WWHMI SCADA-12 Cyber Security Best Practices in the Industrial World
|
|
- Melina Barton
- 7 years ago
- Views:
Transcription
1 Slide 1
2 WWHMI SCADA-12 Cyber Security Best Practices in the Industrial World Chris J Smith for Paul Forney, MCSE, CSSLP Chief Technologist R&D Security Team Invensys Operations Management 2012 Invensys. All Rights Reserved. The names, logos, and taglines identifying the products and services of Invensys are proprietary marks of Invensys or its subsidiaries. All third party trademarks and service marks are the proprietary marks of their respective owners.
3 Acknowledgements Pike Research Monitoring and Securing SCADA Networks The Department of Homeland Security CSSP All the folks at McAfee (thanks for your help and support) Ernie Rakaczsky Program Manager, Invensys Cyber- Security The Invensys Critical Infrastructure & Security Practice Team Slide 3
4 Stealth Attacks Increasing More than 1,200 new rootkits detected each day AURORA: STUXNET: SLAMMER: ZEUS: More than 2.1M unique rootkits detected More than 75M malware detected Government Physical Harm Sponsored Hacking Organized For Crime Fun Cyber Espionage Number of reports of data breaches via hacking, malware, fraud, and insiders has more than doubled since 2009 TDSS rootkit is used as a persistent backdoor to install other types SpyEye is hidden with a rootkit to steal banking credentials STAKES Are Rising Rapidly Stuxnet used a rootkit to hide an APT targeting government infrastructure Slide 4
5 Typical Network Architecture An Attacker has three challenges 1. Gain access to the control system LAN 2. Through Discovery, gain understanding of the process 3. Gain control of the process Slide 6
6 Reported ICS Vulnerabilities ACTUAL Slide 11
7 Community of Concern Oil EPRI Chemical Nuclear Power Industry Sectors Owner\Operators Water Gas Electric LOGIC2 I3P Academia & Research SRI IFAC IEEE NERC NIST Standards ISA/ISCI IEC TSWG CSSP NCSD Department of Homeland Security ICSJWG ISAC US- CERT HSARPA Control System Cyber Security Community Engineering Firms INL ARGONNE API PNNL National Labs AGA LLNL SANDIA Control Systems Vendors Labs & Research Security Consultants Security Technologies Slide 13
8 A successful Cyber Security Program has 3 major areas of focus with People Policy and Procedures 65% 15% 20% Technology Dennis Brandl Three Pillars of Industrial Cyber Security Slide 15
9 Security Objectives Prevent unauthorized changes to values in a Controller, PLC, process or configuration Prevent misrepresentation of process values on the HMI Reduce possibility of a production slowdown due to ICS software Protect integrity of process and event information Prevent loss of genealogy information Provide availability of the system and safety for the plant personnel and surrounding environment Slide 16 Slide 16
10 Special Restrictions for ICS Security Products* Do nothing that negatively impacts network latency Restrict SCADA traffic to known and expected message types Isolate the SCADA network from any other networks, including the enterprise Collect and analyze from multiple sources beyond only IT events Prioritize situational awareness to prevent cyber incidents Implement strong change management for all SCADA modifications Use security products that are simple to deploy and manage Involve SCADA operations personnel in all SCADA security decisions *Pike Research Monitoring and Securing SCADA Networks Slide 17
11 What We Need to Protect Endpoint Network Data Enterprise Apps SCADA, HMI Ladder Logic Ethernet, TCP/IP Ethernet, Serial Ethernet, Serial, Relays Modern Computers (Windows, Linux, Mac) Legacy Computers (Windows) Special Function (Embedded OS) Corporate IT SCADA Device Network Slide 20
12 Established Adaptation for over 8 years Internet Internet Zone Perimeter Firewall Data Center Zone Intrusion Prevention Network Monitoring Server Monitoring Service Level Management Content Filtering Web Usage Reporting User Management Anti-Virus Wireless Security Server Management Remote Access Anti-SPAM Internet Firewall Plant Network Zone Control Network Firewall PC Workstation File & Print Services Wireless Controls Network Zone Intrusion Prevention Anti-Virus Application Workstation Control Station Control Node Bus Interface Interface PC Portal Field I/O I/O I/O PLC I/O I/O I/O I/O Multiple Zone Network Slide 21
13 Best Practices for Securing an ICS Maintain the latest Invensysauthorized Operating System (OS) and application patches. Test every patch to ensuring deployment does not impact operations. Always use current anti-virus definitions. Verify update was successfully installed. Update authorized application software. Enable Network Anti-Virus / Intrusion Prevention System. Enable System policies on all capable network appliances Slide 23
14 Best Practices, USB Devices Do not use a USB stick unless it has been scanned Designate and use specific USB equipment To bridge airgaps, use a specific designated station WITHOUT restriction on USB devices, their portable nature can be used to compromise your security perimeter! Slide 24
15 Machine Hardening (typically no negative effects on the ICS) Harden Servers and Workstations and Non-ICS assets Ensure all software and hardware patches and updates are current. Run A/V scans. Disable all unused ports and services. Harden Bios. Use static IP addresses, disable DHCP Disable NetBIOS and NetBIOS over TCIP/IP. Slide 25
16 Best Practices, Cont. Change default admin passwords. Use strong passwords consisting of more than 6-8 characters using special characters when applicable. Control User Rights. Do not use accounts across domains. Implement password aging, history, and complexity requirements. Always implement Backup and Restore to a network repository. Slide 26
17 More To Do s! Inventory network assets and keep it up to date. Run regular network audits Use physical network isolation when possible Use logical network segmentation (secure zones) when possible with strict Firewall Rules. Isolate and control flow of information between Business Network(s) from PCN through use of firewalls. Require strict firewall rules with specific (/32) source, destination, port, and protocol. Use DMZs Slide 27
18 Network Access Enable Firewall Logging and Monitor as appropriate Implement NMS to provide system audit and logging and monitor Don t click links or files that aren t verified ICS assets should not have internet access Some ICS assets may need to have access to business network website interfaces so verify all access leaving the ICS network to un-trusted networks Slide 28
19 In the event of a Cyber incident Create an Incident Response Plan before an incident so that you are prepared. Steps that are typically part of incident response plans are: Do get a triage team together. Do make a VM image of the affected system. Do get copies of all the logs. Work with the antivirus vendor and other agencies to collect the necessary forensics. Do not start updating anti-virus. Do not start running anti-virus patches. Slide 29
20 Vendor Responsibility - Secure By Design Secure Software is responsible to provide: Confidentiality: Protect against unauthorized information disclosure. Integrity: Prevent unauthorized changes to data. Availability: Provide the required services uninterrupted 24x7 Authenticity: Determine identity of components and users in reliable and consistent manner. Authorization: Control access to various parts of the system based on the user or code s credentials. Non-repudiation: Establish audit trails through system and establish evidence to track a system operation. Slide 30 Slide 30
21 Security: Meeting Cyber Security Requirements As a supplier we are positioned to support cyber security requirements throughout the Life-Cycle from within our: Software Development Lifecycle SDL, Testing, Certification, Source Code validation, etc. Project Execution FAT/SAT Security Baseline, Possible Security features and function fully implemented and updated, etc. Life-Time Support Patch Validation, Security updates, vulnerability mitigation, etc. Slide 31
22 Project Ozone Cyber Security Initiative Vision To create and enhance processes, knowledge and an ingrained culture for building secure and robust solutions our Customers can trust. What is it: Why is it Important: Success is Defined As: Assess existing vulnerabilities in solution offerings Enhance products, processes and tools from a security view Improve responsiveness to Cyber Security issues Increased awareness in the Industry to Cyber Security threats and their impact Impact on credibility and cost after Cyber Security attacks is severe Strategic Alignment for an enterprise connected platform Real-time Indicators: SDL Process Violations (Reduced prerelease process violations per product) Security vulnerabilities per product (Reduction in reported vulnerabilities closed proactively, found pre-release) Primary Indicators: Security Defect Reports (Zero post release reports) Responsiveness to threats/issues (Response time less than 35 days) Slide 32
23 Cyber Security Updates Released Date Notice Identification Number Security Vulnerability Description Detailed Information LFSEC Stack Based buffer overflow in the InBatch BatchField ActiveX Control A vulnerability (Stack overflow) has been discovered in the InBatch BatchField ActiveX Control. This control is installed as part of the InBatch Server and on all InBatch Runtime Clients, including when used embedded in InTouch and any third party InBatch Client Programs (VB or C++). In addition, this control can be used in publishing InTouch graphics in Wonderware Information Server. April 8, LFSEC LFSEC Server lm_tcp buffer overflow A vulnerability has been discovered in InBatch Server and I/A Batch Server in all supported versions of Wonderware InBatch and Foxboro I/A Series Batch. This vulnerability, if exploited, could allow Denial of Service (DoS), the consequence of which is a crash of the InBatch Server. February 18, LFSEC LFSEC Wonderware ArchestrA ConfigurationAccessCo mponent ActiveX Stack Overflow A vulnerability has been discovered in a component used by the Wonderware ArchestrA IDE (Integrated Development Environment) and the InFusion IEE (Integrated Engineering Environment) and if exploited, could allow remote code execution. July Security Update LFSEC Slide 33
24 Project Execution Approach People Training Process Enhancements SOP s and Tools Product Enhancements Institutionalized Across Invensys Operations Management Slide 34
25 Secure By Design Security Built in not Added On The Microsoft SDL is a software development policy for all products with meaningful business risk and/or access to sensitive data Key part of Invensys commitment to protect its customers Implementing the SDL reduces the Total Cost of Ownership (TCO) for Software Products Fewer security patch events required for our products Secure software is by nature Quality software Slide 35 Slide 35
26 Threat Modeling Approach A Careful study of the design of an application to identify weaknesses and vulnerabilities includes 5 steps 1. Identify security objectives 2. Create an application overview 3. Decompose the application 4. Identify threat vectors 5. Identify vulnerabilities Slide 36 Slide 36
27 Defend Against S.T.R.I.D.E. Attacks S T R I D E Spoofing Identity: Allows an attacker to pose as something or someone else Tampering with Data: Involves malicious modification of data or code. Repudiation: Allows an attacker to perform actions that other parties can neither confirm or contradict Information Disclosure: Involves the exposure of information to individuals who are not supposed to have access to it Denial of Service: DoS attacks deny or degrade service to valid users Elevation of Privilege: Occurs when a user gains increased capability often as an anonymous user taking advantage of a coding error to gain admin capability Slide 37
28 Our Solution Stop incurring Technical Debt New Code Reduce Technical Debt Legacy Implement the Security Development Lifecycle for all new projects. Evaluate and model our most critical software for threats, strengthening with tools from the SDL Institutionalize Across Invensys Operations Management R&D Slide 38
29 Please Subscribe to Security Central! Slide 39
30 Slide 40
31 Conclusion Secure systems start with design both hardware, software and application deployments The security journey must be a collaboration between people, processes and technology there is no silver bullet! No substitute for a practical security program that provides a long term, self perpetuating maturity model that can be engrained into the culture of an organization to produce the foundation for secure and robust solutions we can trust. Within Invensys Operations Management R&D, our journey has begun for a more Secure Critical Infrastructure. Slide 41
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationCYBER SECURITY. Is your Industrial Control System prepared?
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect Operation & Optimization Software Activity Schneider-Electric Challenges What challenges are there
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationSCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP
SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationSeven Strategies to Defend ICSs
INTRODUCTION Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it s not a matter of if an intrusion will take
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationSecurity in the smart grid
Security in the smart grid Security in the smart grid It s hard to avoid news reports about the smart grid, and one of the media s favorite topics is security, cyber security in particular. It s understandable
More informationMarch 2012 www.tufin.com
SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...
More informationCYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric Challenges What challenges are there for Cyber Security in Industrial
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationHow To Protect Your Network From Attack
Solution Profile Invensys is now Summary Developing a comprehensive cyber security program to protect a facility s critical assets builds upon three elements: Foxboro I/A Secure-based Features: Establish
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationDocument ID. Cyber security for substation automation products and systems
Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...
More informationSecurity for. Industrial. Automation. Considering the PROFINET Security Guideline
Security for Industrial Considering the PROFINET Security Guideline Automation Industrial IT Security 2 Plant Security Physical Security Physical access to facilities and equipment Policies & Procedures
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationHow To Secure Your System From Cyber Attacks
TM DeltaV Cyber Security Solutions A Guide to Securing Your Process A long history of cyber security In pioneering the use of commercial off-the-shelf technology in process control, the DeltaV digital
More informationInvensys Security Compliance Platform
Data Loss Prevention DLP systems enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. These systems identify, monitor, and protect confidential
More informationDeltaV System Cyber-Security
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
More information13 Ways Through A Firewall
Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationSession 14: Functional Security in a Process Environment
Abstract Session 14: Functional Security in a Process Environment Kurt Forster Industrial IT Solutions Specialist, Autopro Automation Consultants In an ideal industrial production security scenario, the
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationISACA rudens konference
ISACA rudens konference 8 Novembris 2012 Procesa kontroles sistēmu drošība Andris Lauciņš Ievads Kāpēc tēma par procesa kontroles sistēmām? Statistics on incidents Reality of the environment of industrial
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak CR V4.1 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationInformation Security for the Rest of Us
Secure Your Way Forward. AuditWest.com Information Security for the Rest of Us Practical Advice for Small Businesses Brian Morkert President and Chief Consultant 1 Introduction President Audit West IT
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationSecure Software Update Service (SSUS ) White Paper
White Paper Secure Software Update Service (SSUS ) White Paper Author: Document Version: r03c Jeffrey Menoher Publish Date: 9/6/2013 Secure. Reliable. Fast Problem Many software updates, including operating
More informationNetwork and Security Controls
Network and Security Controls State Of Arizona Office Of The Auditor General Phil Hanus IT Controls Webinar Series Part I Overview of IT Controls and Best Practices Part II Identifying Users and Limiting
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationSecondary DMZ: DMZ (2)
Secondary DMZ: DMZ (2) Demilitarized zone (DMZ): From a computer security perspective DMZ is a physical and/ or logical sub-network that resides on the perimeter network, facing an un-trusted network or
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationCIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System
CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System Purpose CIP-005-5 R2 is focused on ensuring that the security of the Bulk Energy System is not compromised
More informationTop 20 Critical Security Controls
Top 20 Critical Security Controls July 2015 Contents Compliance Guide 01 02 03 04 Introduction 1 How Rapid7 Can Help 2 Rapid7 Solutions for the Critical Controls 3 About Rapid7 11 01 INTRODUCTION The Need
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationIntel Cyber-Security Briefing: Trends, Solutions, and Opportunities
Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012 Agenda Intel + McAfee: What it means Computing trends
More informationHow to Secure Your Environment
End Point Security How to Secure Your Environment Learning Objectives Define Endpoint Security Describe most common endpoints of data leakage Identify most common security gaps Preview solutions to bridge
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationManaged Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?
Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security
More information13 Ways Through A Firewall What you don t know will hurt you
Scientech 2013 Symposium: Managing Fleet Assets and Performance 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions andrew. ginter
More informationCyber Security nei prodotti di automazione
Cyber Security nei prodotti di automazione Marco Biancardi, ABB SpA, Power System Division 11 dicembre 2013, Roma Why is it an issue? Isolated devices Point to point interfaces Proprietary networks Standard
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More informationSecurity: A Pillar of Wonderware Products and Support Services. By Rashesh Mody, Chief Technology Officer & Vice President of Product Definition
Security: A Pillar of Wonderware Products and Support Services By Rashesh Mody, Chief Technology Officer & Vice President of Product Definition Table of Contents 1. Introduction... 3 2. The Plant: A Complex
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationDevice Hardening, Vulnerability Remediation and Mitigation for Security Compliance
Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance Produced on behalf of New Net Technologies by STEVE BROADHEAD BROADBAND TESTING 2010 broadband testing and new net technologies
More informationABB s approach concerning IS Security for Automation Systems
ABB s approach concerning IS Security for Automation Systems Copyright 2006 ABB. All rights reserved. Stefan Kubik stefan.kubik@de.abb.com The problem Most manufacturing facilities are more connected (and
More informationGE Measurement & Control. Cyber Security for Industrial Controls
GE Measurement & Control Cyber Security for Industrial Controls Contents Overview...3 Cyber Asset Protection (CAP) Software Update Subscription....4 SecurityST Solution Options...5 Centralized Account
More informationGE Measurement & Control. Cyber Security for NERC CIP Compliance
GE Measurement & Control Cyber Security for NERC CIP Compliance GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used for purposes
More informationSECURITY. Risk & Compliance Services
SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationCyber Security Implications of SIS Integration with Control Networks
Cyber Security Implications of SIS Integration with Control Networks The LOGIIC SIS Project Standards Certification Education & Training Publishing Conferences & Exhibits Presenter Zach Tudor is a Program
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationNorth Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing
North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationLeading by Innovation McAfee Endpoint Security The Future of Malware-Detection: Activate protection on all Layers outside the Operating System
Leading by Innovation McAfee Endpoint Security The Future of Malware-Detection: Activate protection on all Layers outside the Operating System Dipl.-Inform. Rolf Haas Principal Security Engineer, S+,CISSP
More informationSecuring end devices
Securing end devices Securing the network edge is already covered. Infrastructure devices in the LAN Workstations Servers IP phones Access points Storage area networking (SAN) devices. Endpoint Security
More informationNetwork Security. Intertech Associates, Inc.
Network Security Intertech Associates, Inc. Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture
More informationCybersecurity Health Check At A Glance
This cybersecurity health check provides a quick view of compliance gaps and is not intended to replace a professional HIPAA Security Risk Analysis. Failing to have more than five security measures not
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationIndustrial Cyber Security 101. Mike Spear
Industrial Cyber Security 101 Mike Spear Introduction Mike Spear Duluth, GA USA Global Operations Manager, Industrial Cyber Security Mike.spear@honeywell.com Responsible for the Global Delivery of Honeywell
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More information