The Critical Infrastructure: To be or not to be Secure. European Network for Cyber Security. Fred Streefland Director Education & Training
|
|
- Ambrose Douglas
- 8 years ago
- Views:
Transcription
1 The Critical Infrastructure: To be or not to be Secure European Network for Cyber Security Fred Streefland Director Education & Training
2
3 Utilinet Securing IP/Ethernet Networks
4 CBS video Aurora
5 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
6 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
7 Introduction Source: ICS-CERT
8 Introduction Did you know that. In 2013 part of the Austrian and German power grid nearly broke down after a control command was accidentally misdirected? In 2012 a honeypot ICS/SCADA system was connected to the internet and received the first attack within 18 hours?.the same honeypot ICS/SCADA system was attacked 39 times from 14 different countries within a period of 28 days?
9 Introduction Who is Fred Streefland? 20+ years of Intelligence & Security experience Air Force/NATO, Intelligence Service, IBM, Accenture, ENCS Specific Cyber Security courses (including SCADA pentesting courses) in UK, Israel, the Netherlands & the US. Public & Private Cyber Security advisor Projectleader in the Smart Grid domain (substation automation) and still not an expert at anything!
10 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
11 What is ENCS? European Network for Cyber Security Not-for-profit cooperative, independent organisation Founded in July 2012 Located in The Hague, The Netherlands Services: Test Lab, R&D, Education & Training and an Information/Knowledge sharing platform Goal: to increase the Cyber Resilience of the European Critical Infrastructure
12 20 employees, from: Brazil Germany Japan Netherlands Poland Spain USA HR, Finance, ICT, Marketing ENCS Assembly ENCS Assembly Committee CEO Office HR, Finance, ICT, Marketing Projects Alliander KPN DNV KEMA Radboud University TNO E.ON Enexis Wurldtech Applied Risk (Siemens) (Accenture) (EDP) (Westland Infra) (Delft University) Research & Development Security Testing Education & Training Information & Knowledge Sharing - Confidential - 12
13 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
14 What is Cyber Security? Cyber Security: the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption*. *Source: Wikipedia slightly adapted
15 What is the Critical Infrastructure? Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy*. electricity generation, transmission and distribution; gas production, transport and distribution;; telecommunication; water supply (drinking water, waste water/sewage, stemming of surface water (e.g. dikes and sluices)); food production and distribution; public health (hospitals, ambulances); transportation systems (fuel supply, railway network, airports, harbors, inland shipping); financial services (banking, clearing); security services (police, military). *Source: Wikipedia
16 Cyber Security & the Critical Infrastructure The more people rely on the internet, the more people rely on it to be secure Neelie Kroes (VP European Commission) The more Critical Infrastructures rely on the internet, the more Critical Infrastructures become insecure Fred Streefland (Cyber Security hobbyist)
17
18 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
19 The inter-connected world..
20 The complexity of the organizations.
21 The number of attack surfaces Client attacks Server attacks Netwerk attacks Hardware attacks
22 The sophistication of attacks
23 The lack of knowledge and standards
24 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
25 The possible solution(s) Yes, this is the dialogue part of this presentation!
26 A holistic/overarching approach Data Governance/Strategy Applications Policies & Standards Systems Process & Operations Network Physical Security Prevent Detect Respond Source: Accenture Netherlands, 2013
27 The Cyber Security Intelligence Cycle* Understand what is happening on the IT and Infrastructure in real time Understand where you are today and learn from earlier events Understand the nature and significance of an event and provide assessments Threat Tempo Study the assessments and decide how to deal with them Response Tempo Take action. Contain and fix the damage (if any). 27 * Source: IBM
28 Collaboration is essential!
29 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
30 Some recommendations There s no standard 100% solution that fits all, but. there are some measurements that minimize the risk: 1. Educate & train your people (awareness) 2. Detect & Identify all connections/devices/networks in your organization 3. Dismantle/pull the plug of all unneccessary connections/services to internet 4. Check potential back doors of 3rd party vendors/contractors (procurement) 5. Execute risk/security/pen-testing audits on a regulary base 6. Develop clear security job descriptions within the company, also within the ICS domain. Assign responsibilities to the management, preferably in the boardroom 7. Document & log everything 8. Make sure that you have back-ups and recovery plans (and test them!) 9. Create security policy and train this 10. Monitor, Monitor and Monitor!!
31 Conclusion The Critical Infrastructure is hard to secure due to the interconnectivity requirements (internet), the complexity of the organiztions, the threats (surface & sophistication) and the lack of specific knowledge & standards. The overarching approach combined with the Intelligence Cyber Security Cycle and collaboration is needed. 100% security is impossible, but there are some recommendations that really help you to minimize the risk. But at the end..
32 It comes down to Collaboration. No one can do it alone. Bram Reinders founder of ENCS
33 Content 1. Introduction 2. What is ENCS? 3. Cyber Security & the Critical Infrastructure 4. The Challenges 5. The (possible) Solution(s) 6. Conclusion 7. Q & A
34
35 Thank you for your attention! European Network for Cyber Security
36
ENCS/NEC RESEARCH MEETING
ENCS/NEC RESEARCH MEETING Benessa Defend ベネッサ ディフェンド Benessa.Defend@encs.eu April 21, 2014 NEC, Kawasaki 1 PARTNERING FOR CYBER RESILIENCE We create and bring together knowledge and resources to secure
More informationCyber Security for the energy industry
ENERGY Cyber Security for the energy industry 28-03-2014 1 DNV GL 2014 10-03-2014 SAFER, SMARTER, GREENER 2 3 Challenges Utilities are thinking they are ok! The fence around the assets isn t enough anymore
More informationEnd-to-End Cyber Security for the Smart Grid
SPONSORSHIP & EXHIBITION OPPORTUNITIES End-to-End Cyber Security for the Smart Grid 2-Day Conference, Exhibition & Networking Forum 29-30 November 2016 Amsterdam, The Netherlands Event Format Case-study
More informationCyber Security in EU: ENISA approach
Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency Norwegian Energy Days 2015, Oslo European Union Agency for Network and
More informationICS, SCADA, and Non-Traditional Incident Response. Kyle Wilhoit Threat Researcher, Trend Micro
ICS, SCADA, and Non-Traditional Incident Response Kyle Wilhoit Threat Researcher, Trend Micro 1 $whoami Threat Researcher, FTR, Trend Micro Threat Researcher at Trend Micro- research and blogger on criminal
More informationCyber Security in EU: ENISA approach
Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for
More informationEuropean Network for Cyber Security
European Network for Cyber Security Cyber Security: a fundamental basis for Smart Grids Project Summary December 19, 2014 Introduction Smart grids are crucial to support the use of more sustainable energy
More informationCyber security guide for boardroom members
Cyber security guide for boardroom members 2 Cyber security guide for boardroom members Cyber security at strategic level Our society is rapidly digitising, and we are all reaping the benefits. Our country
More informationWhat Risk Managers need to know about ICS Cyber Security
What Risk Managers need to know about ICS Cyber Security EIM Risk Managers Conference February 18, 2014 Joe Weiss PE, CISM, CRISC, ISA Fellow (408) 253-7934 joe.weiss@realtimeacs.com ICSs What are they
More informationWORKSHOP Rethinking Cyber Security for Industrial Control Systems
WORKSHOP Rethinking Cyber Security for Industrial Control Systems Bob Mick, Workshop Moderator VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1 Re-Thinking Cyber Security Why Re-Thinking?
More informationFlexible Plug & Play Smart grid cyber security design and framework. Tim Manandhar
Flexible Plug & Play Smart grid cyber security design and framework Tim Manandhar Agenda Cyber security for smart grids Smart Grid cyber security framework FPP project approach on Cyber security Conclusions
More informationCybersecurity Risk Assessment in Smart Grids
Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1 Risk Assessment:
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationHow To Protect A Smart Grid From Cyber Security Threats
Smart Grid Cyber Security System Reliability, Defense-in-Depth, Business Continuity, Change Management, Secure Telecommunications, Endpoint Protection, Identity Management, and Security Event Management
More informationRisk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit
Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation
More informationRoger s Cyber Security and Compliance Mini-Guide
Roger s Cyber Security and Compliance Mini-Guide A Mini Guide for Small and Medium Business and not for profit organisations. By Roger Smith Managed Service Provider and Cyber Security Coach R & I ICT
More informationControl Systems Security: Australian Government Activities. Dr. Jason Smith Asst. Director, Operations CERT Australia Attorney-General s Department
Japan Computer Emergency Response Team Coordination Center 電子署名者 : Japan Computer Emergency Response Team Coordination Center DN : c=jp, st=tokyo, l=chiyoda-ku, email=office@jpcert.or.jp, o=japan Computer
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationRESILIENCE AGAINST CYBER ATTACKS Protecting Critical Infrastructure Information
www.wipro.com RESILIENCE AGAINST CYBER ATTACKS Protecting Critical Infrastructure Information Saritha Auti Practice Head - Enterprise Security Solutions, Wipro Table of Contents 03... Abstract 03... Why
More informationCyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.
Cyber Security :: Insights & Recommendations for Secure Operations N-Dimension Solutions, Inc. Cyber Security Protection for Critical Infrastructure Assets Agenda: Cyber Landscape Cyber Threats to Your
More informationAirports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions
Airports and their SCADA Systems Dr Leigh Armistead, CISSP Peregrine Technical Solutions What We May Face For an attack to be successful it only has to cause disruption not loss of life to a significant
More informationSmart grid security analysis
Smart grid security analysis Paul Smith et al. paul.smith@ait.ac.at SPARKS Stakeholder Workshop 20 th May, 2014, Graz SPARKS Objectives The SPARKS project has three main objectives regarding security analysis:
More information2. Cyber security research in the Netherlands
2. Cyber security research in the Netherlands Jan Piet Barthel MSc Netherlands Organization for Scientific Research A strong motivation to enforce CS research: Absence or lack of cyber security is listed
More informationThe Internet of Things Risks and Challenges
The Internet of Things Risks and Challenges Providing the insight that enables our customers to make informed business decisions. Antony Price 03rd March 2015 Contents Internet of Things - The next threat
More informationHow To Protect Your Network From Attack
NextGen SCADA security Erwin Kooi Setting the stage This talk is not An introduction to SCADA security AIC versus CIA The latest blinky-lights SCADA security appliance How to use IT security in OT envrionments
More informationUtility of the Future Virtual Event Series Monthly Virtual Studio Event Series for Utilities
Utility of the Future Virtual Event Series Monthly Virtual Studio Event Series for Utilities PART 1 OPERATIONAL AND CYBER SECURITY WITH AlertEnterprise WEDNESDAY, APRIL 30 Monthly Virtual Events Last Wednesday
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationCyber Security Review
ISSN 2055-6950 (Print) ISSN 2055-6969 (Online) Cyber Security Review Winter 2014/15 CYBERCRIME AS A NATIONAL SECURITY ISSUE CECSP: TOWARDS EFFECTIVE COLLABORATION ON CYBER SECURITY IN CENTRAL EUROPE TECHNICAL
More informationSmart Cities. Smart partners in tomorrow s cities
DNV KEMA serving the energy industry Smart Cities Smart partners in tomorrow s cities Experience, knowledge and advanced methods & tools for smart city planning and implementation 02 I DNV KEMA SERVING
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationCyber Security of the Smart Grid
Cyber Security of the Smart Grid Design Document May 12-21 11/4/11 Group Members John Majzner Daniel Kosac Kyle Slinger Jeremy Deberg Team Advisor Manimaran Govindarasu Graduate Students Adam Hahnad Siddharth
More information3rd Party Audited Cloud Infrastructure SOC 1, Type II SOC 2, Type II ISO 27001. Annual 3rd party application Pen Tests.
THE BRIGHTIDEA CLOUD INFRASTRUCTURE INTRODUCTION Brightidea s world-class cloud infrastructure is designed and certified to handle the most stringent security, reliability, scalability, and performance
More informationFrost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends
Frost & Sullivan s Aerospace, Defence & Security Practice Global Industrial Cyber Security Trends Presented by Philipp Reuter Director Frost & Sullivan, Turkey 1 Worth over $ 50 Billion globally in 2014
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationSupporting our customers with NERC CIP compliance. James McQuiggan, CISSP
Supporting our customers with NERC CIP compliance James, CISSP Siemens Energy Sector Energy products and solutions - in 6 Divisions Oil & Gas Fossil Power Generation Renewable Energy Service Rotating Equipment
More informationPhone: +44 20 8123 2220 Fax: +44 207 900 3970 office@marketpublishers.com https://marketpublishers.com
Industrial Control System (ICS) Security Market by Technology (DDOS, IDS/IPS, Firewall, SIEM, SCADA Encryption, UTM, Application, Whitelisting, DLP, Database Activity Monitoring), by Services, and by Verticals
More informationIntelligent. Buildings: Understanding and managing the security risks
Version 2 IET Sector Insights Intelligent Buildings: Understanding and managing the security risks More efficient and cost-effective use of the built environment is increasingly being driven by economic
More informationThe trend of the Cyber Security and the efforts of NEC. December 9 th, 2015 NEC Corporation
The trend of the Cyber Security and the efforts of NEC December 9 th, 2015 NEC Corporation Agenda 1. NEC Corporate Profile 2. NEC s Activity for Safer-City 3. NEC Cyber Security Solution 3.1 Security Operation
More informationTechnology applied to the most innovative and demanding sectors of the market.
STE is an Italian medium sized private Systems Integration Company leader in Information and Communication Technology applied to the most innovative and demanding sectors of the market. Established on
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More information10 Hidden IT Risks That Threaten Your Financial Services Firm
Your firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine your business without IT. Today,
More informationICASAS505A Review and update disaster recovery and contingency plans
ICASAS505A Review and update disaster recovery and contingency plans Release: 1 ICASAS505A Review and update disaster recovery and contingency plans Modification History Release Release 1 Comments This
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationFBI AND CYBER SECURITY
FBI AND CYBER SECURITY SSA John Caruthers SSA Ken Schmutz SSA Tom Winterhalter Mission The FBI is the only U.S. agency charged with the authority to investigate both criminal and national security investigations.
More informationThe Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.
The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationThe Amazing Future of the IoE
The Amazing Future of the IoE Shaun Kirby CTO, Cisco Consulting Services November 2014 The Internet of Everything: People, Process, Data, and Things People Connecting people in more relevant, valuable
More informationClaes Rytoft, ABB, 2009-10-27 Security in Power Systems. ABB Group October 29, 2009 Slide 1
Claes Rytoft, ABB, 2009-10-27 Security in Power Systems October 29, 2009 Slide 1 A global leader in power and automation technologies Leading market positions in main businesses 120,000 employees in about
More informationAudit summary of Security of Infrastructure Control Systems for Water and Transport
V I C T O R I A Victorian Auditor-General Audit summary of Security of Infrastructure Control Systems for Water and Transport Tabled in Parliament 6 October 2010 Background Infrastructure critical to the
More informationMiddle East I.T. Security Business Survey
Middle East I.T. Security Business Survey A quiet security revolution gathering pace A report by GISEC Powered by GISEC Analytics Partner Middle East I.T. Security Business Survey About the report: The
More informationOn the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks
CIBSI 2013 Panama City, Panama, October 30 th, 2013 On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks Paulo Simões, Tiago Cruz, Jorge Gomes, Edmundo Monteiro psimoes@dei.uc.pt
More informationGood Security. Good Business
Good Security Good Business Good Security Good Business Attorney-General s foreword Small business plays a crucial role, not only in our nation s economy but in Australian society. We often make decisions
More informationHow To Protect Your Network From Attack From A Cyber Threat
Targeting Improved Cyber Security Three Common Ways Electric Utilities Can Improve Their Cyber Security. By Power System Engineering, Inc. (PSE) Many managers understand the importance of strong cyber
More informationSeamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security
Seamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security An Internal Audit perspective on the threats and responses within the Retail Sector 15 th May 2014 Agenda Introductions
More informationBest Practices in ICS Security for System Operators. A Wurldtech White Paper
Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationESKISP6054.01 Conduct security testing, under supervision
Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to
More informationSynergies between DSOs and ICT
Synergies between DSOs and ICT KPN & Alliander: A CDMA-450 network for utilities CEDEC, Brussels, 6 November 2013 Pim de Groot, KPN Erik Moll, Alliander Telecom Alliander Key facts 2 Link to the video
More informationIntegrated On-Line Risk Prediction: Think Globally and Act Locally. Dr. Chiara Foglietta, chiara.foglietta@uniroma3.it
Integrated On-Line Risk Prediction: Think Globally and Act Locally Dr. Chiara Foglietta, chiara.foglietta@uniroma3.it Final Workshop Rome, December 16th, 2014 Motivation and Background Power Grid Operating
More informationSPONSORSHIP & EXHIBITION OPPORTUNITIES
SPONSORSHIP & EXHIBITION OPPORTUNITIES Predictive Analytics for Dynamic Grid Performance 2-Day Conference, Exhibition & Networking Forum Tuesday 5 th & Wednesday 6 th April 2016 Novotel Amsterdam City,
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationPlain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75
Plain English Guide To Common Criteria Requirements In The Field Device Protection Profile Version 0.75 Prepared For: Process Control Security Requirements Forum (PCSRF) Prepared By: Digital Bond, Inc.
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationHybrid Risk Management for Utility Networks
Hybrid Risk Management for Utility Networks Hermann de Meer hermann.demeer@uni-passau.de Computer Networks and Computer Communications Lab (CNACC) University of Passau CNACC: Introduction People Prof.
More informationINFORMATION TECHNOLOGY PROGRAM DESCRIPTIONS OPERATIONAL INVESTMENTS
EB-0-0 Exhibit D Schedule - Page of INFORMATION TECHNOLOGY PROGRAM DESCRIPTIONS OPERATIONAL INVESTMENTS SCADA SECURITY, GOVERNANCE AND OPERATIONS Program Overview Within THESL s operations, there is a
More informationIT Infrastructure Services. White Paper. Cyber Risk Mitigation for Smart Cities
IT Infrastructure Services White Paper Cyber Risk Mitigation for Smart Cities About the Author Abhik Chaudhuri Abhik Chaudhuri is a Domain Consultant with the Information Technology Infrastructure Services
More informationWe make Smart Cities a reality. Schneider Electric Smart Cities
We make Smart Cities a reality 1 5 steps to smart Set the vision: an efficient + liveable + sustainable city. Combine hardware + software solutions to improve the efficiency of urban operating systems
More informationTHE EVOLUTION OF CYBERSECURITY
THE EVOLUTION OF CYBERSECURITY Identifying Best Practices June 2, 2015 Cerone F. Cy Sturdivant Managing Consultant Nashville, TN 1 TO RECEIVE CPE CREDIT Participate in entire webinar Answer polls when
More informationPrivacy and Security in Healthcare
5 th 5 th th National HIPAA Summit National Strategy to Secure Cyberspace Privacy and Security in Healthcare October 31, 2002 Andy Purdy Senior Advisor, IT Security and Privacy The President s Critical
More informationEEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project
EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies
More informationEnergy Cybersecurity Regulatory Brief
Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider
More informationInnovation in Security. Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century
Innovation in Security Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century The complete Security Solution for SIP and Unified Communications designed
More informationIAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD
IAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD A NEW IEC STANDARD FOR CYBERSECURITY FOR NUCLEAR POWER PLANTS: IEC 62645 - REQUIREMENTS FOR SECURITY PROGRAMS FOR COMPUTER-BASED
More informationSupply Chain Risk: Understanding Emerging Threats to Global Supply Chains
Supply Chain Risk: Understanding Emerging Threats to Global Supply Chains Prof John Manners-Bell, Logistics and Supply Chain Council, WEF CEO, Transport Intelligence Sao Paulo, March 2015 Changes in SCM
More informationIM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction...3. 2. Policy Statement...3. 3. Purpose...
IM&T Infrastructure Security Policy Board library reference Document author Assured by Review cycle P070 Information Security and Technical Assurance Manager Finance and Planning Committee 3 Years This
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationWebnet2000 DataCentre
Webnet2000 DataCentre WEBNET2000 have been enabling organisations develop their Internet presence for over 10 Years. The Webnet2000 Datacentre features the very latest world class resilient infrastructure,
More informationNAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives
NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives Center of excellence for secure integration, deployment and sustainment of Industrial Control Systems and Operational Technology
More informationNetwork Security Policy
IGMT/15/036 Network Security Policy Date Approved: 24/02/15 Approved by: HSB Date of review: 20/02/16 Policy Ref: TSM.POL-07-12-0100 Issue: 2 Division/Department: Nottinghamshire Health Informatics Service
More informationBuilding the Clean Energy Super Highway
Building the Clean Energy Super Highway The Development of the Global Smart Grid and the Next Innovation Infrastructure A presentation for the Fletcher School of Law & Diplomacy April 25, 2011 Drew Bennett,
More informationTriangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace
Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute
More informationYour company protected against cybercrime
Your company protected against cybercrime SMEs are easy prey for cyber criminals Which entrepreneur doesn t sometimes become aware of the trouble a burglary in his company would cause? Solid locks on doors
More informationIEEE-Northwest Energy Systems Symposium (NWESS)
IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationRobert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens
Robert Malmgren Smart Grid Security Challenges - Legacy and Infrastructure Burdens Short bio Robert Malmgren Independent consultant that have worked with utility companies regarding IT- and info sec since
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More information10 Hidden IT Risks That Threaten Your Practice
(Plus 1 Fast Way to Find Them) Your practice depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine
More informationAddressing the Global Supply Chain Threat Challenge Huawei, a Case Study
SESSION ID: ECO-W02 Addressing the Global Supply Chain Threat Challenge Huawei, a Case Study Andy Purdy Chief Security Officer Huawei Technologies USA Huawei is a global organization serving over a third
More informationEU CIP Project DENSEK. Joining forces against cyber threats on European level
EU CIP Project DENSEK Joining forces against cyber threats on European level DENSEK EU CIP Objectives Improving the resilience of the energy infrastructure i.e. improving the security of the Smart Energy
More informationFeature. SCADA Cybersecurity Framework
Feature Samir Malaviya, CISA, CGEIT, CSSA, works with the Global Consulting Practice-GRC practice of Tata Consultancy Services and has more than 17 years of experience in telecommunications, IT, and operation
More informationThe Advantages of Using a CatN Data Centre
Behind the Cloud Keeping your data safe Sept 2013 Security Your Data is Our Priority Where is my data held? Your data is held in our highly secure data centre in the United Kingdom where the data protection
More informationDisaster Avoidance and Resilient IT for Business Continuity in Medical Practice :
Disaster Avoidance and Resilient IT for Business Continuity in Medical Practice : Proven strategies and procedures to assist with planning, implementation and testing of medical practice IT for business
More informationCyber Security. From Computer Security to Information Assurance : Evolving Doctrines & Consequences. Peter Sommer
Cyber Security 11 11 July July 2011 2011 From Computer Security to Information Assurance : Evolving Doctrines & Consequences Peter Sommer London London School School of of Economics Economics Why a Global
More informationSPARKS Cybersecurity Technology and the NESCOR Failure Scenarios
SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios Lucie Langer and Paul Smith firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Workshop Monday 29 th September,
More informationURBANFLOOD NEWSLETTER
January 2012 UrbanFlood is a project under the European Union 7 th framework Programme* that develops and tests an internet based early warning system (EWS). The project started in December 2009. Project
More informationSIEM is only as good as the data it consumes
SIEM is only as good as the data it consumes Key Themes The traditional Kill Chain model needs to be updated due to the new cyber landscape A new Kill Chain for detection of The Insider Threat needs to
More informationUrbanFlood Monitoring, rich browsers and cloud service technologies for an online EWS hosting platform Work Package 6 D6.4 version 1.0, 29 Nov.
UrbanFlood Monitoring, rich browsers and cloud service technologies for an online EWS hosting platform Work Package 6 D6.4 version 1.0, 29 Nov. 2010 November 2010 URBAN FLOOD A project funded under the
More informationService-Aware Security for Distributed Automation. Ilan Barda GRIPS SciREX Symposium February 2 nd 2015
Service-Aware Security for Distributed Automation Ilan Barda GRIPS SciREX Symposium February 2 nd 2015 The market Securing the Industrial IoT Source: MarketsandMarkets, December 2014-2- Radiflow Mission
More informationNow and Tomorrow. IEEE/AICCSA Conference November 2014 Malike Bouaoud Cyber Security Advisor
Now and Tomorrow IEEE/AICCSA Conference November 2014 Malike Bouaoud Cyber Security Advisor Hacktivism Regulatory/Compliance (local and international) Sophisticated Malware Data leakage Cybercriminal syndicates
More information