Cyber Security Challenges in the Energy Context Guido Gluschke
|
|
- Jack Dixon
- 7 years ago
- Views:
Transcription
1 Cyber Security Challenges in the Energy Context Guido Gluschke Institute for Security and Safety (ISS) at the Brandenburg University of Applied Sciences, Germany NISS / NATO ENSE CoE Kyiv, 17 March 2016
2 Introduction Guido Gluschke Co-Director Institute for Security and Safety at the Brandenburg University of Applied Sciences 30+ years experience in computer technology 15+ years experience in security management in critical infrastructures, in particular energy sector 7+ years experience in security management at nuclear power plants (NPP) Program manager for joint activities with UN, IAEA, OSCE, EU and NATO Member of the Energy Expert Cyber Security Platform - Expert Group of the European Commission DG-ENERGY Member of IAEA International Nuclear Security Education Network (INSEN)
3 EC DG ENER Cyber Security Expert Group Mission and duties of the EECSP-Expert Group The mission of the EECSP-Expert Group is to provide guidance to the Commission on policy and regulatory directions at European level, addressing the energy sector key points including infrastructural issues, security of supply, smart grids technologies as well as nuclear. EECSP = Energy Expert Cyber Security Platform
4 International Cyber Activities ISS Is Involved Supporting international organisations with our expertise: Cooperation with Think Tanks and NGOs:
5 Literature On The Cyber-Energy and Cyber-Nuclear Complex coming soon
6 Capacitity Building On Cyber And Nuclear Security Developed by Brandenburg University of Applied Sciences together with IAEA.
7 Four Nuclear IT/Cyber Security Professional Development Courses
8 Four Nuclear IT/Cyber Security PDCs Nuclear IT/Cyber Security PDCs 59 Participants 21 Countries Austria Canada Egypt Ghana Iraq Jamaica Jordan Kenya Malaysia Morocco Nigeria Poland Republic of Macedonia Russian Federation South Africa South Korea Tanzania Thailand UK Ukraine US
9 ISS Support of Locked Shields Cyber Exercise 2015 at NATO CCDCoE in Tallinn The backup power generator was part of an attack scenario in which generators should be destroyed by a cyber attack. DHS / INL Aurora Project virtualization / simulation with real ICS equipment
10 Locked Shields 2015 Virtual Blue Team Environment: Drone Research Facility
11 Focus Energy sector - Electricity
12 Computer Security Domains Related To A Nuclear Power Plant Administration (Office IT) Control Room (Office IT and I&C) Nuclear section (Digital I&C) Internet IT = Information Technology I&C = Instrumentation & Control
13 Computer Security Domains Related To A Electricity Grid Infrastructure Grid (ICS) Administration (Office IT) Control Room (Office IT und ICS) Internet Transformer Station IT = Information Technology ICS = Industrial Control Systems
14 Detection and Identification of Systems Relevant To Energy
15 Identified Systems
16 Trend of ICS Internet Connectivity Source: Collaborative research project with Berlin Free University 2012 to detect Industrial Control Systems connected to the Internet
17 Trend of Targeted Attacks with Advanced Persitent Threats Agent.btz Animal Farm Aurora Black Energy Carbanak Cloud Atlas CosmicDuke Crouching Yeti Dark hotel Desert Falcons Duqu Epic Turla Equation FinSpy Flame Gauss Hacking Team RCS Icefog Kimsuky Machete Madi MiniDuke MiniFlame NetTraveler Red October Regin SabPub Shamoon TeamSpy The Mask / Careto Winnti Wiper Source:
18 Advanced Persistant Threats Against Energy Sector Example Dragonfly: 3-phase attack over 14 months Source: Symantic Security Response Documents
19 In Nuclear: Design Basis Threat (DBT) Methodology A DBT is the State s description of a representative set of attributes and characteristics of adversaries, based upon (but not necessarily limited to) a threat assessment, which the State has decided to use as a basis for the design and evaluation of a physical protection system. A DBT is a description of the attributes and characteristics of potential insider and outsider adversaries who might attempt a malicious act, such as unauthorized removal or sabotage against which a physical protection system for nuclear or other radioactive material or associated facilities is designed and evaluated. Funding, Support structure, Modes of transportation Group Size, Tools, Weapons, Explosives Motivation, Willingness, Intentions Knowledge, Skills, Tactics, Insider threat issues
20 Design Basis Threat (DBT) Responsibilities High Threat Capabilities e.g. military attacks Maximum Threat Capability against which protection will be reasonably ensured beyond DBT e.g. terrorist attacks Design Basis Threat State Responsibility e.g. attack by single person Operator Responsibility Low Threat Capabilities
21 How to handle cyber in DBT? OR Source: Michael Beaudette, WINS workshop Toronto March 2012
22 The ISS perspective Cyber Military
23 Cyber Military Threat Groups The Nation State's Dilemma In the western hemisphere military attacks against nuclear installations are typically beyond DBT They are assigned to the nation state; in any case the licencee is not responsible for protecting his plant against this threats This view can be argued by the following paradigms: Military weapons are controlled by nation-state Theft, as well as illigal movement, illigal import, or illigal use of military weapons should be detected/tracked by nationstate intelligence services In case of use, military activities has to be fended off by nation-states forces
24 Probability Cyber As A Powerful Weapon high conventional/ physical cyber biological chemical radiological low nuclear difficult Feasibility easy
25 Simple Model A B Highly Targeted Targeted Zone 4 Internet Zone 3 Zone 2 Zone 1 Reactor-near zone C Untargeted Administrative zone Operational zone/ Main Control Room A Highly targeted: Targeted against particular component/system B Targeted: C Untargeted: Targeted against particular organization/facility Not targeted against particular organization/facility (Random target/target of opportunity)
26 Characteristics A B C Highly Targeted Targeted Untargeted Zone 4 Internet Zone 3 Zone 2 Zone 1 Motivation Willingness Intention Funding Support Logistics Planning Knowledge A Highly targeted: Military-style adversary B Targeted: Traditional adversary groups C Untargeted: Everyone else A Highly targeted*: no prevention, advanced detection and response B Targeted**: extended prevention, advanced detection and resp. C Untargeted: standard prevention, detection and response *State-of-the-art is definitly not be enough **State-of-the-art is most likely not be enough
27 Consequences A B C Highly Targeted Targeted Untargeted Zone 4 Internet Zone 3 Zone 2 Zone 1 New cyber weapons Come closer to nuclear protection goals Increased insider knowledge A Highly targeted: Threat is not understood B Targeted: Threat is basically understood C Untargeted: Threat is well understood A Highly targeted: can be understood through exercises/simulation B Targeted: can be understood through incident analysis C Untargeted: can be understood through technical press
28 Highly Targeted: Beyond State? Targeted: Beyond DBT? In the physical world 'physical threat bounderies' exists There is always something more In general, understanding/definition of this limit is necessary Beyond State Level Beyond DBT Within License for Nuclear Facility
29 Room For "Beyond DBT" and "Beyond State" In Cyber For cyber the "Maximum Threat Capability" could be considered as "Threats, a nation state by itself is unable to defeat", for example: DoS: When a state has no capability to handle massive DDoS attacks Encryption: When a state has no capability to evaluate if an encryption is strong enough for its intended purpose Malware: When a state has no detection mechanism for zero day exploits or advanced malware Supply Chain: When a state is not able to detect if computer systems within the supply chain are free of malware
30 What Do We Need? Cyber Security = Competency x Readyness Complexity x Malicous Intent Cyber Security Education / Capacity Building Cyber Security Exercises / Readyness Cyber Security Expertise Cyber Security Awareness / Culture Trust / Transparency / Confidence Building Measures International Cooperation
31 Trends and Research Areas Understanding the infrastructures and dependencies, modelling the threats and risks Digitalisation of analog elements in all relevant domains, such as physical protection systems New technology trends with increasing internetdependency New operational models for energy sector, such as turn-key solutions or virtual power plants Cyber as a new domain of military actions Industrial Control Systems (ICS) as new targets
32 Thank you for your attention! Guido Gluschke
ENTERPRISE SECURITY GETS ADAPTIVE
ENTERPRISE SECURITY GETS ADAPTIVE Today s threat landscape was unimaginable a decade ago. Cybercriminals have adapted their techniques to sidestep traditional defenses and lurk undetected on systems for
More informationNSS 2014 UK NATIONAL PROGRESS REPORT. March 2014
NSS 2014 UK NATIONAL PROGRESS REPORT March 2014 1. Support for the Convention on the Physical Protection of Nuclear Material and the International Convention for the Suppression of Acts of Nuclear Terrorism
More informationNUCLEAR SECURITY CULTURE IN PRACTICE: IAEA GLOBAL APPROACH 20 March 2014, Amsterdam
EU High-Level Event on :International cooperation to enhance a world wide nuclear security culture NUCLEAR SECURITY CULTURE IN PRACTICE: IAEA GLOBAL APPROACH 20 March 2014, Amsterdam Khammar Mrabit Director,
More informationKASPERSKY LAB: EMPOWERING INDUSTRIAL CYBER SECURITY
KASPERSKY LAB: EMPOWERING INDUSTRIAL CYBER SECURITY A recognized global leader in enterprise security, Kaspersky Lab is taking a leadership role in addressing the unique requirements of industrial security.
More informationChapter 4A: World Opinion on Terrorism
1 Pew Global Attitudes Project, Spring 2007 Now I m going to read you a list of things that may be problems in our country. As I read each one, please tell me if you think it is a very big problem, a moderately
More informationNRC Cyber Security Regulatory
Ask SME and Learn NRC Cyber Security Regulatory Program Development Mario R. Fernandez Jr., Security Specialist (Cyber) Cyber Security Directorate Office of Nuclear Security & Incident Response 1 Agenda
More informationKusza szálak: Miért nehéz a célzott támadások kivizsgálása?
Kusza szálak: Miért nehéz a célzott támadások kivizsgálása? Boldizsár Bencsáth PhD Budapest University of Technology and Economics Department of Networked Systems and Services (CrySyS Lab) CrySyS Lab -
More informationHOME OFFICE EVENT FOR SECURITY & POLICE PROFESSIONALS
8 10 March 2016 Farnborough, Hampshire Dedicated CYBER ZONE! HOME OFFICE EVENT FOR SECURITY & POLICE PROFESSIONALS Key theme for 2016: Transformational Change POLICING & COUNTER TERRORISM CRITICAL NATIONAL
More informationCyber Security at Nuclear Facilities: National Approaches
Cyber Security at Nuclear Facilities: National Approaches An ISS Research Project in Cooperation with the Nuclear Threat Initiative (NTI) FOREWORD Ensuring the security of nuclear facilities is a critical
More informationIAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD
IAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD A NEW IEC STANDARD FOR CYBERSECURITY FOR NUCLEAR POWER PLANTS: IEC 62645 - REQUIREMENTS FOR SECURITY PROGRAMS FOR COMPUTER-BASED
More informationAs global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended
As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended Global Cybercrime has an estimated cost of US$ 110 Billion per year Every second, 18 adults become a
More informationGuidelines for Applicants: Advanced Training Course
Emerging Security Challenges Division Guidelines for Applicants: Advanced Training Course Introduction The NATO (SPS) seeks to enhance cooperation and dialogue with all partners through civil science and
More informationThe State-of-the-State of Control System Cyber Security
The State-of-the-State of Control System Cyber Security Prepared for HTCIA September 19, 2012 Joe Weiss PE, CISM, CRISC, ISA Fellow (408) 253-7934 joe.weiss@realtimeacs.com Summary Control systems are
More informationAnnouncement of a new IAEA Co-ordinated Research Programme (CRP)
Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)
More informationEducational Programme in Nuclear Security
Educational Programme in Nuclear Security Andrea Braunegger-Guelich, Peter Colgan, Miroslav Gregoric, Vladimir Rukhlo Office of Nuclear Security International Atomic Energy Agency (IAEA) Peter Paul De
More informationCybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.
Cybersecurity & International Relations Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey. Cybersecurity & IR This part of the IWOSI aims to link the Information
More information2257-61. Joint ICTP-IAEA School of Nuclear Energy Management. 8-26 August 2011. Capacity Building, Education and Training in Nuclear Security
2257-61 Joint ICTP-IAEA School of Nuclear Energy Management 8-26 August 2011 Capacity Building, Education and Training in Nuclear Security Andrea Braunegger-Guelich IAEA, Vienna Austria Capacity Building,
More information2374-19. Joint ICTP-IAEA School of Nuclear Energy Management. 5-23 November 2012. Nuclear Security Fundamentals Module 9 topic 2
2374-19 Joint ICTP-IAEA School of Nuclear Energy Management 5-23 November 2012 Nuclear Security Fundamentals Module 9 topic 2 EVANS Rhonda, IAEA Department of Nuclear Safety and Security Office of Nuclear
More informationDual-Use Bioethics / Biosecurity Online Learning Train-the-Trainer Program
Dual-Use Bioethics / Biosecurity Online Learning Train-the-Trainer Program Simon Whitby 31st Workshop of the Pugwash Study Group on the Implementation of the Chemical and Biological Weapons Conventions:
More informationDEVELOPMENT OF A RISK ASSESSMENT PROGRAM AGAINST TERRORISM IN REPUBLIC KOREA
DEVELOPMENT OF A RISK ASSESSMENT PROGRAM AGAINST TERRORISM IN REPUBLIC KOREA Younghee Lee, Jinkyung Kim and Il Moon Department of Chemical Engineering, Yonsei University, 134 Sinchon-dong, Seodaemun-gu,
More informationHow To Promote Nuclear Security Education
International Conference on Human Resource Development for Nuclear Power Programmes: Building and Sustaining Capacity Strategies for Education and Training, Networking and Knowledge Management 12-16 May
More informationNuclear security: Promoting education and awareness
EU High Level Event on International cooperation to enhance a worldwide nuclear security culture 20 th March 2014 Nuclear security: Promoting education and awareness Dr Christopher Hobbs Co-Director, Centre
More informationProposal for CEPIS Activities. Bernhard M. Hämmerli
Proposal for CEPIS Activities Bernhard M. Hämmerli PISA ICT Study 09.04.2014 Scenario / Proposal Quite difficult curriculum discussions in many countries, e.g. in CH: Informatics at schools is very hard
More informationTHE ADVANTAGES OF A UK INTERNATIONAL HOLDING COMPANY
THE ADVANTAGES OF A UK INTERNATIONAL HOLDING COMPANY Ideal Characteristics for the Location of an International Holding Company Laurence Binge +44 (0)1372 471117 laurence.binge@woolford.co.uk www.woolford.co.uk
More informationMDEP Generic Common Position No DICWG 02
MDEP Generic Common Position No DICWG 02 Related to: Digital Instrumentation and Controls Working Group activities COMMON POSITION ON SOFTWARE TOOLS FOR THE DEVELOPMENT OF SOFTWARE FOR SAFETY SYSTEMS 1
More informationLocked Shields 2013. Kaur Kasak 24 Sept 2013
Locked Shields 2013 Kaur Kasak 24 Sept 2013 Disclaimer: This briefing is a product of the CCD COE. It does not represent the opinions or policies of NATO and is designed to provide an independent position.
More informationGovernance, Risk and Compliance Assessment
Governance, Risk and Compliance Assessment Information security is a pervasive business requirement and one that no organisation can afford to get wrong. If it s not handled properly, your business could
More informationFBI AND CYBER SECURITY
FBI AND CYBER SECURITY SSA John Caruthers SSA Ken Schmutz SSA Tom Winterhalter Mission The FBI is the only U.S. agency charged with the authority to investigate both criminal and national security investigations.
More informationCybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU
Cybersecurity Global status update Dr. Hamadoun I. Touré Secretary-General, ITU Cybercrime takes a toll on the global economy - Online fraud, identity theft, and lost intellectual property; - On governments,
More informationCritical Information Infrastructure Protection A perspective & Reality from the Commonwealth
Critical Information Infrastructure Protection A perspective & Reality from the Commonwealth Commonwealth Cybersecurity Forum BT Centre, London 22-24 April 2015 Dr Martin Koyabe Head of Research & Consultancy
More informationAppendix 1: Full Country Rankings
Appendix 1: Full Country Rankings Below please find the complete rankings of all 75 markets considered in the analysis. Rankings are broken into overall rankings and subsector rankings. Overall Renewable
More informationDSV Air & Sea, Inc. Aerospace Sector. DSV Air & Sea, Inc. Aerospace
DSV Air & Sea, Inc. Aerospace Sector DSV Air & Sea, Inc. Aerospace Introduction to DSV DSV is a global supplier of transport and logistics services. We have offices in more than 70 countries and an international
More informationIt s critical to be able to correlate threats pre-emptively and respond to them immediately.
Security has become a much deeper executive discussion because of the modern diversity of channels through which businesses can be attacked. Mobility, bring your own device, virtualisation, the cloud,
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationCyber Security. perspective of an operator of a critical infrastructure. 1st CAMINO Workshop. Rolf Brunner Fachstelle IT-Sicherheit
Cyber Security perspective of an operator of a critical infrastructure 1st CAMINO Workshop Rolf Brunner Fachstelle IT-Sicherheit CH-5325 Leibstadt Telefon +41(0)56 267 71 11 www.kkl.ch Agenda Leibstadt
More informationPublic Private Partnerships and National Input to International Cyber Security
Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationBig Gets Bigger, Smaller Gets Smaller
latest thinking Big Gets Bigger, Smaller Gets Smaller The data centre market is entering a period of unprecedented transition. With this shift comes a number of significant and perhaps surprising changes.
More informationIncluding Threat Actor Capability and Motivation in Risk Assessment for Smart Grids
CPSR-SG 2016: Joint International Workshop on Cyber-Physical Security and Resilience in Smart Grids, 12th April 2016, Vienna Security for smart Electricity GRIDs Including Threat Actor Capability and Motivation
More informationU.S. ENGAGEMENT WITH INTERNATIONAL PARTNERS
U.S. ENGAGEMENT WITH INTERNATIONAL PARTNERS Dr. Alex R. Burkart Deputy Director Office of Nuclear Energy, Safety and Security U.S. Department of State Co-Chair IFNEC Infrastructure Development Working
More informationBIG DATA AND CYBERSECURITY:
BIG DATA AND CYBERSECURITY: Multi Stakeholder Threats and Opportunities A US Speakers Program Embassy of the United States, Serbia September 20-25, 2015 Anne C. Bader Founder The International Cybersecurity
More informationHybrid Warfare & Cyber Defence
Hybrid Warfare & Cyber Defence Maj Gen Thomas FRANZ, DEU AF SHAPE DCOS CIS & CD Characteristics of Hybrid Warfare Alternate means to achieve goals Lines blurred between: state-onstate wars, counterinsurgency
More informationOUTCOME OF PROCEEDINGS
Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November
More informationUnited Nations High-Level Meeting on Countering Nuclear Terrorism with a Specific Focus on Strengthening the Legal Framework.
United Nations High-Level Meeting on Countering Nuclear Terrorism with a Specific Focus on Strengthening the Legal Framework 28 September 2012 Chair s Summary The United Nations High-Level Meeting on Countering
More informationValue and Challenges of Regularised Consultations and Information Sharing between Facility Security Managers 1
Page 1 of 8 Value and Challenges of Regularised Consultations and Information Sharing between Facility Security Managers 1 Dr Roger Howsley Executive Director, World Institute for Nuclear Security (WINS)
More informationMaritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015
Maritime Insurance Cyber Security Framing the Exposure Tony Cowie May 2015 Table of Contents / Agenda What is cyber risk? Exposures - Should we be concerned about "Cyber"? Is Cyber covered under a Marine
More informationProforma Cost for international UN Volunteers for UN Partner Agencies for 2016. International UN Volunteers (12 months)
Proforma Cost for international UN Volunteers for UN Partner Agencies for 2016 Country Of Assignment International UN Volunteers (12 months) International UN Youth Volunteers (12 months) University Volunteers
More informationKASPERSKY LAB TECHNOLOGY LEADERSHIP
KASPERSKY LAB TECHNOLOGY LEADERSHIP OUR MISSION IS TO PROTECT EVERYONE FROM CYBERCRIME We believe that everyone from home computer users and small companies, to large corporations and governments has the
More informationNuclear Security Requires Cyber Security
Nuclear Security Requires Cyber Security A. DAVID MCKINNON, PH.D., MARY SUE HOXIE Cyber Physical Security Team, National Security Directorate Project on Nuclear Issues (PONI) Fall 2015 Conference PNNL-SA-113027
More informationToday s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns
Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON What is cyberspace and why is it so important? US Government Cyberspace
More informationGlobal AML Resource Map Over 2000 AML professionals
www.pwc.co.uk Global AML Resource Map Over 2000 AML professionals January 2016 Global AML Resources: Europe France Italy Jersey / Guernsey 8 Ireland 1 Portugal 7 Luxembourg 5 United Kingdom 1 50 11 Spain
More informationCapabilities for Cybersecurity Resilience
Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances
More informationNetwork security policy issues. Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece
Network security policy issues Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece 1 Sample Agenda Slide 1 The current threat landscape 2 IT security and policy leadership 3 The EU
More informationA Community Position paper on. Law of CyberWar. Paul Shaw. 12 October 2013. Author note
A Community Position paper on Law of CyberWar Paul Shaw 12 October 2013 Author note This law and cyberwar paper / quasi-treatise was originally written for a course in a CISO certification curriculum,
More informationExamples of International terrorist attacks since 9/11
PAPER ONE INTERNATIONAL TERRORISM: THE THREAT Any discussion of the Government s strategy to reduce the threat from international terrorism to the UK and its citizens must begin with the nature of the
More informationG7 Opportunities for Collaboration
ANNEX G7 Opportunities for Collaboration To strengthen international cooperation and collaboration and to achieve the actions in the G7 ICT Ministers Joint Declaration, G7 members seek to share information
More informationEnergy Security: Role of Regional Cooperation
Energy Security: Role of Regional Cooperation Traian Chebeleu Today s Conference is dedicated to a topic that has deeply preoccupied the governments and the business communities in the Emerging Europe,
More informationAdvanced Persistent Threats
Emilio Tonelli Senior Sales Engineer South Europe WatchGuard Technologies, Inc. Advanced Persistent Threats the new security challenge Are you protected? Current Threat Landscape 2 Global Threat Landscape:
More informationThe big pay turnaround: Eurozone recovering, emerging markets falter in 2015
The big pay turnaround: Eurozone recovering, emerging markets falter in 2015 Global salary rises up compared to last year But workers in key emerging markets will experience real wage cuts Increase in
More informationDelegations will find in Annex Europol proposals on improving information and intelligence exchange in the area of counter terrorism across the EU.
Council of the European Union Brussels, 16 March 2015 (OR. en) 7272/15 LIMITE JAI 180 COSI 34 ENFOPOL 68 CYBER 18 COTER 50 DAPIX 41 NOTE From: To: Subject: Europol Standing Committee on operational cooperation
More informationbest practice guide The Three Pillars of a Secure Hybrid Cloud Environment
best practice guide The Three Pillars of a Secure Hybrid Cloud Environment best practice guide The Three Pillars of a Secure Hybrid Cloud Environment Introduction How sound risk management, transparency
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationIntrusion Tolerance to Mitigate Attacks that Persist
Intrusion Tolerance to Mitigate Attacks that Persist Arun Sood Professor (Computer Science) and Co-Director International Cyber Center George Mason University, Fairfax, VA asood@gmu.edu The variety and
More informationCERT- EE report: DDoS attacks, e- mail messages with forged sender address and defacements on 1-7 November 2013, aka #OpIndependence
CERT- EE report: DDoS attacks, e- mail messages with forged sender address and defacements on 1-7 November 2013, aka #OpIndependence Introduction... 1 1. Chronology... 1 2. Scope and impact of incidents...
More informationProject no and Title:
International Atomic Energy Agency Master s Degree Programme in Nuclear Engineering KEPCO International Nuclear Graduate School (KINGS) Republic of Korea PROSPECTUS Project no and Title: Date: Deadline
More informationENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012
ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationEU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015
EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015 Aristotelis Tzafalias Trust and Security Unit H.4 DG Connect European Commission Trust and Security: One Mission
More informationProspects for the NATO Warsaw Summit Testimony before the U.S. Helsinki Commission By Hans Binnendijk June 23, 2016
Prospects for the NATO Warsaw Summit Testimony before the U.S. Helsinki Commission By Hans Binnendijk June 23, 2016 NATO is anything but obsolete. It is needed more now than at any point since the end
More informationDevelopment, Use and Maintenance of the Design Basis Threat
IAEA Nuclear Security Series No. 10 Implementing Guide Development, Use and Maintenance of the Design Basis Threat DEVELOPMENT, USE AND MAINTENANCE OF THE DESIGN BASIS THREAT The following States are Members
More informationA New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager
A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks Alex Leemon, Sr. Manager 1 The New Cyber Battleground: Inside Your Network Over 90% of organizations have been breached
More informationNuclear Security and Incident Response
Hitachi Review Vol. 62 (2013), No. 3 168 Nuclear Security and Incident Response Kazuhiko Tanimura Hisayuki Ito Hiroyuki Kimura OVERVIEW: Since the Great East Japan Earthquake, there has been a requirement
More informationAdvancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development
Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC) 3 12 February 2015 Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching,
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationJanuary 2016 Cybersecurity Snapshot Global Results www.isaca.org/2016-cybersecurity-snapshot Number of respondents (n) = 2,920
January 2016 Cybersecurity Snapshot Global Results www.isaca.org/2016-cybersecurity-snapshot Number of respondents (n) = 2,920 Media Inquiries: Kristen Kessinger, ISACA, +1.847.660.5512, news@isaca.org
More informationHybrid Wide-Area Network Application-centric, agile and end-to-end
Hybrid Wide-Area Network Application-centric, agile and end-to-end How do you close the gap between the demands on your network and your capabilities? Wide-area networks, by their nature, connect geographically
More informationTHE STATUS OF CYBER SECURITY IN NUCLEAR ENERGY
THE STATUS OF CYBER SECURITY IN NUCLEAR ENERGY ANS Connecticut Local Section Home of Nautilus, Millstone, EB, Westinghouse (CE), Zachry Ted Quinn, ANS Past President President, Technology Resources, tedquinn@cox.net
More informationEmergency Response Service. 2013 IBM Corporation
Emergency Response Service Who is our team The Cyber Security Intelligence and Response team is staffed with: Highly skilled forensic analysts and consultants dedicated to incident response. Resident malware
More informationNine Cyber Security Trends for 2016
Nine Cyber Security Trends for 2016 12-17-15 Boxborough, MA 2016 will see an increasing number of attacks and the emergence of new targets; the complexity and sophistication of attacks, initiated by increasingly
More informationIn the Dark report, 2011
In the Dark report, 2011 CIP Webinar Pamela Warren, CISSP, CIPP Director of CIP Initiatives, McAfee Critical Infrastructure Studies 2 In The Crossfire (2010) 54% experienced large scale DDOS Nearly a third
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationHow do you manage the brain of the business in a way that supports the opportunities your organisation wants to take advantage of?
As the world becomes a more competitive place, businesses need to respond at lightning speed to take advantage of new opportunities or avoid risks. To enable this, the data centre needs to be a dynamic
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationCHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS. Kwangjo Kim
PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea Khalifa University of Science, Technology and Research, Abu Dhabi, UAE kkj@kaist.ac.kr, kwangjo.kim@kustar.ac.ae
More informationCybersecurity in the Energy/Utility Sectors
Cybersecurity in the Energy/Utility Sectors Hon. Todd Snitchler Chairman Thomas Pearce Senior Utility Specialist Chair, NARUC Staff Subcommittee on Critical Infrastructure Thursday, March 21, 2013 Ohio
More informationCYBER SECURITY THREAT REPORT Q1
CYBER SECURITY THREAT REPORT Q1 Moving Forward Published by UMC IT Security April 2015 0 U.S. computer networks and databases are under daily cyber-attack by nation states, international crime organizations,
More informationRoles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace
, pp.137-146 http://dx.doi.org/10.14257/ijseia.2014.8.9.11 Roles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace Jung ho Eom Military Studies, Daejeon University, 62 Daehakro,
More informationInternational Training Course on Preventive and Protective Measures against Insider Threats at Nuclear Facilities PROSPECTUS
J0-TR-45632 International Training Course on Preventive and Protective Measures against Insider Threats at Nuclear Facilities Funded through the IAEA s Nuclear Security Fund PROSPECTUS Title: Place: International
More informationChristos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus
cdoulig at unipi dot gr Department of Informatics University of Piraeus Safety & Security in Cyber Space: Building up Trust in the EU Athens, 6-7 March 2014 Cybersecurity: where do we stand? Major Trends
More informationForeign Corrupt Practices Act (FCPA)/Bribery Act Integrity Due-Diligence & Investigations
Foreign Corrupt Practices Act (FCPA)/Bribery Act Integrity Due-Diligence & Investigations Clarity in a complex world www.mintzgroup.com How We Work: Because the reputations of companies and individuals
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationEnhancing Regional Nuclear Emergency Preparedness in ASEAN. Alistair D. B. Cook NTS Centre Contact: iscook@ntu.edu.sg
Enhancing Regional Nuclear Emergency Preparedness in ASEAN Alistair D. B. Cook NTS Centre Contact: iscook@ntu.edu.sg Recent Developments Prior to Obama s visit to Vietnam, United States and Vietnam signed
More informationUnited Kingdom Nirex Limited CONTEXT NOTE. 4.5: Security. September 2005 Number: 484118
United Kingdom Nirex Limited CONTEXT NOTE 4.5: Security September 2005 Number: 484118 CONTEXT NOTE 4.5: Security September 2005 Number: 484118 Conditions of Publication This technical note is made available
More informationA Risk Assessment Methodology (RAM) for Physical Security
A Risk Assessment Methodology (RAM) for Physical Security Violence, vandalism, and terrorism are prevalent in the world today. Managers and decision-makers must have a reliable way of estimating risk to
More informationMAUVE GROUP GLOBAL EMPLOYMENT SOLUTIONS PORTFOLIO
MAUVE GROUP GLOBAL SOLUTIONS PORTFOLIO At Mauve Group, we offer a variety of complete employee management services such as Global Employment Solutions (GES), Professional Employment Outsourcing (PEO),
More informationE3211. DOT Hazmat Security Awareness. Leader s Guide
E3211 DOT Hazmat Security Awareness Leader s Guide This easy-to-use Leader s Guide is provided to assist in conducting a successful presentation. Featured are: INTRODUCTION: A brief description of the
More informationANNUAL MEETING OF THE INTERNATIONAL NUCLEAR SECURITY EDUCATION NETWORK (INSEN) IAEA Headquarters, Vienna, Austria 10-12 August 2015.
ANNUAL MEETING OF THE INTERNATIONAL NUCLEAR SECURITY EDUCATION NETWORK (INSEN) IAEA Headquarters, Vienna, Austria 10-12 August 2015 Chairman s Report Report by Mr Guido Gluschke Chair of the International
More information