Cyber Resilience Solution for Smart Buildings

Similar documents
Protecting Smart Buildings

PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems

Intelligent Building and Cybersecurity 2016

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

The Claroty Difference

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Introduction to ICS Security

THE CYBERX PLATFORM: PROTECT YOUR PEOPLE, PRODUCTION, AND PROFITS HIGHLIGHTS SOLUTION BRIEF

MEETING ISO STANDARDS

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Securing the Grid and Your Critical Utility Functions. April 24, 2017

Infrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

SCADA Security: How Do I Know If I ve Already Been Owned?

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

BUILDING AND MAINTAINING SOC

Automated Threat Management - in Real Time. Vectra Networks

Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment

Orchestrating and Automating Trend Micro TippingPoint and IBM QRadar

The Future of Industrial Control Systems Security

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Designing and Building a Cybersecurity Program

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Manufacturing security: Bridging the gap between IT and OT

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

LESSONS LEARNED IN SMART GRID CYBER SECURITY

Changing face of endpoint security

How Can Indian Banks Comply with RBI cybersecurity Guidelines

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Expanding Cyber Security Management for Critical Infrastructure

Digital Healthcare. Yordan Iliev Director R&D Healthcare. Regional Cybersecurity Forum, November 2016, Grand Hotel Sofia, Bulgaria

Cybersecurity for IoT to Nuclear

Synchronized Security

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

Cyber-Threats and Countermeasures in Financial Sector

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

Industrial Networks Secured

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

COLLABORATIVE SECURITY. Network Security Endpoint Security Data Security

No compromises for secure SCADA Communications even over 3rd Party Networks

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Qualys Cloud Platform

Be effective in protecting against the cybercrime

ENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS. Protection for workstations, servers, and terminal devices

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Ransomware A case study of the impact, recovery and remediation events

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

Managed Endpoint Defense

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Data Sheet. Claroty Platform: Continuous Threat Detection

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

STANDARD ELECTRIC UNIVERSITY

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Essentials of Cyber Security Intelligence for Protecting ICS

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

How WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

SHAPE Integrated Security in The Cloud. CNBG/SP Bobby Zhou

THE ACCENTURE CYBER DEFENSE SOLUTION

ForeScout Extended Module for Splunk

Cybowall Solution Overview

Multistage Cyber-physical Attack and SCADA Intrusion Detection

WHITEPAPER ATTIVO NETWORKS DECEPTION TECHNOLOGY FOR MERGERS AND ACQUISITIONS

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Transforming IT: From Silos To Services

Security Information & Event Management (SIEM)

Altitude Software. Data Protection Heading 2018

CYBERSMART BUILDINGS. Securing Your Investments in Connectivity and Automation

No IT Audit Staff? How to Hack an IT Audit. Presenters. Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP

The Road to Industry 4.0

Data Centers & Technology:

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

CloudSOC and Security.cloud for Microsoft Office 365

CIS Controls Measures and Metrics for Version 7

Cyber Attacks & Breaches It s not if, it s When

Splunk. Plataforma de Datos. Denise Roca / Gerente de Software

CYBER SECURITY AIR TRANSPORT IT SUMMIT

How CyberArk can help mitigate security vulnerabilities in Industrial Control Systems

Industrial Network Trends & Technologies

Bromium: Virtualization-Based Security

Why Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG

SANS SCADA and Process Control Europe Rome 2011

Cybersecurity Auditing in an Unsecure World

Cybersmart Buildings: Securing Your Investments in Connectivity and Automation

Innovation policy for Industry 4.0

Continuous protection to reduce risk and maintain production availability

Advancing ICS Visibility and Cybersecurity with the Nozomi Networks Solution

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

C A S E S T U D Y D E C E M B E R P R E P A R E D B Y : Iftah Bratspiess

We re Different. Founded in 2007, Secure Source specializes in Network Security technology and compliance solutions.

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Transcription:

Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary

Buildings getting smarter IT systems HVAC Surveillance systems/cameras Gate control Elevators Electric circuit controllers Fire alarm 2

Connectivity is On the Rise Physical Space Sampling Physical Processes Action Actuator Sensors Actuators Wireless Module Communication Protocol Wireless Module Sensor Configurations Measurements Commands Acknowledgments User Preference and Network Configuration Status and Performance Visualization Control Algorithm Wireless Module Controller User Interface Cyber Space Controller Wireless Sensor Network 3 Wireless Communication

And therefore, more vulnerable to high-profile IT/OT/IoT cyber attacks Dyn attack turning webcams and other IoT devices into a botnet for DDoS attacks BART attack on the San Francisco Metro Ransomware holding the building hostage Austria Hotel Locks Attack (2016) USA Presbyterian Medical Centre (2016) Germany Steel Mill Attack (2015) 4

Smart Building Protection Challenges 1 Operational continuity 2 Safety of on site personnel 3 Safety of critical physical operational systems 4 Safety of IP connected devices 5 Prevention of Information theft

Smart Building Physical Illustration

Smart Building Network Illustration IT Network Internet Web Servers Email Servers Authentication Servers Internal DB and file Servers IT components In the IT network Domain Controller SCADA Server OT Network IT components in the OT network DCS System #1 Local HMI OT components in the OT network Controller Controller 7

So Much Protection for Your IT Assets IT network Corporate IT AV FW DLP NAC EDR HIPS AV FW DLP NAC EDR HIPS DPI 8

Why Settle for Less in Your Critical Network? OT network Operational IT (Historian, HMI, SCADA servers) Not updated AV Unpatched Windows 2008/XP/NT PLC OT Text not encrypted DPI 9

A Complex, Multi-Layered Threat Stack, Combining IT and OT Attack Vectors IT Malware Spear phishing, External devices, Macros Internet Web Servers Email Servers Authentication Servers ERP Internal DB and file Servers Corporate IT IT Network Legacy SCADA OT Network OT Malware Lateral movement, Remote access, Historian Domain Controller SCADA Server Operational IT DCS System #1 Local HMI Operational Components (OT) M2M MITM, Unauthorized devices IED 10

A Complex, Multi-Layered Threat Stack, Combining IT and OT Attack Vectors IT Malware Spear phishing, External devices, Macros Insecure Remote Support Internet Web Servers Email Servers Authentication Servers ERP Internal DB and file Servers Corporate IT IT Network Legacy SCADA OT Network OT Malware Lateral movement, Remote access, Historian Domain Controller Infected Laptop SCADA Server Insecure Wireless Insecure Modems Operational IT DCS System #1 Local HMI Operational Components (OT) Infected USB Keys M2M MITM, Unauthorized devices Infected PLC Logic IED Insecure Serial Links 11

Keeping Smart Building Protected Key Principles Continuous monitoring and detection Across the entire attack surface IT and OT components Smart analytics integrating all layers Orchestration and visibility from a single application 12

A Layered Approach to Smart Building Security Sensors for continuous monitoring Big data security analytics Unified Security Console IT Endpoints Operational IT OT 13

Smart Building - Case Study

Israel s first secure-by-design government facility Cyberbit partnered with Deloitte and with the building contractor company to provide the entire cybersecurity suite for Israel s first cyber protected smart building facility 15

Project Goals Integrated security across the entire infrastructure The solution must secure the entire IT, OT and IoT infrastructure and related devices. Centralized visibility SOC managers and analysts must have 24/7 situational awareness across IT, OT and IoT including: dashboards Reports, security visualization, all in a central location, and provide cross-segment information Centralized incident response SOC teams will manage the incident centrally, at the SOC. This requires access to all security tools from a single location, and access to data from all systems 16

Why was Cyberbit selected? The only vendor providing a complete IT/OT/IoT solution Proprietary products (not 3 rd party) Expertise in complex Integrations Integrated technology Experience with public sector and government projects 17

Design considerations Security vs. Operation Physical segregation vs. central control One way vs. two-way connections Passive vs. active Security vs. simplicity 18

IT security SIEM EPP EDR NAC PIM PKI Sanitization workstations One way link (data diode) 19

OT security: Cyberbit SCADAShield Passive systems Ring TAP IP Tapping (span port) DPI for Bacnet, Ethercat & Modbus Anomaly detection Business deviation alerting Network mapping and change detection Vulnerability detection 20

Security Operation: SOC 3D Single pane of glass Automation Best practices Incident response orchestration Control 21

Thank You! 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback