy update became operational on:
More information