Continuous Industrial Cyber Risk Mitigation with Managed Services Monitoring and Alerting Konstantin Rogalas and Arjen van Es, Honeywell
|
|
- Brent Willis
- 8 years ago
- Views:
Transcription
1 2015 Honeywell Users Group Europe, Middle East and Africa Continuous Industrial Cyber Risk Mitigation with Managed Services Monitoring and Alerting Konstantin Rogalas and Arjen van Es, Honeywell
2 About the Presenter Arjen van Es Security Service Center Team leader EMEA/APAC; Commissioning engineer Axial/Centrifugal compressors; Service engineer - modular systems; Arjen.van.Es@Honeywell.com Software support engineer; Technical Specialist ICT; Process control systems Network Architect; Open Systems Services - Consultant; Honeywell International All Rights Reserved
3 About the Presenter Konstantin Rogalas MSc, MBA Business Lead for Honeywell Industrial Cyber Security - Europe; in Discrete Automation & Process Control; in Telecommunications: Broadband-M2M/IoT; Konstantin.Rogalas@Honeywell.com 2013 Oil & Gas, Energy, Pharmaceuticals & Chemicals industry Certification study for ENISA in Industrial Cyber Security; ICS Council with policy makers, asset owners and service providers; Member of the European ICS Stakeholders Group Honeywell International All Rights Reserved
4 Agenda Continuous Monitoring in the Security Profile Obstacles & Managed Security Pros-Cons Monitoring & Alerting with Managed Services Conclusions Open Discussion About: Honeywell Industrial Cyber Security Honeywell International All Rights Reserved
5 ICS Continuous Monitoring: Making the Case Continuous Monitoring ensures Industrial Control System (ICS) reliability Detection of availability & performance issues to prevent serious degradation In the context of Cybersecurity: Which ICS Cyber Security controls (technical and non-technical) need to be in place for ICS Continuous Monitoring? Where does ICS Continuous Monitoring belong in the Cyber Security Profile? This section: Introduces the Cyber Security Profile and its underlying principles Places Continuous Industrial Cyber Risk Readiness in the overall Cyber Security Profile context Proves why Continuous Monitoring is in the heart of detecting cyber security anomalies & events which is vital to respond/recover Explains why Continuous Monitoring is an essential performance evaluation principle which increases cyber security maturity Honeywell International All Rights Reserved
6 Typical security level Honeywell International All Rights Reserved
7 Security levels and security capabilities Honeywell International All Rights Reserved
8 C2M2 Maturity Indicator Levels Honeywell International All Rights Reserved
9 Cyber Security Profile 9 SL4 SL3 SL2 SL SL1 SL2 SL3 SL Refining process facilities 1401 Fertilizers 1102 O&G LNG terminals 1403 Petrochemicals 1103 O&G processing 1404 Plastics and fibers 1104 O&G production - on-shore 1405 Specialty chemicals 1105 O&G production - off-shore 1406 Biofuels 1108 O&G Marine - LNG IAS 1501 Alumina 1110 Gas To Liquid 1502 Aluminium 1112 Production - Coal bed M 1503 Base materials 1114 Pipeline - Liquid 1504 Cement 1115 Pipeline - Gas 1505 Coal & coal gasification 1201 Pulp 1506 Iron 1203 Paper 1509 Precious metals 1204 CWS 1510 Steel making 1303 Utility power 1508 Other SL1 SL2 SL3 SL4 MIL0 MIL1 MIL2 MIL3 The target Protection Level is determined by the security design effectiveness (Security Level) and security operations effectiveness (Maturity Level) IEC standard provides the Security Level, Cobit or C2M2 toolkit provides the Maturity Level The Security Profile defines for each facility how to protect and how to organize 2015 by Honeywell International Inc. All rights reserved Honeywell International All Rights Reserved Defines the Security Profile
10 Sustainable security requires a Program 10 SP 16 SP 15 Increase maturity level with an organized Security Operations Center (SOC) 4 SP 12 SP 11 SP 10 SP 7 SP 6 Increase maturity level with Activity/Trend reporting (associated Policies) 2 3 Increase security level with SIEM, NGFW, AWL, Risk Manager SP 5 SP 2 SP 1 1 Increase security level with Monitoring/Alerting (in addition to Anti-Virus, Patching) Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q by Honeywell International Inc. All rights reserved. If you run too fast or jump too high, you might trip Honeywell International All Rights Reserved
11 Agenda Continuous Monitoring in the Security Profile Obstacles & Managed Security Pros-Cons Monitoring & Alerting with Managed Services Conclusions Open Discussion About: Honeywell Industrial Cyber Security Honeywell International All Rights Reserved
12 Obstacles to initial self-monitoring Compatibility with DCS - Logging agents stress the control system Budget for required utilities Developing Logging Agents Servers, Databases, Proxy, etc. Personnel required for administration Initial implementation & testing of components above Analysis of events to determine what is critical Investigation of alerts to determine next steps Other concerns Training on new technology Different expertise per location Honeywell International All Rights Reserved
13 Continuous Monitoring Best Practice Hire a company to monitor your control systems with minimal setup time and for a fraction of the cost, while fulfilling the following: Expertise in Control System Cybersecurity Methodology that complies with IEC Existing set of Passive Agents Responding on monitored problems Serving concurrently 100s of sites Follow the sun support model Honeywell International All Rights Reserved
14 Voice of the Customer 1. For control system performance/availability monitoring, do you have a process and, if yes, which kind of? No monitoring process Manual monitoring process Automated monitoring process 2. How satisfied are you with how you currently monitor the security of your control system? Dissatisfied Needs improvement Satisfied 3. Which disadvantages do you see in using Managed Security Services? Capex/Opex Investment New Internal Processes Corporate IT policy issues Honeywell International All Rights Reserved
15 Where would your Security Profile be? Honeywell International All Rights Reserved
16 Agenda Continuous Monitoring in the Security Profile Obstacles & Managed Security Pros-Cons Monitoring & Alerting with Managed Services Conclusions Open Discussion About: Honeywell Industrial Cyber Security Honeywell International All Rights Reserved
17 Key Events to Monitor Network Activity Logs ACL Rules, Utilization Spikes, Passwords/Strings System Audit Logs Unauthorized Access, Disabling Controls, Configuration Changes System Availability/Performance Application Health, CPU Utilization, Hardware Errors, Overruns Administrative Changes GPO Modifications, Group Additions, Enabling USB Devices Software Update Compliance Aging for Virus Signatures, Security Patches, Software Updates Virus Infections Honeywell International All Rights Reserved
18 What is monitored Performance Analyzers for 550+ Critical parameters Honeywell International All Rights Reserved
19 Performance Monitoring - 1 LEVEL 4 LEVEL 3.5 DMZ LEVEL 3 LEVEL 2 Redundant Servers Service Node PHD Stations (N (N nos.) Corporate Network Firewall LCN A LCN B L3 Switch Relay server ESVT EST US GUS Experion Servers Performance Experion Stations Data and Notifications Rate Performance for ESVT CDA, TPS and DSA State of critical Experion State Performance of Critical Experion services, EST Patches Data and Notifications Rate FTE Performance GUS driver warnings, FTE for CDA, Driver TPS Warnings and DSA Report Data and of Notifications current Experion Rate TPS Performance Current State of Experion Critical Experion Patch patches Controllers installed Performance Data Status Patches and Notifications Rate PHD Event Rate -FTE Driver Warnings Availability State CPU for CDA, of load TPS and DSA Critical Experion State Performance Availability US Current Experion Patch Synchronization Patches TPS of Interface Critical Experion Average - & Synchronization Status Patches Data storage C300 Performance Redundancy FTE Data Driver Rate Warnings FTE - Real Queue state Redundancy Driver Time Warnings Data (RDI) Performance -Parameters Queue state Failure Current TPS Interface per Second Events Experion Average Alerts Patch Current Interface -Failure HEAPFRAG Availability Status CPU Notification load Events Experion Alerts Rate Patch Status - Backup Synchronization Cycle Data Server Request overruns Failed Rate & Availability - Availability Redundancy Queue state Availability I/O Parameter Link bandwidth requests Synchronization - Process/System Failure Events Alerts & State - US Failure Parameter availability Events Rate - Alerts Availability Backup Redundancy RDI State - Server Failed Queue state Backup Peer to Server peer Failed traffic -Failure - Services Controller Events goes Alerts offline Availability -Backup Failover Server of redundant Failed - Controller controllers goes offline - Failover of redundant controllers LEVEL 1 APM HPM AM PM CLM NG CG HG Honeywell International All Rights Reserved
20 Performance Monitoring - 2 LEVEL 4 LEVEL 3.5 DMZ LEVEL 3 LEVEL 2 Redundant Servers Service Node Stations (N nos.) PHD Corporate Network Firewall L3 L3 Switch Switch Relay server ESVT EST US GUS PC Hardware Monitoring Performance Firewall - Windows Hard Disk Applications failures Switches Performance - Predictive (L2 Warnings-HDD and L3) Performance - Memory Usage Failures RAID Memory Input / Output Windows Degradation Usage Rates performance Chassis Input Bandwidth monitoring / Output Usage intrusion Rates Bandwidth Input / Output Load Percentage Usage Errors - - Availability - Input Status Free / physical Output and configuration memory Errors - of each Interface - - Loss Status Used of and Space Redundancy configuration (%) of - each Power Interface Supply failure Availability - Fans Chassis Intrusion Availability - Device Availability Temperature High inside - - Device Ping Status Chassis Availability - - Ping Response Status Time - Response Time LCN A LCN B LEVEL 1 APM HPM AM PM CLM NG CG HG Honeywell International All Rights Reserved
21 Security Monitoring LEVEL 4 LEVEL 3.5 DMZ LEVEL 3 LEVEL 2 LEVEL 1 Redundant Servers Service Node Stations (N nos.) PHD Corporate Network Firewall LCN A LCN B L3 Switch Relay server ESVT EST US GUS Patch & Update Management Performance Anti-virus Windows Update Intrusion Performance Information Detection Performance Anti-virus warning Patch Information Unauthorized Anti-virus error Audit policy status login Engine policies Audit attempts Trail Suspicious Availability packet/traffic Virus scan failure Windows Ability to recognize Security Virus signature Performance patterns typical of attacks database updation Invalid login attempts Analysis failure Authentication of abnormal failure Account activity Locked patterns out Password Tracking user expired policy User violations account expired Unauthorized elevated Privileges Password policy Password complexity/ strength policy Guest account status APM HPM AM PM CLM NG CG HG Honeywell International All Rights Reserved
22 Honeywell Security Service Center (HSSC) Amsterdam Houston Amsterdam Bucharest Houston Honeywell International All Rights Reserved
23 Managed Industrial Cyber Security Services Patch and Anti-Virus Automation Security and Performance Monitoring Activity and Trend Reporting Advanced Monitoring and Co- Management Secure Access Tested and qualified patches for operating systems & DCS software Tested and qualified antimalware signature file updates Comprehensive system health & cybersecurity monitoring 24x7 alerting against predefined thresholds Monthly or quarterly compliance & performance reports Identifying critical issues and chronic problem areas Honeywell Industrial Cyber Security Risk Manager Firewalls, Intrusion Prevention Systems, etc. Highly secure remote access solution Encrypted, two factor authentication Complete auditing: reporting & video playback Monitoring, Reporting and Honeywell Expert Support Honeywell International All Rights Reserved
24 Security and Performance Monitoring Continuous Monitoring - Agentless monitoring solution for system, network and security performance and health - Tested to ensure no impact on systems - Automated monitoring of critical ICS, network, Windows TM and security parameters - Intelligent analysis based on Honeywell engineering & expertise Alerts / Situational Awareness - 24/7 automated, proactive alerting for all monitored devices - Equipment and device specific thresholds - Managed Security Service Center automatically generates an alert or SMS text to site specified contact - Alert messages may include attached troubleshooting techniques Honeywell International All Rights Reserved
25 Activity and Trend Reporting Trend Analysis Complements Alerts - Ability to catch degrading conditions - Captures & reports frequency of intermittent issues Critical Parameter Reports Actionable reports of critical system & network information plus security issues - Out-of-date installation status for Anti-Malware signatures & Windows TM patches - Inventory of all detected networked equipment - Key source of data for compliance documentation Bi-Annual and/or Quarterly Reports - Comprehensive, detailed reports including long term trends, plus expert analysis Audit - Audit capability including access to session recordings Honeywell International All Rights Reserved
26 Get updates Collect monitoring data Get updates Send data Managed Industrial Cyber Security Services Industrial Site Internet Security Service Center Level 4 Corporate Proxy Server Level 3.5 eserver Terminal Server Relay Node Isolates ICS/PCN Ensures no direct communication between L3 and L4 Communication Server Application Servers Level 3 Restricts unauthorized ICS/PCN nodes from sending or receiving data Database Servers Service Node Anti malware Patch Management Monitoring Secure access Level 2 EST/ESF 3 rd Party Historian Domain Controller SSL Encrypted communication Connects to Honeywell Security Service Center ONLY! ACE EST/ ESF Experion Servers Domain Controller Level Honeywell International All Rights Reserved
27 EMEA Managed Security Service Center Estonia Norway Finland SSC and support team Sweden Egypt Kuwait Saudi Arabia Abu Dhabi Oman North Sea Poland United Kingdom Cameroun Belgium France Zwitserland Germany Austria Slovakia SSC Support team Zambia Romania Namibia Italy South Africa Portugal Spain Sites 203 Protection Management 147 Tunisi Monitoring 112 SSC EMEA support Locations: Amsterdam The Netherlands Bucharest - Romania Honeywell International All Rights Reserved
28 Agenda Continuous Monitoring in the Security Profile Obstacles & Managed Security Pros-Cons Monitoring & Alerting with Managed Services Conclusions Open Discussion About: Honeywell Industrial Cyber Security Honeywell International All Rights Reserved
29 Cyber Security Profile 29 SL SL SL SL MIL0 MIL1 MIL2 MIL by Honeywell International Inc. All rights reserved. Manageability requires a S.M.A.R.T. and holistic approach Honeywell International All Rights Reserved
30 Security solutions 30 SL SOC SL SL SL MIL0 MIL1 MIL2 MIL by Honeywell International Inc. All rights reserved. Manageability requires a S.M.A.R.T. and holistic approach Honeywell International All Rights Reserved
31 Industry-Leading Industrial Cyber Security 31 Industrial Cyber Security Experts Global team of certified Industrial Cyber Security experts 100% dedicated to Industrial Cyber Security Experts in process control cyber security Leaders in security standards ISA99 / IEC62443 / NIST Proven Experience 10+ years industrial cyber security 1,000+ successful industrial cyber projects 300+ managed industrial cyber security sites Proprietary cyber security methodologies and tools Investment and Innovation Largest R&D investment in industrial cyber security Partnerships with leading cyber security vendors Industry first Risk Manager First to obtain ISASecure security for ICS product State of art Industrial Cyber Security Solutions Lab Refining & Minerals, Petrochemical Oil & Gas Chemicals Power Generation Metals & Mining Pulp & Paper Proven Industrial Cyber Security Solution Provider Honeywell International All Rights Reserved
32 This is what we do: Open Discussion Honeywell International All Rights Reserved
33 Agenda Continuous Monitoring in the Security Profile Obstacles & Managed Security Pros-Cons Monitoring & Alerting with Managed Services Conclusions Open Discussion About: Honeywell Industrial Cyber Security Honeywell International All Rights Reserved
34 Leading Cyber Security Organization for ICS Honeywell International All Rights Reserved
35 Honeywell ICS Edmonton Vancouver Bracknell Aberdeen Amsterdam Montreal Offenbach Bucharest Global setup to serve global organizations as well as local asset owners Houston Atlanta Dubai Kuala Lumpur Santiago Perth SSC + HICS HICS Office Private LSS SSC HICS Resource(s) Industries served: Oil & gas Gas distribution Power Refineries Chemical Water treatment Pulp & paper Maritime Honeywell International All Rights Reserved
36 Honeywell s Industrial Cyber Security Lab Flexible model of a complete process control network up to the corporate network Honeywell Cyber Security solutions development and test bed Demonstration lab for customers Cyber security related academic programs Hands-on training Simulate cyber attacks Demonstrate Honeywell cyber security solutions Honeywell International All Rights Reserved
37 Typical systems H-ICS have secured Distributed Control Systems E.g. Chemical, Petrochemical, Refining, Offshore platforms Leak Detection Systems, Machine Monitoring Systems, Metering Systems, Compressor Control Systems Supervisory Control and Data Acquisition (SCADA) systems E.g. Gas Distribution, Power utilities, Pipelines, oil fields Distributed Energy Systems E.g. Wind turbines, hydropower Maritime systems E.g. Harbor systems, shipping Honeywell International All Rights Reserved
38 Driven by standards and regulations IEC (Formerly ISA 99) Industrial Automation Control Systems (IACS) Security Global standard for wide range of industry Honeywell ICS is active contributor to the development of the standard through ISA NERC CIP North American Power ANSSI, BSI, CPNI, MSB, etc. European guidelines, best practices and country-specific measures JRC & ENISA recommendations European Union NIST US technology standards (SP ) And others: ISO, API, OLF E.g. ISO 27000, API 1164, OLF 104 Local regulations Honeywell International All Rights Reserved
39 Honeywell ICS specialists background 39 Unique combination of long time experience in process control, networks and cyber security Gain knowledge, demonstrate knowledge and maintain knowledge - CISSP - CCNA - MCSE - CISM - CCNP - MCSA - CEH - CCIE - VCP - CRISC - CCSP Specialists with many backgrounds - Honeywell - Penetration testing Languages - Yokogawa - IT departments - Emerson - Telecom providers - Schneider - ABB 2015 by Honeywell International Inc. All rights reserved Honeywell International All Rights Reserved
40 Honeywell International All Rights Reserved
Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationIndustrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities
Industrial Cyber Security Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities WE HEAR ABOUT CYBER INCIDENTS EVERY DAY IN THE NEWS, BUT JUST HOW RELEVANT ARE THESE
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationEffective Defense in Depth Strategies
Honeywell.com 2014 Honeywell Users Group Asia Pacific Effective Defense in Depth Strategies for Industrial Systems 1 Document control number Honeywell Proprietary Honeywell.com Chee Ban, Ngai About the
More informationIndustrial Cyber Security 101. Mike Spear
Industrial Cyber Security 101 Mike Spear Introduction Mike Spear Duluth, GA USA Global Operations Manager, Industrial Cyber Security Mike.spear@honeywell.com Responsible for the Global Delivery of Honeywell
More informationProcess Control Networks Secure Architecture Design
Process Control Networks Secure Architecture Design Guest Speaker Robert Alston Principle Lead Network and Security Consultant Over 25 years network experience including design, implementation, troubleshooting
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationDocument ID. Cyber security for substation automation products and systems
Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationIndustrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk
Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced
More informationA Concise Model to Evaluate Security of SCADA Systems based on Security Standards
A Concise Model to Evaluate Security of SCADA Systems based on Security Standards Nasser Aghajanzadeh School of Electrical and Computer Engineering, Shiraz University, Shiraz, Iran Alireza Keshavarz-Haddad
More informationProtecting productivity with Plant Security Services
Protecting productivity with Plant Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. siemens.com/plant-security-services
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationSession 14: Functional Security in a Process Environment
Abstract Session 14: Functional Security in a Process Environment Kurt Forster Industrial IT Solutions Specialist, Autopro Automation Consultants In an ideal industrial production security scenario, the
More informationSCADA. The Heart of an Energy Management System. Presented by: Doug Van Slyke SCADA Specialist
SCADA The Heart of an Energy Management System Presented by: Doug Van Slyke SCADA Specialist What is SCADA/EMS? SCADA: Supervisory Control and Data Acquisition Retrieves data and alarms from remote sites
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?
ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? Agenda Threats Risk Assessment Implementation Validation Advanced Security Implementation Strategy
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationOlav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord
Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord Implementation of Cyber Security for Yara Glomfjord Speaker profile Olav Mo ABB
More informationBreach Findings for Large Merchants. 28 January 2015 Glen Jones Cyber Intelligence and Investigation Lester Chan Payment System Security
Breach Findings for Large Merchants 28 January 2015 Glen Jones Cyber Intelligence and Investigation Lester Chan Payment System Security Disclaimer The information or recommendations contained herein are
More informationCyber security measures in protection and control IEDs
Cyber security measures in protection and control IEDs K. Hagman 1, L.Frisk 1, J. Menezes 1 1 ABB AB, Sweden krister.hagman@se.abb.com Abstract: The electric power grids and power systems are critical
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationBest Practices for DanPac Express Cyber Security
March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More information3rd Party Audited Cloud Infrastructure SOC 1, Type II SOC 2, Type II ISO 27001. Annual 3rd party application Pen Tests.
THE BRIGHTIDEA CLOUD INFRASTRUCTURE INTRODUCTION Brightidea s world-class cloud infrastructure is designed and certified to handle the most stringent security, reliability, scalability, and performance
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationSupporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
More informationSCADA Security @ City of Raleigh. Martin Petherbridge, CPA, CIA Internal Audit Manager Shirley McFadden, CPA, CIA Senior Internal Auditor
SCADA Security @ City of Raleigh Martin Petherbridge, CPA, CIA Internal Audit Manager Shirley McFadden, CPA, CIA Senior Internal Auditor Agenda 1. PLCs, SCADA and Stuxnet 2. Selecting Audit Standards 3.
More informationCybersecurity Health Check At A Glance
This cybersecurity health check provides a quick view of compliance gaps and is not intended to replace a professional HIPAA Security Risk Analysis. Failing to have more than five security measures not
More informationSecure, Scalable and Reliable Cloud Analytics from FusionOps
White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...
More informationNIST Cybersecurity Initiatives. ARC World Industry Forum 2014
NIST Cybersecurity Initiatives Keith Stouffer and Vicky Pillitteri NIST ARC World Industry Forum 2014 February 10-13, 2014 Orlando, FL National Institute of Standards and Technology (NIST) NIST s mission
More informationIntegrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems. Enzo M. Tieghi etieghi@visionautomation.
Integrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems Enzo M. Tieghi etieghi@visionautomation.it Security IT & Control System Security: where are we?
More informationInsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?
What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,
More informationHow To Control Vcloud Air From A Microsoft Vcloud 1.1.1 (Vcloud)
SOC 1 Control Objectives/Activities Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a variety of industry standard audits,
More informationCONCEPTS IN CYBER SECURITY
CONCEPTS IN CYBER SECURITY GARY KNEELAND, CISSP SENIOR CONSULTANT CRITICAL INFRASTRUCTURE & SECURITY PRACTICE 1 OBJECTIVES FRAMEWORK FOR CYBERSECURITY CYBERSECURITY FUNCTIONS CYBERSECURITY CONTROLS COMPARATIVE
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationHosted SharePoint: Questions every provider should answer
Hosted SharePoint: Questions every provider should answer Deciding to host your SharePoint environment in the Cloud is a game-changer for your company. The potential savings surrounding your time and money
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationISACA rudens konference
ISACA rudens konference 8 Novembris 2012 Procesa kontroles sistēmu drošība Andris Lauciņš Ievads Kāpēc tēma par procesa kontroles sistēmām? Statistics on incidents Reality of the environment of industrial
More informationTk20 Network Infrastructure
Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...
More informationInvensys Security Compliance Platform
Data Loss Prevention DLP systems enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. These systems identify, monitor, and protect confidential
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationCounselorMax and ORS Managed Hosting RFP 15-NW-0016
CounselorMax and ORS Managed Hosting RFP 15-NW-0016 Posting Date 4/22/2015 Proposal submission deadline 5/15/2015, 5:00 PM ET Purpose of the RFP NeighborWorks America has a requirement for managed hosting
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationTPS Virtualization and Future Virtual Developments. Paul Hodge
TPS Virtualization and Future Virtual Developments Paul Hodge Agenda Just released What s coming up 2 2015 Honeywell International All Rights Reserved Enhanced TPS Node (ETN) now available! The ETN is
More informationSecure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!
Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! October 3, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationCIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System
CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System Purpose CIP-005-5 R2 is focused on ensuring that the security of the Bulk Energy System is not compromised
More informationOMNITURE MONITORING. Ensuring the Security and Availability of Customer Data. June 16, 2008 Version 2.0
Ensuring the Security and Availability of Customer Data June 16, 2008 Version 2.0 CHAPTER 1 1 Omniture Monitoring The Omniture Network Operations (NetOps) team has built a highly customized monitoring
More informationHardware and Software Security
Today, with the big advancement of technology and the need to share data globally at all time. Security has become one of the most important topics when we talk about data sharing. This means that the
More informationUMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY Originator: IT Performance and Capacity Management Policy Approval and Version Control Approval Process: Position or Meeting
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationHow Much Cyber Security is Enough?
How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right
More informationNERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice
NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance IT Governance Policy Mergers and Acquisitions Policy Terms and Definitions Policy 164.308 12.4 12.5 EDM01 EDM02 EDM03 Information Security Privacy Policy Securing Information Systems Policy
More informationManaged Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043
Managed Services Agreement Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 SERVICE DESCRIPTIONS By purchasing these Services from Hilliard Office
More informationSupporting our customers with NERC CIP compliance. James McQuiggan, CISSP
Supporting our customers with NERC CIP compliance James, CISSP Siemens Energy Sector Energy products and solutions - in 6 Divisions Oil & Gas Fossil Power Generation Renewable Energy Service Rotating Equipment
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationSystem Management. What are my options for deploying System Management on remote computers?
Getting Started, page 1 Managing Assets, page 2 Distributing Software, page 3 Distributing Patches, page 4 Backing Up Assets, page 5 Using Virus Protection, page 6 Security, page 7 Getting Started What
More informationSignal Customized Helpdesk Course
Signal Customized Helpdesk Course This course is a combination of modules taken from two Microsoft Courses: 50311A and 50331A. It is geared toward staff who handle helpdesk calls and troubleshoot end user
More informationHosted Testing and Grading
Hosted Testing and Grading Technical White Paper July 2014 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or
More informationPCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR
PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR AUTHOR: UDIT PATHAK SENIOR SECURITY ANALYST udit.pathak@niiconsulting.com Public Network Intelligence India 1 Contents 1. Background... 3 2. PCI Compliance
More informationSecurity Assessment and Compliance Services
Security Assessment and Compliance Services Despite the best efforts of IT security teams, hackers and malicious code continue to find their way into corporate networks. Adding to the pressure is the fact
More informationSecondary DMZ: DMZ (2)
Secondary DMZ: DMZ (2) Demilitarized zone (DMZ): From a computer security perspective DMZ is a physical and/ or logical sub-network that resides on the perimeter network, facing an un-trusted network or
More informationCisco Smart Care Service
Q. What is Cisco Smart Care Service? A. Cisco Smart Care Service is a collaborative, comprehensive network wide service that enables your partner to deliver proactive network monitoring, health checkups,
More informationManaged Service Plans
Managed Service Plans www.linkedtech.com 989.837.3060 989.832.2802 fax Managed Information Technology Services System downtime, viruses, spy ware, losses of productivity Are the computer systems you rely
More informationSIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security
SIEM Optimization 101 ReliaQuest E-Book Fully Integrated and Optimized IT Security Introduction SIEM solutions are effective security measures that mitigate security breaches and increase the awareness
More informationDeltaV System Cyber-Security
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
More informationPatch and Vulnerability Management Program
Patch and Vulnerability Management Program What is it? A security practice designed to proactively prevent the exploitation of IT vulnerabilities within an organization To reduce the time and money spent
More informationThe Fundamental Difference Between SIEM & Log Management Solutions: State vs. Event Data
The Fundamental Difference Between SIEM & Log Management Solutions: State vs. Event Data An EiQ Networks White Paper The Fundamental Difference Between SIEM & Log Management Solutions: State vs. Event
More informationManaged Hosting & Datacentre PCI DSS v2.0 Obligations
Any physical access to devices or data held in an Melbourne datacentre that houses a customer s cardholder data must be controlled and restricted only to approved individuals. PCI DSS Requirements Version
More informationSCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP
SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationManaged Services Overview Servers, Exchange, Help Desk, and Citrix Infrastructures
Overview Servers, Exchange, Help Desk, and Citrix Infrastructures Prepared By: Envision Information Technologies Last Modified: Thursday, August 28, 2014 Table of Contents Table of Contents... 2 EIT Contacts...
More informationUSM IT Security Council Guide for Security Event Logging. Version 1.1
USM IT Security Council Guide for Security Event Logging Version 1.1 23 November 2010 1. General As outlined in the USM Security Guidelines, sections IV.3 and IV.4: IV.3. Institutions must maintain appropriate
More informationInform IT Enterprise Historian. The Industrial IT Solution for Information Management
Inform IT Enterprise Historian The Industrial IT Solution for Information Management Real-time Information Management for Enterprise Production Management Inform IT Enterprise Historian is the information
More informationKeyfort Cloud Services (KCS)
Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency
More informationBuilding Secure Networks for the Industrial World
Building Secure Networks for the Industrial World Anders Felling Vice President, International Sales Westermo Group Managing Director Westermo Data Communication AB 1 Westermo What do we do? Robust data
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationCisco Certified Security Professional (CCSP)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination
More informationRUGGEDCOM CROSSBOW. Secure Access Management Solution. siemens.com/ruggedcom. Edition 10/2014. Brochure
RUGGEDCOM CROSSBOW Secure Access Management Solution Brochure Edition 10/2014 siemens.com/ruggedcom Siemens RUGGEDCOM CROSSBOW Secure Access Manager and Station Access Controller Siemens RUGGEDCOM CROSSBOW
More informationLogRhythm and NERC CIP Compliance
LogRhythm and NERC CIP Compliance The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is reliable, adequate
More informationCompulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows
Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Business Systems, Inc. 2645 Townsgate Road, Suite 200 Westlake Village, CA 91361 2013 Compulink
More informationManaging your Red Hat Enterprise Linux guests with RHN Satellite
Managing your Red Hat Enterprise Linux guests with RHN Satellite Matthew Davis, Level 1 Production Support Manager, Red Hat Brad Hinson, Sr. Support Engineer Lead System z, Red Hat Mark Spencer, Sr. Solutions
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationSecure Remote Substation Access Solutions
Secure Remote Substation Access Solutions Supplemental Project - Introduction Webcast October 16, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com
More informationA New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager
A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks Alex Leemon, Sr. Manager 1 The New Cyber Battleground: Inside Your Network Over 90% of organizations have been breached
More informationCompulink Advantage Online TM
Compulink Advantage Online TM COMPULINK ADVANTAGE ONLINE TM INSTALLATION, CONFIGURATION AND PERFORMANCE GUIDE FOR WINDOWS (Revised 07/08/2011) 2011 Compulink Business Systems, Inc. All rights reserved
More informationDESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the
More information