A Tactical Approach to Continuous Compliance. Walt Sikora, Vice President Security Solutions EMMOS 2013
|
|
- Rosalind Short
- 8 years ago
- Views:
Transcription
1 A Tactical Approach to Continuous Compliance Walt Sikora, Vice President Security Solutions EMMOS 2013
2 Abstract NERC has moved quickly to address shortcomings and lack of clarity in previous versions of CIP standards. While this was a positive move, overall, it also presents some unique challenges for Asset Owners. This presentation will briefly cover changes and challenges presented with NERC CIPv5 adoption and deliver tactical steps that Asset Owners can take to fulfill requirements and achieve continuous compliance when addressing CIP Cyber Security Configuration Management and Vulnerability Assessment. 9/24/2013 2
3 Industrial Defender at a Glance Security and compliance since 2002 Exclusively focused on OT Pioneering automation systems management: security, compliance and change management for ICS Turnkey technology and service solution Multiple applications, one platform Vendor agnostic Purpose built Industrial Defender ranked #1 two years in a row by independent analysts 10,000+ technology deployments 400+ customers 25+ countries 9/24/2013 3
4 NERC CIP v4 v. NERC CIP v5 Version 4 Version 5 42 requirements; 113 parts 37 requirements; 148 parts No contextual information Includes background, rationale, and guidelines and Technical Basis Measures on high level requirement only 14 requirements with Technical Feasibility Exception (TFE) triggering language Measures for each requirement, including parts 12 requirements with TFE triggering language Undefined periodic terms Many binary Violation Severity Levels (VSLs) Clear periodic requirements: initial requirements in Implementation Plan More gradated VSLs Source: 9/24/2013 4
5 Implications of the Changes Change Less requirements, more parts Increased context, background, rationale Measures for each requirement and part Less potential for TFEs Clearly defined periodic terms More gradated VSLs Implication More clarity, more coverage More clarity More clarity, more examples More mitigation, workarounds, or additional solution(s) More clarity, less room for periodic errors More flexibility Entities are not required to self-report deficiencies if they are identifying, assessing and correcting them 9/24/2013 5
6 High, Medium, and Low Impact CIP Attachment 1 Impact Rating Criteria Rates BES Cyber Systems by: High Impact Rating (H) Medium Impact Rating (M) Low Impact Rating (L) Criteria listed for each rating level Rating level will determine which requirements/sub-requirements a BES Cyber System owner will have to meet Rating level(s) are associated with each requirement 9/24/2013 6
7 Strategic Goals for complying with CIP High-level strategy Continuous compliance Reduce overhead Improved resource allocation How do you get there? Are you there yet? 9/24/2013 7
8 What we now know Priorities & Objectives Automation Systems becoming more complex o Mix of legacy and next generation architectures o o o Heterogeneous Systems Exponential Increase in intelligent devices Unclear responsibility/ownership Maintain Reliability & Performance standards Ensure profitability Need for increased security Lots of technologies that can help Remember: No silver bullets! Report on activities Managing change introduces additional business process requirements and labor allocation Fewer Resources / increasing skill set gaps Balancing Operational Requirements with Security, Compliance, Change Management requirements 9/24/2013 8
9 Change Management Question: Do you anticipate growth in intelligent devices over the next 3-5 years? How will you manage: Patching? Firmware Updates? Configurations? User Access? Servers: PCS, SCADA, Work stations HMI Stations Firewalls Hardened networking devices PLCs IEDs, Sensors, Controllers 9/24/2013 9
10 Quick Review of CIP Configuration Management R1 Configuration Change Management R1.1 Baseline configuration for: OS Commercial or Open-source Application(s) Custom software Logical network accessible ports Security Patches R1.2 Authorize and document changes that deviate from the existing baseline configuration R1.3 For deviations, update baselines and documentation required by CIP-007 and CIP-005 as necessary within 30 calendar days R1.4 For changes that deviate R1.4.1 Determine potentially impacted cyber security controls prior to change R1.4.2 After change, verify controls are not adversely affected R1.4.3 Document results of verification 9/24/
11 Do you have more than one control system to worry about? ABB Siemens* Emerson* *Some vendors may supply security solutions for only their system 9/24/
12 How many tools do you need to manage your EMS? What Industrial Defender s ASM Covers CHANGE MANAGEMENT PATCH MANAGEMENT Change Ticketing Source Code Development Change Initiation Pre-Post change Config/Policy Exceptions Change Documentation Patch Monitoring Patch Base line Patch Exception Patch Application ASSET MANAGEMENT TICKETING MANAGEMENT GIS Maintenance Work Orders Device inventory Logic Rules Event Correlation Documentation Tasks Ticketing workflows Ticketing approvals EVENT MANAGEMENT USER MANAGEMENT /Web Events DPI Root Cause Analysis ICS Collectors Logic Rules Event Correlation User Base Lines User Activity Reporting Access Management NETWORK MANAGEMENT IED CONFIGURATION MANAGEMENT Network Visualization Configuration Backups Event Correlation Security logging Change monitoring Configuration Backups Operational Algorithms Configuration 9/24/
13 The current approach to security, compliance and change management typically takes at least 10 screens. Trigeo SEM McAfee Industrial Defender Cryptzone SE46 Tripwire SonicWall Industrial Defender McAfee eeye Retina McAfee WizNucleus Lumension 9/24/
14 The current approach to security, compliance and change management typically takes at least 10 screens. Trigeo SEM McAfee Industrial Defender Cryptzone SE46 With the Automation Systems Manager organizations can: Tripwire Secure vulnerabilities from SonicWall malicious attacks and human error. Implement regulatory compliance measures and efficiently process reporting requirements from a centralized dashboard. eeye Retina Manage change across a growing, heterogeneous and complex automation environment. Industrial Defender McAfee McAfee WizNucleus Lumension 9/24/
15 Automation Systems Management Architecture Automation Systems Manager (ASM) Application Capabilities Asset Management Event Management Configuration Change Management Policy Management Reporting DCS PCS SCADA PLC RTU Controller s 9/24/
16 Software Applications essential to Security, Compliance and Change Management Asset Management Event Management A single unified view of all assets within the automation system s environment. Enables onboarding and decommissioning of assets, reports device status, information access and state information. Brings visibility to control system and networks by providing event log data. Receives and consolidates events from multiple security sources, centralizes operations and reduces expenses. Configuration Change Management Policy Management Enables operators to track and audit device settings, software, firewall rules and user accounts and view and baseline the system configurations, ports & services, and software. Enables operators to communicate new policies, track acceptance and manage conformance. Reporting A comprehensive suite of standard configurable reports to meet regulatory requirements and simplify adherence to internal requirements. Enables users to define, generate and automate reports as needed. 9/24/
17 Configuration Management 2 Approaches Passive Always watching Never changing production Oh, we see a change. Is it ok? Click Yes or No Baseline gets updated after the fact if Yes Production asset gets manually reverted if No Active Always watching Never changing production Oh, we see a change. Revert that change back to the approved configuration automatically. No permanent changes to production until approved configuration change Baseline gets updated to enable change 9/24/
18 Situational awareness 9/24/
19 Central asset information 9/24/
20 Which ports are used? 9/24/
21 Device ports and services configuration details 9/24/
22 Software inventory 9/24/
23 Patches installed 9/24/
24 Cyber Asset Details 9/24/
25 Security Event Monitoring 9/24/
26 Compliance reporting 9/24/
27 Experience across many automation environments Security performance monitoring o ABB 800xA, Symphony/Harmony, Infi90, Network Manager, FACTS, SYS600C and MicroSCADA o Automsoft RAPID Historian o Emerson DeltaV and Emerson Ovation o Emerson/Westinghouse WDPF o GE XA/21 o GE PowerOn Fusion o Foxboro I/A Series o Honeywell Experion o Itron OpenWay System o Rockwell RSView o Schneider/Telvent Oasys, Citect Momentum, Quantum o Siemens PCS7 o Yokogawa Centrum CS 3000 Operating systems o Windows 7 o Win 2k, 2k3, 2k8 R2, XP, WinNT o HP-UX PA-RISC & Itanium o Linux o DEC Tru-64 o Sun Solaris o IBM AIX Industrial rules o DNP3 o Modbus o ICCP o IEC o TCP/IP 9/24/
28 It s a program, not a project Sustain Services Firmware/Patch Updates Performance/Alert Tuning Re-Baselining Software, Patches, Ports & Services Supervise Services Event Monitoring Configuration Baseline Monitoring Move, Add, Change Management Survive Services Backup Restoration Disaster Recovery Automation Systems Manager (ASM) Application Capabilities Asset Management Event Management Configuration Change Management Policy Management Reporting CLIENTS SERVERS PERIMETER DEVICES NETWORK DEVICES Automation Systems End-Points ( Optional Agent) 9/24/
29 Meet the Challenges Industrial Defender Your Solution for Automation Systems Management Deeply integrated with a number of EMS vendors to ensure performance & reliability Tackle increasing security, compliance and change management challenges despite resource constraints. Simplify and scale with a complete turnkey solution: Challenges Rapidly changing technologies Evolving security threats, both internal & external Lack of expertise Address resource and expertise challenges with a single view, vendor agnostic platform. Enable IT and OT to work together via a purpose built solution. Reduce overall TCO with a unified approach. Choosing Solutions Purpose built for control systems Eliminate manual work Report on activities Compatible with all your systems Sustain your automation environment as a program not a project! 9/24/
30 Web Blog blog.industrialdefender.com 9/24/
Critical Infrastructure Cybersecurity
Critical Infrastructure Cybersecurity Webinar July 23, 2014 Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Kim Legelis Vice President, Marketing Lockheed Martin Industrial Defender 2
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationTRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering
More informationControl System Integrity (CSI) Tools and Processes to Automate CIP Compliance for Control Systems
Control System Integrity (CSI) Tools and Processes to Automate CIP Compliance for Control Systems James Goosby Manager I&C Systems and Field Support 19 th Annual ARC Industry Forum Agenda About Us Compliance
More informationAutomating NERC CIP Compliance for EMS. Walter Sikora 2010 EMS Users Conference
Automating NERC CIP Compliance for EMS Walter Sikora 2010 EMS Users Conference What do we fear? Thieves / Extortionists Enemies/Terrorists Stuxnet Malware Hacker 2025 Accidents / Mistakes 9/21/2010 # 2
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationCyber Security focus in ABB: a Key issue. 03 Luglio 2014, Roma 1 Conferenza Nazionale Cyber Security Marco Biancardi, ABB SpA, Power System Division
Cyber Security focus in ABB: a Key issue 03 Luglio 2014, Roma 1 Conferenza Nazionale Cyber Security Marco Biancardi, ABB SpA, Power System Division Cyber Security in ABB Agenda ABB introduction ABB Cyber
More informationDocument ID. Cyber security for substation automation products and systems
Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has
More informationSummary of CIP Version 5 Standards
Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationCIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationNotable Changes to NERC Reliability Standard CIP-010-3
C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Notable Changes to NERC Reliability Standard CIP-010-3 Cyber Security Configuration Change Management and Vulnerability
More informationNorth American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)
Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a
More informationNovaTech NERC CIP Compliance Document and Product Description Updated June 2015
NovaTech NERC CIP Compliance Document and Product Description Updated June 2015 This document describes the NovaTech Products for NERC CIP compliance and how they address the latest requirements of NERC
More informationCIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationAlberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1
A. Introduction 1. Title: 2. Number: 3. Purpose: To prevent and detect unauthorized changes to BES cyber systems by specifying configuration change management and vulnerability assessment requirements
More informationTechnology Solutions for NERC CIP Compliance June 25, 2015
Technology Solutions for NERC CIP Compliance June 25, 2015 2 Encari s Focus is providing NERC CIP Compliance Products and Services for Generation and Transmission Utilities, Municipalities and Cooperatives
More informationImplementation Plan for Version 5 CIP Cyber Security Standards
Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 11, 2012 Prerequisite Approvals All Version 5 CIP Cyber Security Standards and the proposed additions, modifications, and
More informationABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?
ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? Agenda Threats Risk Assessment Implementation Validation Advanced Security Implementation Strategy
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationNERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice
NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to
More informationISACA rudens konference
ISACA rudens konference 8 Novembris 2012 Procesa kontroles sistēmu drošība Andris Lauciņš Ievads Kāpēc tēma par procesa kontroles sistēmām? Statistics on incidents Reality of the environment of industrial
More informationCyber Security Standards Update: Version 5
Cyber Security Standards Update: Version 5 January 17, 2013 Scott Mix, CISSP CIP Technical Manager Agenda Version 5 Impact Levels Format Features 2 RELIABILITY ACCOUNTABILITY CIP Standards Version 5 CIP
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,
More informationThe Importance of Cybersecurity Monitoring for Utilities
The Importance of Cybersecurity Monitoring for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationBSM for IT Governance, Risk and Compliance: NERC CIP
BSM for IT Governance, Risk and Compliance: NERC CIP Addressing NERC CIP Security Program Requirements SOLUTION WHITE PAPER Table of Contents INTRODUCTION...................................................
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationGE Measurement & Control. Cyber Security for Industrial Controls
GE Measurement & Control Cyber Security for Industrial Controls Contents Overview...3 Cyber Asset Protection (CAP) Software Update Subscription....4 SecurityST Solution Options...5 Centralized Account
More informationCyber Security nei prodotti di automazione
Cyber Security nei prodotti di automazione Marco Biancardi, ABB SpA, Power System Division 11 dicembre 2013, Roma Why is it an issue? Isolated devices Point to point interfaces Proprietary networks Standard
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationCIP-010-1 R1 & R2: Configuration Change Management
CIP-010-1 R1 & R2: Configuration Change Management June 3, 2014 Steven Keller Lead Compliance Specialist - CIP skeller.re@spp.org 501.688.1633 Outline What is CIP-010-1? How it is different from CIP-003-3
More informationHow to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework
How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework Jacques Benoit, Cooper Power Systems Inc., Energy Automations Solutions - Cybectec Robert O Reilly, Cooper
More informationCOMPANY PROFILE- INDUSTRIAL DEFENDER
COMPANY PROFILE- INDUSTRIAL DEFENDER MarketsandMarkets sales@marketsandmarkets.com www.marketsandmarkets.com MarketsandMarkets is a global market research and consulting company based in the U.S. We publish
More informationCybersecurity for Energy Delivery Systems 2010 Peer Review. Dale Peterson Digital Bond, Inc. Bandolier and Portaledge
Cybersecurity for Energy Delivery Systems 2010 Peer Review Alexandria, VA July 20-22, 2010 Dale Peterson Digital Bond, Inc. Bandolier and Portaledge Summary Slide: Bandolier Outcomes: Insure new and upgraded
More informationNERC CIP Tools and Techniques
NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com (843) 619-0050 October
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationINTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT
Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationSecureVue Product Brochure
SecureVue unifies next-generation SIEM, security configuration auditing, compliance automation and contextual forensic analysis into a single platform, delivering situational awareness, operational efficiency
More informationTHE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols
THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE
More informationCompleted. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method
NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method R2 Critical Asset Identification R3 Critical Cyber Asset Identification Procedures and Evaluation
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationPatching & Malicious Software Prevention CIP-007 R3 & R4
Patching & Malicious Software Prevention CIP-007 R3 & R4 Scope Compliance Assessment Summary Introspection & Analysis Program-In Review Maturity Model review Control Design review Process Components of
More informationContinuous Compliance for Energy and Nuclear Facility Cyber Security Regulations
Continuous Compliance for Energy and Nuclear Facility Cyber Security Regulations Leveraging Configuration and Vulnerability Analysis for Critical Assets and Infrastructure May 2015 (Revision 2) Table of
More informationNavigate Your Way to NERC Compliance
Navigate Your Way to NERC Compliance NERC, the North American Electric Reliability Corporation, is tasked with ensuring the reliability and safety of the bulk power system in North America. As of 2010,
More informationSIMPLIFYING THE PATCH MANAGEMENT PROCESS
SIMPLIFYING THE PATCH MANAGEMENT PROCESS www.icsupdate.com Monta Elkins Security Architect FoxGuard Solutions melkins@foxguardsolutions.com SIMPLIFYING THE PATCH MANAGEMENT PROCESS 2 SIMPLIFYING THE PATCH
More informationStandard CIP 007 3 Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for securing
More informationNERC CIP Compliance with Security Professional Services
NERC CIP Compliance with Professional Services The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is
More informationSupporting our customers with NERC CIP compliance. James McQuiggan, CISSP
Supporting our customers with NERC CIP compliance James, CISSP Siemens Energy Sector Energy products and solutions - in 6 Divisions Oil & Gas Fossil Power Generation Renewable Energy Service Rotating Equipment
More informationLogRhythm and NERC CIP Compliance
LogRhythm and NERC CIP Compliance The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is reliable, adequate
More informationGE Measurement & Control. Cyber Security for NERC CIP Compliance
GE Measurement & Control Cyber Security for NERC CIP Compliance GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used for purposes
More informationAltiris IT Management Suite 7.1 from Symantec
Altiris IT Management Suite 7.1 from Achieve a new level of predictability Data Sheet: Endpoint Management Overviewview Change is inevitable for IT and it comes from several sources: changing needs from
More informationLumension Endpoint Management and Security Suite
Lumension Endpoint Management and Security Suite Patch and Remediation Module Evaluation Guide July 2012 Version 1.1 Copyright 2009, Lumension L.E.M.S.S:LPR - Table of Contents Introduction... 3 Module
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationGE Intelligent Platforms. Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems
GE Intelligent Platforms Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems Overview There is a lot of
More informationWaterfall for NERC-CIP Compliance
Waterfall for NERC-CIP Compliance Using Waterfall s Unidirectional Security Solution to Achieve True Security & NERC-CIP Compliance Date: Jul. 2009 The material in this document is proprietary to Waterfall
More informationEffective Use of Assessments for Cyber Security Risk Mitigation
White Paper Effective Use of Assessments for Cyber Security Risk Mitigation Executive Summary Managing risk related to cyber security vulnerabilities is a requirement for today s modern systems that use
More informationCyber security tackling the risks with new solutions and co-operation Miikka Pönniö 22.9.2015
Siemens Osakeyhtiö Cyber security tackling the risks with new solutions and co-operation Miikka Pönniö 22.9.2015 Restricted Siemens Osakeyhtiö 2015. All Rights Reserved. siemens.fi/answers Cyber security
More informationProtecting productivity with Plant Security Services
Protecting productivity with Plant Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. siemens.com/plant-security-services
More informationSecure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!
Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! October 3, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber
More informationHow To Write A Cyber Security Checkout On A Nerc Webinar
AS WE PREPARE FOR OUR WEBINAR Thanks to each of you for taking the time to participate in our Webinar today, which will provide extensive insight into what is required to address the Version 5 NERC Cyber
More informationTyson Jarrett CIP Enforcement Analyst. Best Practices for Security Patch Management October 24, 2013 Anaheim, CA
Tyson Jarrett CIP Enforcement Analyst Best Practices for Security Patch Management October 24, 2013 Anaheim, CA A little about me Graduated from the University of Utah with a Masters in Information Systems
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationRethinking Cyber Security for Industrial Control Systems (ICS)
Rethinking Cyber Security for Industrial Control Systems (ICS) Bob Mick VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1 Rethinking Cyber Security We Now Have Years of Experience - Security
More informationThe Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation
The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation Copyright, AlgoSec Inc. All rights reserved The Need to Ensure Continuous Compliance Regulations
More informationPlans for CIP Compliance
Testing Procedures & Recovery Plans for CIP Compliance DECEMBER 16, 2009 Developed with: Presenters Bart Thielbar, CISA Senior Research hanalyst Sierra Energy Group, a Division of Energy Central Primer
More informationCIP-003-5 Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-5 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationTesting Control Systems
Testing Control Systems with Microsoft s Attack Surface Analyzer { Digital Bond, Inc Michael Toecker, PE ddddddddd ICSJWG October 15 th 18 th Track III { { Michael Toecker, PE Professional Engineer 8 Years
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationPatch Management Policy
Patch Management Policy L2-POL-12 Version No :1.0 Revision History REVISION DATE PREPARED BY APPROVED BY DESCRIPTION Original 1.0 2-Apr-2015 Process Owner Management Representative Initial Version No.:
More informationOlav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord
Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord Implementation of Cyber Security for Yara Glomfjord Speaker profile Olav Mo ABB
More informationSecurity. Security consulting and Integration: Definition and Deliverables. Introduction
Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data
More informationICS Cyber Security Briefing
ICS Cyber Security Briefing About John Ballentine Who is John Ballentine? Over 20 years of experience in the energy industry, including corporate and consulting roles managing cyber security and regulatory
More informationBest Practices in ICS Security for System Operators. A Wurldtech White Paper
Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationPROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191
Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3
More informationInvensys Security Compliance Platform
Data Loss Prevention DLP systems enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. These systems identify, monitor, and protect confidential
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationIntegrated Threat & Security Management.
Integrated Threat & Security Management. SOLUTION OVERVIEW Vulnerability Assessment for Web Applications Fully Automated Web Crawling and Reporting Minimal Website Training or Learning Required Most Accurate
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationDESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationMaximizing Configuration Management IT Security Benefits with Puppet
White Paper Maximizing Configuration Management IT Security Benefits with Puppet OVERVIEW No matter what industry your organization is in or whether your role is concerned with managing employee desktops
More informationTivoli Endpoint Manager. Increasing the Business Value of IT, One Endpoint at a Time
1 Tivoli Endpoint Manager Increasing the Business Value of IT, One Endpoint at a Time Endpoint Management Cost Today s Endpoint Management Challenges Drive IT Costs Up More than 50% of end users change
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationSession 14: Functional Security in a Process Environment
Abstract Session 14: Functional Security in a Process Environment Kurt Forster Industrial IT Solutions Specialist, Autopro Automation Consultants In an ideal industrial production security scenario, the
More information