Digital Wind Cyber Security from GE Renewable Energy

Similar documents
Best Practices in ICS Security for System Operators

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Continuous protection to reduce risk and maintain production availability

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Security in a Converging IT/OT World

playbook OpShield for NERC CIP 5 sales PlAy

Industrial Defender ASM. for Automation Systems Management

CA Security Management

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Cyber Security Solutions for Industrial Controls

Why you should adopt the NIST Cybersecurity Framework

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

THE TRIPWIRE NERC SOLUTION SUITE

Achilles System Certification (ASC) from GE Digital

Education Network Security

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

Sage Data Security Services Directory

How AlienVault ICS SIEM Supports Compliance with CFATS

Carbon Black PCI Compliance Mapping Checklist

ABB Ability Cyber Security Services Protection against cyber threats takes ability

CYBER RESILIENCE & INCIDENT RESPONSE

align security instill confidence

Securing Industrial Control Systems

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Security by Default: Enabling Transformation Through Cyber Resilience

Combatting advanced threats with endpoint security intelligence

Reinvent Your 2013 Security Management Strategy

AT&T Endpoint Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi

CA Host-Based Intrusion Prevention System r8

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Symantec Security Monitoring Services

NEN The Education Network

to Enhance Your Cyber Security Needs

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

CCISO Blueprint v1. EC-Council

SIEM: Five Requirements that Solve the Bigger Business Issues

Technical Reference [Draft] DRAFT CIP Cyber Security - Supply Chain Management November 2, 2016

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Secure Development Lifecycle

Cyber Security Solutions Mitigating risk and enhancing plant reliability

Cyber Criminal Methods & Prevention Techniques. By

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

COMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013

Automating the Top 20 CIS Critical Security Controls

External Supplier Control Obligations. Cyber Security

OPERATIONS CONTROL CENTER

LESSONS LEARNED IN SMART GRID CYBER SECURITY

Clearing the Path to PCI DSS Version 2.0 Compliance

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Statement for the Record

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

ForeScout Extended Module for Splunk

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Standard CIP Cyber Security Critical Cyber Asset Identification

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Cyber Security for Process Control Systems ABB's view

Standard CIP Cyber Security Critical Cyber Asset Identification

AKAMAI CLOUD SECURITY SOLUTIONS

AUTHORITY FOR ELECTRICITY REGULATION

Cyber Resilience. Think18. Felicity March IBM Corporation

Keys to a more secure data environment

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

SOLUTION BRIEF Virtual CISO

Total Security Management PCI DSS Compliance Guide

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Information Security Controls Policy

Security Standards for Electric Market Participants

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

Checklist: Credit Union Information Security and Privacy Policies

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016

Standard CIP Cyber Security Systems Security Management

Privileged Account Security: A Balanced Approach to Securing Unix Environments

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

locuz.com SOC Services

DATA CENTER IT/OT SECURITY FOR DATA CENTERS FOXGUARD SOLUTIONS 2285 PROSPECT DRIVE CHRISTIANSBURG, VA FOXGUARDSOLUTIONS.COM

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Cyber Security Program

Protecting productivity with Industrial Security Services

Control Systems Cyber Security Awareness

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Managed Endpoint Defense

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017

SIEM Solutions from McAfee

Transcription:

Digital Wind Cyber Security from GE Renewable Energy

BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well as employee and public well-being. More and more, utilities are a growing target for cyber criminals keen on making political statements or simply as criminal misdeeds. Government organizations, such as the Department of Homeland Security, continue to advise power executives to take proactive steps to protect physical assets, software systems and network components of their operating environment. Additionally, as the renewable energy industry has become a more challenging operating environment, leaders are forced to be creative in business planning, and the associated risk management to that business plan. As part of an enhanced risk management program, forward thinking energy industry leaders are putting the right programs in place to assess their vulnerabilities, to protect their systems and proactively defend their environments. However, the challenge is significant. The nature of security attacks are ever-evolving and require continuous vigilance to combat. Due to the specific nature of attacks on operating technologies, such as Supervisory Control and Data Acquisition (SCADA), unique programs are required above the standard IT security protocols to truly protect the power operating environment. What s needed is a partner who understands the security profile of an operating environment and understands emerging cyber security regulatory requirements, who has a focus on industrial software and technology, offers a comprehensive strategy and software portfolio, and is backed by global security expertise. GE has been serving the energy industry for decades in every region in the world and offers a comprehensive set of cyber solutions, built on experience and the Industrial Internet platform, Predix. Together with our customers we are dedicated to protecting the global energy infrastructure from those who would compromise power generation, public safety and the financial health of our customers. people lost power in the Ukraine due to a cyber attack (December 2015) K $ BILLION impact to the US economy of an electricity blackout across 15 US states affecting 93 million people Source: Lloyds Emerging Risk Report, 2015

THE PATH FOR MAXIMUM CYBER PROTECTION It is important to understand the steps required to implement a security strategy. The easiest way to identify and initiate these steps is to review a security maturity model, with clear actions outlined for the Renewables business environment: CONCERNED COMPLIANT CONFIDENT CONCERNED For customers concerned about their security posture, we start with an assessment to identify immediate security issues that can impact operations, even if the environment is thought to be air gapped. Common findings from expert assessments include unapproved wireless access points or unsafe software vulnerabilities that attackers can easily exploit. Many of these issues can be fixed quickly and simply to reduce cyber threat risk. COMPLIANT We can also assist customers with understanding cyber security regulations. Implement defensive layers to comply with standards and strengthen the security posture. Lower the risk of security exploits by using technical solutions, such as purpose-built industrial control security equipment. Set up automation and patch management tools to simplify and expedite security administration. Implement Cyber incident response plan to inform internal resources on what to look for and how to respond to cyber activities. CONFIDENT Asset security monitoring, personnel training and ongoing incident response. Regular assessments and security health checks can monitor dynamic environments. Centralizing security management operations can significantly reduces system downtime, potential asset damages and production risks. Across all stages, it is critical to maintain a constant vigilance to ensure basic security hygiene and the enforcement of cyber security policies.

SOLUTION DESCRIPTION GE Renewable Energy Digital Solutions work at any stage of security maturity to bring greater control, less risk and increased reliability to a power generation business. Depending on the situation, there are impactful people, process and technology actions that can be instituted. GE s Digital Cyber Security Solutions include: Security Assessment Services Security and assessment testing for operational technology (OT) is a specific and demanding discipline. It requires an industrial mindset, in-depth OT cyber security knowledge and the ability to apply best practices to industrial process environments. GE s security and test professionals can help power companies plan, design, and build operational resilience into people, processes and technology. Cyber Security Assessment is an in-depth, comprehensive evaluation of the operational site facility based on industry standards and best practices, resulting in an individualized report with prioritized mitigation recommendations and strategies. The assessment consists of: Site Security Health Check: Rapid overview of the operational site facility providing a baseline of cyber strategy, with recommendations on further analysis as well as economic justifications for remediation. Site Security Assessment: Deliver comprehensive, indepth facility evaluation to understand the security posture of the processes, architecture, and technology. Identify security weaknesses, prioritize areas of improvement and align security practices to industry standards with a comprehensive, in-depth facility evaluation. NERC CIP Cyber Vulnerability Assessment: In-depth evaluation for electric utilities following the requirements prescribed by NERC CIP. The report includes mitigation plans aligned to NERC CIP as well as other industry best practices. IEC Security Practices Certification: Provides certification for system supplier compliance with industry standard security best practices (IEC62443-2-4), covering areas such as hardening, anti-malware, patch management, network, and data security. Glossary of Key Terms FSA: Full Service Agreement DMZ: Demilitarized Zone SIEM: Security Information and Event Management VLAN: Virtual Local Area Network

OpShield A purpose-built intrusion detection and intrusion protection security solution designed to protect critical infrastructure, control systems, and operational technology (OT) assets. OpShield monitors and blocks malicious activity and minimizes disruptions to enable highly available operations and secure productivity. OpShield is purpose-built to protect industrial and SCADA operations, offering comprehensive security, simplicity, and visibility. This network security solution monitors and blocks malicious activity and attacks to ensure highly available industrial operations for maximum uptime and secure productivity. Inspects and Controls: Industry leading threat signatures and granular control over protocol commands Virtual Zoning: Create logical security policy zones without physically rewiring the network (VLAN) Graphical Network Topology (real-time): Real time graphical representation of the controls network. Includes unknown device discovery and alerting and SIEM integration Intrusion Protection System/Intrusion Detection System (IPS/IDS): Accurately detects and protects cyber attacks to the industrial network. By leveraging Wurldtech s* OT and IT signature set, OpShield offers specific and customized, industrial protection for SCADA systems and industrial networks. Purpose built for industrial control systems, the inspection engine supports most existing industrial protocols, with the flexibility to easily support emerging proprietary protocols. Centralized Management: A single graphical interface to build and deploy security policy and protection profiles. It also offers a network-wide view of alerts and attacks on the industrial network SecurityST GE s SecurityST provides an integral defense-in-depth solution for turbine, plant and generator controls environments. Employing multiple defensive services and technologies, it supports the reliability, availability, integrity and maintainability of a plant s critical control system and related networks. The SecurityST solution is designed to support wind farm operators compliance to cyber security regulations, standards, and guidelines such as, NERC CIP and IEC Role Based Access Control: Enforces best practice of every user having a unique user name and password Password Management: Enforces policies for password strength, life, and reuse restrictions Security Information and Event Management: Provides centralized function with real-time visual security status dashboard and events display Patch Update Service: Monthly subscription service provides vendor approved software security patches Endpoint Protection: Every Windows -based system is continuously monitored for viruses, spyware, rootkits, Trojans, and adware Backup and Recovery: Backup functionality for typical and disaster recovery processes Cyber Security Training A comprehensive portfolio of security training courses for critical infrastructure to increase staff knowledge and awareness. Training content is developed and delivered by GE s security experts, who regularly analyze and implement real-world security solutions at operating facilities. Security Monitoring Service** Remote monitoring and diagnostics of OT control environment security events. Activities are examined on network, SCADA and host environments; User and systems accounts are monitored for malicious or compromising events. * GE acquired Wurldtech Security Technologies in 2014. ** Scheduled for General Availability release in late 2017

CUSTOMER BENEFITS Overall Cyber Security Solution Benefits Reduced risk from cyber attack on key assets, SCADA systems, and operational network infrastructure Proactive identification of critical vulnerabilities and security events Improved operational reliability and reduced risk in business continuity Support regulatory compliance globally, such as NERC CIP in North America, with ability to demonstrate security actions and activities SecurityST Benefits Maintains consistent operations of plant s critical controls and related systems Identifies cyber threats to control systems from external or internal sources Provides secured backup and recovery capabilities Provides enhanced protection against execution of unauthorized code Supports plant management s compliance to cyber security regulations, standards and guidelines OpShield Benefits Protects industrial OT system with strong perimeter and field defense Inspects and protects control system network protocols with industry s leading threat intelligence Introduces breakthrough drag-and-drop virtual zoning for segmentation without network disruption Displays graphical network-wide industrial security view and integrates with SIEM tools Simplifies security administration with easy to use graphical interfaces Cyber Security Training Benefits Arms personnel to be the front line in the battle against cyber attacks Achieve compliance requirements for training and preparedness Protect against employee attrition by educating a broader set of talent Proactively stop cyber attacks with a well developed staff, ready to identify and act on suspicious events $ 9K $ MM avoided from a day of downtime at a 50 MW wind farm max penalty per day per NERC CIP violation

A WELL DEFINED AND PROTECTED OPERATIONS ENVIRONMENT IT systems are typically fortified at the edge of the Internet with firewalls, proxy servers and intrusion detection services. However, within the corporate environment, sub-networks exist with much looser security barriers, due to the system and data sharing requirements between departments. The OT environment requires a much stronger vigor to protect against attacks that might come from the Internet: The wind farm SCADA should exist within it s own network environment, with no direct access to the Internet allowed from that network. The SCADA network should be separated from the rest of the corporate network via technologies (i.e. firewall, DMZ) that limit traffic allowed between the two to only that with special designation. User access to the OT network environment should be controlled and examined frequently to ensure that only those that require access are allowed access. Access lists should be reviewed at regular intervals by senior management extraneous access and departed employees should be removed immediately. Traffic within the SCADA network needs to be monitored closely with sophisticated intrusion detection capabilities to identify any suspicious activities.

NERC CIP Compliance Many U.S. electric utilities are now federally mandated to comply with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards that dictate industrial security and remediation technology, including required compliance, by July 1, 2016. GE s products and services assist power generation customers in meeting CIP mandatory standards and reduce the likelihood of a compliance event. An event would result in a fine of $1MM per day. Cyber Security Solution Applicability

Regulatory Cyber Asset Integration Solution Results in Compliance and Avoided Penalties Established wind businesses have sophisticated challenges. NERC CIP compliance of back-office is a critical need that must be in place while maintaining seamless connectivity and FSA. The solution was GE Renewable Energy's Digital Wind Cyber Security. The team implemented security solution to the customer's remote operating center, built secure communication channels, and established secure processes for services. As a result of the integration, the remote monitoring center is NERC CIP Compliant, penalties were avoided, secure access for FSA is in place and maintained.

About GE GE (NYSE: GE) is the world s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive, and predictive. GE is organized around a global exchange of knowledge, the GE Store, through which each business shares and accesses the same technology, markets, structure, and intellect. Each invention further fuels innovation and application across our industrial sectors. With people, services, technology and scale, GE delivers better outcomes for customers by speaking the language of industry. Contact Information Americas: 1-855-YOUR1GE (1-855-968-7143) gedigital@ge.com www.renew.ge/digitalwind 2016 General Electric. All rights reserved. *Trademark of General Electric. All other brands or names are property of their respective holders. Specifications are subject to change without notice. 01 2017

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback