Indegy. Industrial Cyber Security. Matt Petrauskas Regional Director.

Similar documents
Indegy. Industrial Cyber Security. ISA New Orleans Section. Applying the NIST Framework February 6, 2018

Indegy. Industrial Cyber Security. The Anatomy of an Industrial Cyber Attack

Securing Industrial Control Systems

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Continuous protection to reduce risk and maintain production availability

T22 - Industrial Control System Security

Industrial Defender ASM. for Automation Systems Management

How AlienVault ICS SIEM Supports Compliance with CFATS

ABB Ability Cyber Security Services Protection against cyber threats takes ability

Spotlight Report. Information Security. Presented by. Group Partner

Cyber Security Technologies

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi

Manufacturing security: Bridging the gap between IT and OT

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Cyber Security for Process Control Systems ABB's view

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

MEETING ISO STANDARDS

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

IC32E - Pre-Instructional Survey

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

THE CYBERX PLATFORM: PROTECT YOUR PEOPLE, PRODUCTION, AND PROFITS HIGHLIGHTS SOLUTION BRIEF

Digital Wind Cyber Security from GE Renewable Energy

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

The Connected Water Plant. Immediate Value. Long-Term Flexibility.

The Art and Science of Deception Empowering Response Actions and Threat Intelligence

Security. Made Smarter.

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

External Supplier Control Obligations. Cyber Security

Business Context: Key for Successful Risk Management

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

Reinvent Your 2013 Security Management Strategy

Control Systems Cyber Security Awareness

NEXT GENERATION SECURITY OPERATIONS CENTER

locuz.com SOC Services

Cisco Secure Ops Solution

Background FAST FACTS

Symantec Security Monitoring Services

SYMANTEC DATA CENTER SECURITY

ForeScout CounterACT Pervasive Network Security Platform Network Access Control Mobile Security Endpoint Compliance Threat Management

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

AKAMAI CLOUD SECURITY SOLUTIONS

Designing and Building a Cybersecurity Program

SIEM: Five Requirements that Solve the Bigger Business Issues

Data Sheet. Claroty Platform: Continuous Threat Detection

Transforming Security Part 2: From the Device to the Data Center

Innovation policy for Industry 4.0

SANS SCADA and Process Control Europe Rome 2011

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Carbon Black PCI Compliance Mapping Checklist

Introduction to ICS Security

Security in a Converging IT/OT World

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

How CyberArk can help mitigate security vulnerabilities in Industrial Control Systems

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

ForeScout Extended Module for Splunk

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Best Practices in ICS Security for System Operators

Traditional Security Solutions Have Reached Their Limit

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

GDPR Update and ENISA guidelines

align security instill confidence

Infrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Cybersecurity for IoT to Nuclear

Why you should adopt the NIST Cybersecurity Framework

AAD - ASSET AND ANOMALY DETECTION DATASHEET

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

Heavy Vehicle Cyber Security Bulletin

Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance

Cyber Resilience Solution for Smart Buildings

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

No compromises for secure SCADA Communications even over 3rd Party Networks

Protecting productivity with Industrial Security Services

Helping the C-Suite Define Cyber Risk Appetite. The executive Imperative

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

CA Security Management

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network

AUTHORITY FOR ELECTRICITY REGULATION

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Snort: The World s Most Widely Deployed IPS Technology

the SWIFT Customer Security

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Unlocking the Power of the Cloud

Combating Cyber Risk in the Supply Chain

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Transcription:

Indegy Industrial Cyber Security Matt Petrauskas Regional Director mpetrauskas@indegy.com

Discussion Focus Unveiling Security Gaps in Industrial Control Networks

About the Presenter Matt Petrauskas 33 years in the IT Industry Software Cyber security, business intelligence and data analytics Hardware Hyper-converged Services Networking Heavy focus on: Oil & Gas Industrial Chemicals Utilities High Tech Discrete Manufacturing Consumer Goods General Electric, Fluor Corporation, EMC, Xerox, SAP, Oracle, etc.

Indegy Industrial Cyber Security Founded 2014 Customers Power, Pharma, O&G, Water, Automotive, Chemicals Investors Shlomo Kramer Gen. David Petraeus, Vertex, Magma, Aspect Locations HQ New York R&D - Israel Barak Perelman Co-Founder, CEO Stratoscale, IDF Mille Gandelsman Co-Founder, CTO Stratoscale, IDF Ido Trivizki Co-Founder, VP R&D Stratoscale, IDF Gaby Koren VP Sales Americas Panaya, Radvision, NICE Systems

Indegy protects against operational disruptions caused by cyber threats, malicious insiders and human error, by providing visibility and control to industrial networks.

Information Technology Networks IT Networks Very mature Hardened infrastructure Many vendors, many solutions Significant awareness of exposure

Industrial Control Networks Industrial Control Networks Relatively unsecure Open by design Few vendors who truly understand exposure Early stage user education in many cases Awareness limited but growing rapidly

Threats to Industrial Control Systems Cyber Attacks (External Threats) Targeted attacks Collateral damage Malicious Insiders (Insider Threat) Disgruntled employees Compromised IT devices Human Error and Negligence Unintentional mistakes Unsecure contractor equipment on site

A Shift in C-Level Responsibilities Who is responsible the CISO or Engineering? When operational incidents happen When do you find out? How quickly can you pinpoint the source of the incident? How fast can you recover? Do you have the resources you need? How much damage will be inflicted? Can you prevent it from happening again?

Positioning with Senior Management/Board of Directors

Positioning with Senior Management/Board of Directors

Limited Control and Visibility Extensive Control and Visibility - Confidential - The Lack of Visibility in ICS Networks Perimeter Controls Internet IT Controls Segmentation Access Management Corporate DMZ Corporate Network: user workstations, servers, business applications ICS servers, OPC Servers Industrial Networks HMI stations, Engineering stations Controllers (PLCs, RTUs) Field Devices (turbines, pumps, etc.)

Indegy Core Technologies Patent pending combination of both passive and active capabilities Discovers truly all changes in the ICS environment Engineering Operator HMI CPI Control-Plane Inspection Passive Deep Packet Inspection adjusted for unique industrial control-plane protocols ACV Agentless Controller Validation Periodic validation of controller integrity and components such as State, Logic, Firmware, Backplane etc. Controller Turbines Generators Valves Pumps

The Indegy Industrial Cyber Security Platform Visibility and Control for ICS Networks Software solution, delivered as a turn-key appliance Agentless (non-intrusive) Easy to deploy Indegy Management Server (IMS) VM Optional Monitors ICS network activity Data-Plane: process parameters Control-Plane: engineering activities Indegy Sensors rack mount, compact or DIN Rail Extensive, easy-to-use RESTful API Externalize collected data via built-in applications Enables integration with third-party solutions like SIEM, CMDB, Big Data, etc.

Security and Operations Hand in Hand Cyber Security Value Operational Value Real Time Activity Monitoring, Threat and Anomaly Detection Automated Asset Discovery, Classification and Inventory Vulnerability and Risk Assessment Configuration Management, Recovery Support Comprehensive Audit Trail, Forensic Support Access and Change Management

Protecting and Validating Manufacturing Processes A continuous process for securing ICS 1 2 3 4 Understand What Needs to be Protected Continuously Monitor Access and Changes Assess Risks to Devices and Networks Enforce Policies, Get Real-Time Alerts Without Visibility You Can t Have Security

Solving the Visibility Problem Asset Management Automated Asset Discovery and Activity Monitoring Solution: Automate asset discovery, classification and management for better device control. Track changes over time to: Ensure you have an up-to-date asset inventory Supervise maintenance and upgrades Have the ability to recover from incidents Without visibility there is no security

Solving the Compliance Problem Change Management Continuous Activity Monitoring Solution: Track changes over time Beyond statistical and anomoly detection Ability to clearly define policies Enable faster recover from incidents Were changes made directly to the controllers? Require 2 layers of verification (network and physically made changes) Access management Without monitoring there is no visibility

Human Error #1 in the list of concerns of ICS professionals No audit trail on changes No authentication Old equipment Internal and external personnel involved How quickly can you recover? Lack of consistent standards

Case Study Large Automotive Manufacturer A large automotive manufacturer with 100+ production plans in 30+ countries in Europe, the Americas, Asia and Africa. Thousands of cars manufactured daily Challenges: Production Downtime: experienced several events that required production downtime due to mistakes made by 3rd-party integrators Long Recovery Time: production lines were shut down for several days No Audit Trail: inability to prove who caused the issue and who should bare the cost Solution: The Indegy Platform provides a detailed audit trail that helps them track all the activities within the ICS network The audit trail enables them to quickly pinpoint the cause of operational disruptions and responsible party They can now get real-time alerts on unauthorized activities before damage is caused The Indegy Platform enables them to have minimal disruptions, less downtime, and shorter recovery time.

Case Study Global Pharmaceutical Global Healthcare Company A global manufacturing and distribution company with a wide range of healthcare products and manufacturing facilities in over 50 countries. Solution: The Indegy Platform automated asset discovery and management capabilities identified old PLCs that weren t decommissioned. Challenges: Inability to track and supervise maintenance activities performed by integrators or third-party workers Operational downtime due to a series of mistakes FDA Validation process requires guarantee zero changes in DCS system The Indegy Platform provides a detailed audit trail that helps them track 3rd party maintenance activities and ensure they have been performed on schedule They have shortened disaster recovery time from days to hours by using the detailed information captured in the event logs and PLC snapshots

Case Study Regional Water Utility Wastewater Treatment Plant A Regional Wastewater Treatment Plant Collects and treats wastewater for a large metropolitan area (est. population of 1M) Several hundred thousand gallons of wastewater treated each day Challenges: Lack of overall ICS visibility and control Ability to recover from human error/malicious insider Solution: The Indegy Platform asset discovery capabilities helped them discover a number of PLCs that they were not aware of They have automated the PLC asset management process. The employee responsible for manually checking PLCs was reassigned They utilized the backup and recovery capability to recover from an incident caused by a contractor that changed PLC configurations and left the premise without checking. Ability to effectively respond to a cyber event

Summary - Indegy Brings Visibility and Control to Your ICN Automated control-asset discovery and a continuously updated inventory ensures full visibility into critical assets Comprehensive audit trail allows the manufacturer to track the who, what, when, where and how of all access and changes to critical ICN assets Enables manufacturers to meet regulatory requirements ensuring zero changes to the controllers Real-time alerts provide detailed information on unauthorized changes to critical assets enabling quick and effective incident response

Indegy Industrial Cyber Security Thank you! Want to know more? Visit: www.indegy.com Contact us: info@indegy.com Indegy provides situational awareness and real-time security for industrial control networks to ensure operational continuity and reliability.

Indegy Industrial Cyber Security Founded 2014 Customers Power, Pharma, O&G, Water, Automotive, Chemicals Investors Shlomo Kramer Gen. David Petraeus, Vertex, Magma, Aspect Locations HQ New York R&D - Israel Barak Perelman Co-Founder, CEO Stratoscale, IDF Mille Gandelsman Co-Founder, CTO Stratoscale, IDF Ido Trivizki Co-Founder, VP R&D Stratoscale, IDF Gaby Koren VP Sales Americas Panaya, Radvision, NICE Systems

Indegy protects against operational disruptions caused by cyber threats, malicious insiders and human error, by providing visibility and control to industrial networks.

World Wide Recognition and Awards Gartner "Cool Vendor": Digitalization Through Industrie 4.0 IoT Security Solution of the Year Best Next-Gen ICS/SCADA Security Solution Best Next-Gen ICS/SCADA Security Solution 2016 IoT Innovator Award for industrial network security Network World Hot Security Startup to Watch Homeland Security Today Award for Best Cyber Critical Infrastructure Solution Most Promising Cyber Security Startup

Why Indegy? Improving operational continuity, safety and reliability by providing real-time situational awareness and security for industrial control networks Patent pending monitoring technology provides unparalleled real-time visibility into ICS activities A proven solution deployed in 40 locations around the world About Team Decades of hands on experience with cyber security of industrial control systems. Indegy s research team draws from Israeli Defense Forces' elite cyber security agencies. Infrastructure Advanced ICS laboratory and test bed including a wide variety of automation controllers. Low-touch network deployment that does not disrupt operations Investors Shlomo Kramer Gen. David Petraeus Vertex Ventures Magma Venture Partners Aspect Ventures Indegy

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback