Cybersecurity Overview

Similar documents
PIPELINE SECURITY An Overview of TSA Programs

The Office of Infrastructure Protection

NW NATURAL CYBER SECURITY 2016.JUNE.16

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Statement for the Record

Standards. Howard Gugel, Director of Standards Board of Trustees Meeting February 11, 2016

Grid Security & NERC

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Security Standards for Electric Market Participants

TSA/FTA Security and Emergency Management Action Items for Transit Agencies

Control Systems Cyber Security Awareness

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

The Office of Infrastructure Protection

Critical Infrastructure Partnership

Compliance Monitoring and Enforcement Program Technology Project Update

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Heavy Vehicle Cyber Security Bulletin

FEMA Region III Cyber Security Program

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

National Policy and Guiding Principles

Cyber Security on Commercial Airplanes

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

Security and Emergency Response Issues for the Refining and Petrochemical Industry

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Federal Information Sharing Resources for Small and Midsize Businesses

What It Takes to be a CISO in 2017

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

The Office of Infrastructure Protection

Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas

DHS Cybersecurity: Services for State and Local Officials. February 2017

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

NERC Staff Organization Chart

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

DEFENSE LOGISTICS AGENCY

Securing Industrial Control Systems

SFC strengthens internet trading regulatory controls

Cybersecurity Checklist Business Action Items

MassMutual Business Continuity Disclosure Statement

TACOMA PUBLIC UTILITIES CYBERSECURITY PROGRAM NIAC WORKSHOP JUNE 2017

Designing and Building a Cybersecurity Program

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Certified Information Security Manager (CISM) Course Overview

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Canada Life Cyber Security Statement 2018

Department of Homeland Security Updates

Framework for Improving Critical Infrastructure Cybersecurity

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Cyber Security Incident Report

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Pipeline Security Guidelines. April Transportation Security Administration

Defending Our Digital Density.

GridEx IV Initial Lessons Learned and Resilience Initiatives

The Office of Infrastructure Protection

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

The NIST Cybersecurity Framework

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

INFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

AUTHORITY FOR ELECTRICITY REGULATION

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Private Sector Clearance Program (PSCP) Webinar

April Appendix 3. IA System Security. Sida 1 (8)

Critical Cyber Asset Identification Security Management Controls

The Office of Infrastructure Protection

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Cyber Hygiene: A Baseline Set of Practices

Cyber Security & Homeland Security:

Sneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

Directive on Security of Network and Information Systems

Cyber Risks in the Boardroom Conference

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

The Common Controls Framework BY ADOBE

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

Florida State University

CYBER SECURITY POLICY REVISION: 12

NOSAC. Phase I and Phase II FINAL REPORT

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Chapter 1. Chapter 2. Chapter 3

Education Network Security

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

Data Security and Privacy Principles IBM Cloud Services

Chapter X Security Performance Metrics

Information Governance, the Next Evolution of Privacy and Security

CCISO Blueprint v1. EC-Council

How AlienVault ICS SIEM Supports Compliance with CFATS

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

Transcription:

Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1

Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where failure or exploitation could potentially impact pipeline safety or reliability. Holistic Approach: o Centralized Cyber Security department and coordination with Corporate Security department on intelligence and government liaisons. o Physical Risk Assessments - based on Transportation Security Administration (TSA) Pipeline Security Guidelines. Leadership Commitment: o Senior Kinder Morgan management (CEO, CFO, CIO, General Counsel, Presidents of business segments, and Corporate Security) are briefed on a quarterly basis concerning cyber security status and initiatives. 2

Security Guidelines Framework for Improving Critical Infrastructure Security, National Institute of Standards and Technology (NIST) Pipeline Security Guidelines, by U.S. Transportation Security Administration (TSA) Control Systems Cyber Security Guidelines for the Natural Gas Pipeline Industry, Interstate Natural Gas Association of America (INGAA) API Standard 1164 - Pipeline SCADA Security, American Petroleum Institute (API) Security Guidelines for the Petroleum Industry, American Petroleum Institute (API) 3

Threat and Information Sharing Intelligence Sources: o Kinder Morgan participates and receives threat information through various sources, including: A partnership between the FBI and the private sector (FBI-InfraGard), Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Fusion Centers, Oil and Gas Sector, and Vendors Classified Briefings with the Federal Intelligence Community (CIA, DHS, DOE, FBI, and NSA) Secret Clearances held by various individuals in various groups: IT (4), Corp Security (2), and Operations (4) Information Sharing: o Joining the Downstream Natural Gas Information Sharing Analysis Center (ISAC) o Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) or other Federal Partners Federal Partner and Industry Engagement: o Active participant in Sector Coordinating Councils (SCC) to remain connected to government and industry initiatives on cyber security o Industry Organizations include: American Petroleum Institute (API) Interstate Natural Gas Association of America (INGAA) International Liquid Terminals Association (ILTA) Association of Oil Pipelines (AOPL) Energy Security Council (ESC) o Federal Partners include: Department of Homeland Security (DHS) Transportation Security Administration (TSA) Department of Energy (DOE) Department of Transportation (DOT) United States Coast Guard (USCG) Federal Bureau of Investigation (FBI) Office of the Director of National Intelligence (ODNI) 4

Awareness, Exercises, and Testing User Awareness o Email campaigns designed to educate users on the spread of malware through email Response Exercises with Operations o Physical and Cyber security scenarios conducted with live action field response Penetration Testing o Performed annually o Variety of 3 rd Parties Used Interstate Natural Gas Association of America (INGAA) Cyber Tabletop Exercise o Conducted joint tabletop exercise with other pipeline companies, Federal Energy Regulatory Commission (FERC), Transportation Security Administration (TSA), and Department of Homeland Security (DHS) o Tested response, recovery, notifications, and coordination with government agencies 5

Cyber Security Measures Supervisory Control and Data Acquisition (SCADA) Security o Separation: SCADA systems have been separated from the business network (i.e., No direct path to the business network or the Internet) o SCADA systems have been separated from each other Enhanced Access Control o Unique ID s for each domain o Two Factor Authentication (2FA) o Administrative controls Audit logging and monitoring o Intrusion Detection System o Full Packet Capture monitoring for forensic analysis o Third party APT (Advanced Persistent Threat) and malware notifications o Centralized enterprise logging Distributed Denial of Service (DDOS) mitigation solution Investigating Dark WEB monitoring Asset management o Improve asset inventories o If you don t know what you own, you cannot manage it. If you don t manage it, you cannot secure it. 6

Cyber Security Measures - Continued Network Operations Center (24 X 7: 365) o Monitors critical SCADA systems and Telecommunications circuits o Communicates Directly with Control Centers o Call out support staff o Escalate to Management o Monitor Environmental Systems Physical Security of IT Infrastructure o Data Centers and SCADA (Supervisory Control and Data Acquisition) system servers are maintained in a secure environment o Access is restricted to authorized personnel only and reviewed quarterly Password management o Centralized password management solutions Configuration and Patch management o Increase coverage of patch and configuration management solutions System Security o Increase coverage of security endpoint solutions (e.g,. Anti-Virus) o Endpoint segregation o Implementation of application white/black listing solution o Filter WEB traffic o Filter Email traffic 7

Response and Recovery Incident Response Plan: o Graduated response plan based on incident type and impact Business Continuity Plans and Crisis Management Team o Priority classification for systems and corporate resources to assist KM entities Communications: o Emergency Response Line (ERL) Communication process for engaging decision makers and support staff to manage incidents, issues, and responses; Process is part of KM culture Incidents are communicated to the appropriate people via text and email A description of the incident, location, and conference call information (if needed) Elevation to Senior Kinder Morgan management members (if needed) o Information Technology Service Notification (ITSN) Similar to the ERL process, but specific to Information Technology Incidents are communicated to the appropriate people via text and email A description of the incident, location, and conference call information (if needed) 8

Redundancy and Restoration Data Centers: o SCADA (Supervisory Control and Data Acquisition) systems and Data Centers are located in geographically diverse locations o Fail over between primary and secondary systems are tested annually o Multiple sites have backup telecommunications circuits in place Control Rooms: o Control Centers are located in geographically diverse locations o Fail over between primary and secondary control center s are tested at least annually Environmental Security o Redundant energy supply at primary/secondary data centers o Fire suppression o Building engineers (24 X 7: 365) 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback