INDUSTRIAL CYBER SECURITY

Similar documents
Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

HONEYWELL INDUSTRIAL CYBER SECURITY

Mark Littlejohn June Improving ICS Cyber Security Consistency Using Managed Security Services

Safdar Akhtar, Cyber Director Sema Tutucu, Ops Leader 27 September CYBER SECURITY PROGRAM: Policies to Controls

Continuous protection to reduce risk and maintain production availability

T22 - Industrial Control System Security

Industrial Security - Protecting productivity. Industrial Security in Pharmaanlagen

Ciprian Covas INDUSTRIAL CYBER SECURITY PROGRAM & SOLUTIONS FOREN 2016, Costinesti

Cyber security - why and how

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Cyber Security for Process Control Systems ABB's view

Industrial Defender ASM. for Automation Systems Management

Securing Industrial Control Systems

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Cyber Security Solutions for Industrial Controls

Practical SCADA Cyber Security Lifecycle Steps

Digital Wind Cyber Security from GE Renewable Energy

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

IC32E - Pre-Instructional Survey

Protecting productivity with Industrial Security Services

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Lindström Tomas Cyber security from ABB System 800xA PA-SE-XA

Cybersecurity Training

Reinvent Your 2013 Security Management Strategy

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK

Designing and Building a Cybersecurity Program

CYBERVANTAGE TM SECURITY CONSULTING SERVICES

SANS SCADA and Process Control Europe Rome 2011

locuz.com SOC Services

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

LESSONS LEARNED IN SMART GRID CYBER SECURITY

CCISO Blueprint v1. EC-Council

Cyber security for digital substations. IEC Europe Conference 2017

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Protection Levels, Holistic Approach. ISA-99 WG 3 TG 3 Protection Levels

Nebraska CERT Conference

Cyber Criminal Methods & Prevention Techniques. By

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Welcome to the webinar! We will start within a few minutes

ISE North America Leadership Summit and Awards

Industrial Cyber Security. INDUSTRIAL CYBER SECURITY Safely embrace the digital age with advanced solutions and services to reduce cyber risk.

IEC A cybersecurity standard approaching the Rail IoT

Konstantin Rogalas CYBER SECURITY PROGRAM & SOLUTIONS

Cisco Secure Ops Solution

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

AT&T Endpoint Security

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist

Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017

K12 Cybersecurity Roadmap

COMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013

NW NATURAL CYBER SECURITY 2016.JUNE.16

SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE

Securing Your Digital Transformation

Plant Security Services Protecting productivity in the digital era October

Introduction to ICS Security

Cyber Security. June 2015

Cybersecurity Overview

Industrial Network Trends & Technologies

Cyber Security Solutions Mitigating risk and enhancing plant reliability

ABB Process Automation, September 2014

THE TRIPWIRE NERC SOLUTION SUITE

IPM Secure Hardening Guidelines

ITSM SERVICES. Delivering Technology Solutions With Passion

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Cybersecurity for IoT to Nuclear

ISA99 - Industrial Automation and Controls Systems Security

Position Title: IT Security Specialist

CYBERVANTAGE MANAGED SECURITY SERVICES

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Maturity assessment on Cybersecurity for critical infrastructures

Click to edit Master title style. DIY vs. Managed SIEM

What It Takes to be a CISO in 2017

Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant

Ransomware A case study of the impact, recovery and remediation events

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Paul Hodge Virtualization Solutions: Improving Efficiency, Availability and Performance

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT

Cyber Security of Industrial Control Systems (ICSs)

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Endpoint Security for DeltaV Systems

Education Network Security

ARC VIEW. Honeywell s New PLC Brings Digital Transformation to the ControlEdge. Keywords. Summary. The Edge and IIoT.

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

ARC VIEW. Leveraging New Automation Approaches Across the Plant Lifecycle. Keywords. Summary. By Larry O Brien

Daniel Severino, Sam Wilson October 2 nd, Achieving Cyber Security Across Your Enterprise with ICS Shield and Risk Manager

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Certified Information Systems Auditor (CISA)

Information Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure

Ransomware A case study of the impact, recovery and remediation events

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Transcription:

Rudrajit Roy 20 October 2016 INDUSTRIAL CYBER SECURITY A Comprehensive Approach

Agenda 1 Global Industrial Cyber Security Journey Industry Best Practices Honeywell Industrial Cyber Security Who we are, What can we do? Honeywell Risk Manager Why Honeywell? DEMOs at the Technology Center

SAFETY Culture Vs CYBER Security Culture 2 On the operations floor, which scenario would be considered the more serious violation? Walking through the area without a hard hat or applicable PPE? Beginning to welding without hot work permit? I don t have time for the hazard assessment Configure without security, path of least resistance Connecting untrusted portable devices to critical networks/devices I don t have time to scan Complacency is not tolerated for safety, why Cyber? No Safety, Reliability & Availability without Cyber Security

Global Journey Industrial Cyber Security 3 PAST PRESENT FUTURE 2010 YOUNG & IMMATURE 1. FEAR 2. AVAILABILITY, SAFETY and RELIABILITY 3. STANDARDS and COMPLIANCE Starts MATURING 1. STANDARDS and COMPLIANCE 2. AVAILABILITY, SAFETY and RELIABILITY 3. FEAR Scientific Discipline Integral part of Control System Lifecycle Never Solved but Managed Attack Back Integral part of Control System Lifecycle

Industrial Cyber Security Standards 4 United Arab Emirates NESA National Electronic Security Authority Qatar ICT Qatar National Electronic Security Authority Standards organizations such as IEC International Electro technical Commission ISA International Society of Automation ISASecure ISA Security Compliance Institute ISO International Standards Organization United States of America - Government / semi-government NIST National Institute of Standards &Technology NERC CIP North American Electric Reliability Corporation / Critical Infrastructure Protection Honeywell Experience

Cont rol Firewal Power Status Cont rol Firewal Power Status Cont rol Firewal Power Status Cont rol Firewal Power Status Industry Best Practice Purdue model of Controls 5 IEC-62443, ISO-99, NIST, ICT Qatar, NESA, etc. - Demarcation (DMZ Deployment) - Layered structured Enterprise Zone DMZ Internet Level 4 Level 3.5 Remote Access DMZ (PROD) Proxy / Relay Server Internet Honeywell Managed Service Center IPS Sensor Firewall L3.5 Firewalls Business LAN Remote Users Proxy VPN IPS Sensor Process Control DMZ PCS Historian E-SVR / Collaboration Station Managed Industrial Cyber Security Services Threat Intelligence Next Generation Firewalls Intrusion Detection System Intrusion Prevention System Data Diode Control Zone Level 3 Level 2.5 Level 2 Honeywell Managed Services Network Monitoring Performance Monitoring Patch & Update Services Honeywell Virtualization Backup & Restore VM Monitoring Passive Vulnerability Monitoring Experion PKS EPKS R410.x EPKS R430.x Dell 01 ICS 201S Dell 02 ICS 202S Dell 03 ICS 203S ESXi hosts Dell 03 L3 Routers L2.5 Routers ICS 204S IPS Sensor Honeywell FTE Network Passive Security Monitoring Sensors Experion PKS EPKS R410.x EPKS R430.x Honeywell Virtualization Backup & Restore VM Monitoring Passive Vulnerability Monitoring Level 3 PCN Advanced Control Systems Security Management PCN Monitoring Blade Chassis ESXi hosts 3 rd Party DCS 3 rd Party DCS Systems Risk Manager Security Information & Event Management (SIEM) Network Performance and Security Monitoring Network Access Control Backup & Restore System Hardening VM Performance Monitoring Domain High Security Policy User Access Control Passive Vulnerability Monitoring OS/Application Vulnerability Management Application Whitelisting ICS USB Protection Anti-Virus / Malware Protection Security Patch Management Level 1 Controllers Honeywell C300 PLC Modbus TCP SCADA Controllers Honeywell C300 3 rd Party PLC Modbus TCP SCADA Controllers 3 rd Party PLC Modbus TCP SCADA Honeywell MODBUS/TCP Firewall Honeywell Control Firewall

6 Honeywell Industrial Cyber Security

Honeywell Industrial Cyber Security 7 Edmonton Amsterdam Bucharest Global setup to serve global organizations as well as local asset owners Houston Atlanta Dubai Pune Kuala Lumpur Santiago Perth RSC + HICS HICS Office Private LSS RSC HICS Resource(s) Global Operations with Local Focus

Complete Industrial Cyber Security Solutions 8 Comprehensive, Holistic and Vendor Neutral Professional Field Services - Advisory consulting - Implementation and systems integration - Operational service and support Managed Cyber Security Services - Continuous monitoring and alerting - Secure automated patch & signature updates - Cyber expert support and co-management Honeywell Cyber Security Software - Industrial Cyber Security Risk Manager - Monitoring platform and assessment tools Integrated Partner Technology Proven, Trusted and Industry Leading

Solutions Addressing Cyber Security End to End 9 Backup and Recovery Incident Response Planning Incident Response: On Site & Remote Forensics & Analysis Industrial Cyber Security Vulnerability & Risk Assessments Network & Wireless Assessments Cyber Security & Compliance Audits Current State Analysis Secure Design and Optimization Zone & Conduit Separation Continuous Monitoring Compliance & Reporting Cyber Security Risk Manager Industrial Security Information & Event Management (SIEM) Cyber Security Awareness & Training Policy and Procedures Development Firewall, Next Gen FW Intrusion Detection & Prevention (IDS/IPS) Access Control Industrial Patching & Anti-Virus Industrial Application Whitelisting End Node Hardening Portable Media/Device/USB Security

Industrial Cyber Security Solutions Lab 10 Flexible Model of Complete Process Control Network Solutions Development Training and Certification Customer Demonstrations World-Class, Industry Leading Innovation

Managed Industrial Cyber Security Services 11 Patch and Anti-Virus Automation Security and Performance Monitoring Activity and Trend Reporting Advanced Monitoring and Co- Management Secure Access Tested and qualified patches for operating systems & DCS software Tested and qualified anti-malware signature file updates Comprehensive system health & cybersecurity monitoring 24x7 alerting against predefined thresholds Automated inventory Monthly or quarterly compliance & performance reports Identifying critical issues and chronic problem areas Firewalls, Intrusion Prevention Systems, etc. Honeywell Industrial Cyber Security Risk Manager Highly secure remote access solution Encrypted, two factor authentication Complete auditing: reporting & video playback Monitoring, Reporting and Honeywell Expert Support

Honeywell Security Service Center (SSC) 12

Honeywell SUIT Lab Security Update Investigation Team 13 Testing & Qualification of Microsoft Patch Updates & Anti-Malware Updates for Honeywell Systems

Honeywell Expertise 14 Operational Technology Experience

Cyber Security Controls and Tools: Examples 15 Security Management Intrusion Protection & Threat Intelligence Application & Endpoint Security Next Generation Firewall Network Security

Roadmap 16

Cyber Trainings by Automation College 17 Trained people = effective Cyber Program

Honeywell Risk Manager 18 Risk Location WHERE IS IT COMING FROM? Risk Sources WHAT IS CAUSING THE RISK? Risk Indicators WHAT DO I NEED TO DO? Risk Trends HOW AM I DOING? No Need to be a Cyber Security Expert, made for DCS

19 Monitor Measure Manage Continuously & Real-time Identify & Analyze Vulnerabilities and Threats Inside and Outside attacks Employee actions Devices on Network Network Traffic Rogue Devices Immediate Notifications Time to implement security patches % of endpoints free of malware and viruses Reduction in unplanned system downtime Reduction in number of known vulnerabilities & Threats Percentage of recurring incidents Improvements in overall site risk Reactive to proactive cyber security planning Accurately track improvements Generate correct reports Trending help you gauge the impact of decisions Manage workflow and prioritize resources based on risk severity No reconfiguration of system with each upgrade Configuration data and risk settings are preserved Proven and Trusted

Value Proposition 20

Addresses Stakeholder Responsibilities 21 Control Engineers Anticipate cyber security scenarios Plan for protective measures/safe operating procedures Understand how possible attacks might disrupt operations Monitor the IACS for indicators of threats Track/monitor assets according to different zones. Plant Management Provide updates on the site s security posture Have accurate measurements of risk aligned with industry standards Help focus resources on addressing threats Maintain uptime and meet production goals and other core business objectives Gain the know-how to prioritize efforts to manage risk Assess the impact of security controls on automation performance Establish and improve metrics for out-of-date patches and antimalware. Executives Demonstrate cyber security due diligence to board of directors, investors and regulators Map key risk indicators to KPIs Demonstrate the value of cyber security investments Incorporate meaningful cyber security risk ratings into risk management frameworks and evaluate compliance efforts Proven and Trusted

Why Honeywell? 22 Industrial Cyber Security Experts Global team of certified Industrial Cyber Security experts 100% dedicated to Industrial Cyber Security Experts in process control cyber security Leaders in security standards ISA99 / IEC62443 / NIST Proven Experience 10+ years industrial cyber security 1,000+ successful industrial cyber projects 350+ managed industrial cyber security sites Proprietary cyber security methodologies and tools Investment and Innovation Largest R&D investment in industrial cyber security Strategic partnerships with leading cyber security product vendors Industry first Cyber Security Risk Manager State of art Industrial Cyber Security Solutions Lab Refining & Minerals, Petrochemical Oil & Gas Chemicals Power Generation Metals & Mining Pulp & Paper Proven Industrial Cyber Security Solution Provider

23 Demo @ Technology Center

Industrial Cyber Security Risk Manager 24 Available Globally Easy-to-use interface and built in guidance eliminates need to be a cyber security expert Real time data collection and analytics, continuously monitors for indicators of cyber security risk Proactively identifies vulnerabilities & detects threats that could impact the ICS Internal health monitoring helps ensure the system is operating at optimum level First and only of its kind for Industrial Environments Low impact monitoring won t disrupt plant operations or cause network delays Proactively Monitor, Measure, and Manage Industrial Cyber Security Risk

Get updates Collect monitoring data Get updates Send data Managed Industrial Cyber Security Services 25 Industrial Site Internet Security Service Center Level 4 Corporate Proxy Server Level 3.5 eserver Terminal Server Relay Node Isolates ICS/PCN Ensures no direct communication between L3 and L4 Communication Server Application Servers Level 3 Restricts unauthorized ICS/PCN nodes from sending or receiving data Database Servers Service Node Anti malware Patch Management Monitoring Secure access Level 2 EST/ESF 3 rd Party Historian Domain Controller SSL Encrypted communication Connects to Honeywell Security Service Center ONLY! ACE EST/ ESF Experion Servers Domain Controller Level 1

Honeywell Industrial Cyber Security 26 Safdar Akhtar Director Business Development ME, Africa and Asia Pacific cell: +971 56 418 8706 safdar.akhtar@honeywell.com Rudrajit Roy Business Development Manager India and SEA cell: +602 4646915 rudrajit.roy@honeywell.com Mike Spear Global Operations Manager phone: +1 (770) 689-1132 cell: +1 (678) 447-6422 mike.spear@honeywell.com Chee Ban Ngai APAC Operations Manager cell: +60-122330915 cheeban.ngai@honeywell.com Follow us: www.twitter.com/insecculture Blog: http://insecurity.honeywellprocess.com Bulletin Board: http://hpsvault.honeywell.com/sites/hpsvault/services/ Website: http://www.becybersecure.com

Thank You www.becybersecure.com

28 Backup Slides

IT Vs OT 29 Corporate Industrial Controls Systems Risk Non life threatening Safety Availability & Reliability Architecture & Traffic type Interfaces Communication connectivity Roles & Responsibilities IT Important Down time is acceptable Voice, Video, Data over business IT infrastructure OS and applications, Unix, terminals, keyboards, web browsers, Graphical user interfaces, etc. LAN based on dynamic IP, WAN Based on optical, etc. Support and protect business applications OT Critical Downtime is not acceptable Events drive, real-time, Industrial embedded HD and SW. Controls, safety, motion, time synchronization, etc. Servers, Sensors, E/M switches, actuators, relays, PLC, DCS, SCADA, etc. Customized embedded OS Plant based on static IP over ethernet or customized twisted pair, etc. Support plant critical processes Availability, reliability and safety

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback