Smart Grid Security: Threats, Vulnerabilities & Potential Countermeasures. Everardo Trujillo, Smart Grid Principal October 4th, 2012
|
|
- Dennis Kelley Chase
- 7 years ago
- Views:
Transcription
1 Smart Grid Security: Threats, Vulnerabilities & Potential Countermeasures Everardo Trujillo, Smart Grid Principal October 4th, Confiden)al & Proprietary -
2 WHAT IS SMART GRID? A smart grid (SG) delivers electricity from suppliers to consumers using digital technology to save energy, reduce cost and increase reliability and transparency. It is a modernized electricity network which is being utilized as a way of addressing energy independence, global warming and emergency resilience issues. CA Energy Commission The Smart Grid will empower customers to have better control over their energy usage, increased renewable generation, integrates plug-in electric vehicles and reduced greenhouse gas emissions while maintaining and improving system reliability, operational efficiency and customer privacy. SDG&E 2
3 WHAT IS SMART GRID? A Smart Grid should have the following characteristics: Self healing from power disturbance events Enabling active participation by consumers in demand response Operating resiliently against physical and cyber attack Accommodating all generation and storage options Enabling new products, services, and markets Optimizing assets and operating efficiently 3
4 WHAT IS SMART GRID? 4 - Confiden'al & Proprietary -
5 SMART GRID BENEFITS Smart Grid technology enables us to monitor electricity consumption & more efficiently control supply to consumers. Improves power reliability & quality. Improves resilience to disruption. Enables predictive maintenance and self-healing responses to system disturbances. Expanded deployment of renewable energy resources. Automates maintenance & operation. Enables transition to plug-in electric vehicles & new energy storage options 5
6 SMART GRID THREATS Link to embedded clip: SITUATIONS LIKE THIS ONE KEEPS US SECURITY GUYS UP AT NIGHT! This same technology/system, if corrupted, could also be used to carry out real-time surveillance, determine personal behavior patterns, & possibly facilitate identity theft, consumption theft, etc. 6
7 SMART GRID THREATS United States Computer Emergency Readiness Team (US-CERT) identifies the following threat sources for Control Systems: National Governments Terrorists Industrial Spies & Organized Crime Groups Hacktivists Hackers 7
8 SMART GRID THREATS 8
9 SMART GRID THREATS 9 - Confiden'al & Proprietary -
10 SMART GRID THREATS Lack of Awareness (Utilities & Vendors) Customer data storage (ASP) Physical Threats Unintentional (earthquakes, fires, RF interference, wind, floods) Intentional (device tampering, theft) Supply Chain (rouge chips) Cyber Threats Customer Privacy (exposure to customer data) Theft (customer theft of usage) Terrorists (DoS, Backdoors) Social Engineering Spear phishing Insider threat, disgruntled employee 10
11 SMART GRID VULNERABILITIES PEOPLE Lack of understanding of security risk to control systems Not understanding the technical & security impacts of not having security policies or their implementation on Control Systems Control System owners not having cybersecurity skills needed to protect against cyber attacks. Over all security awareness (USB devices, spear phishing) PROCESS Insufficient standardization of process and regulations North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) National Institute of Standards and Technology (NISTR 7628 Volume 1) Lack of training for Control System administrators 11
12 SMART GRID VULNERABILITIES TECHNOLOGY Control networks rarely have a QA system Unsecured protocols for device management Network Communication Use of unsecured communication protocols (MODBUS, DNP3, FTP) Network Architecture not adequate for security needs Endpoint security Firmware no support for incremental security changes No formal SDLC by vendor, prevents proper implementation of security controls UI to devices Lack of Patch Management By both vendors & utilities 12
13 COUNTERMEASURES PEOPLE AWARENESS! Upper Management support (top down) PROCESS RFP evaluation of vendors should include security section Contractual language should include security section DHS Cyber Security Procurement Language for Control System (link) Utilities to formally publish internal security program (policies, guidelines, procedures) and ensure compliance NERC-CIP, currently being considered to expand to distribution Consistent security standards are needed for SG devices, sanctioned by a government agency Supply chain verification Manufacturer installing rouge chipsets, malware, etc. 13
14 COUNTERMEASURES TECHNOLOGY We can t wait Search for 3 rd party solutions to address technical deficiencies ICS Firewalls, ICS Gateways, ICS config management solution, Logging Hardening guides for end point devices Establish a relationship with vendors Regulations are needed from a Government perspective Specific regulations in regards to SG security requirements Vendors to provide anti tampering mechanisms, alerting capabilities Ruggedized devices that can withhold heat, water, dust, etc. Deploy sensors (report back to utility) Vulnerability Management Test, and re-test. 3 rd party pen testing 14
15 Questions Everardo Trujillo: - Confiden)al & 15
Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP
Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP July 25, 2014 Topics Improved 4G Communications Mobile Devices Cyber Security Threats Cyber Security Guidance
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationDocument ID. Cyber security for substation automation products and systems
Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has
More informationSmart Grid Security: A Look to the Future
Smart Grid Security: A Look to the Future SESSION ID: TECH-W03A Gib Sorebo Chief Cybersecurity Technologist Leidos @gibsorebo Overview Distributed Energy Plug-in Vehicles Evolving Threats: Market Manipulation,
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationPanel Session: Lessons Learned in Smart Grid Cybersecurity
PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationEEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project
EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationCIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System
CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System Purpose CIP-005-5 R2 is focused on ensuring that the security of the Bulk Energy System is not compromised
More informationCyber Security Seminar KTH 2011-04-14
Cyber Security Seminar KTH 2011-04-14 Defending the Smart Grid erik.z.johansson@se.abb.com Appropriate Footer Information Here Table of content Business Drivers Compliance APT; Stuxnet and Night Dragon
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationStrategic Plan On-Demand Services April 2, 2015
Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on
More informationSupporting our customers with NERC CIP compliance. James McQuiggan, CISSP
Supporting our customers with NERC CIP compliance James, CISSP Siemens Energy Sector Energy products and solutions - in 6 Divisions Oil & Gas Fossil Power Generation Renewable Energy Service Rotating Equipment
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationFacilitated Self-Evaluation v1.0
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) Patricia Hoffman Facilitated Self-Evaluation v1.0 Assistant Secretary Office of Electricity Delivery and Energy Reliability U.S.
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationBEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT
BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT Utility Sector Best Practices for Cyber Security Supply Chain Risk Management Discussion with Chief Information Officer (CIO) Overview The safety and
More informationCyber security measures in protection and control IEDs
Cyber security measures in protection and control IEDs K. Hagman 1, L.Frisk 1, J. Menezes 1 1 ABB AB, Sweden krister.hagman@se.abb.com Abstract: The electric power grids and power systems are critical
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationAn Oracle White Paper May 2009. Smart Grid Basics. Turning Information into Power
An Oracle White Paper May 2009 Smart Grid Basics Turning Information into Power Introduction The Smart Grid is a vision of a better electricity delivery infrastructure. Smart Grid implementations dramatically
More informationMaturation of a Cyber Security Incident Prevention and Compliance Program
Maturation of a Cyber Security Incident Prevention and Compliance Program Utilities & Energy Compliance & Ethics Conference February 25, 2013 Houston, Texas Anna Wang Principal Consultant Imminent Cyber
More informationJim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA
Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA About Us... Public company traded on the New York Stock Exchange (CNP) Headquartered in Houston, TX Operating 3 business segments
More informationAsset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure
Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure Presentation to the U.S. Department of Energy by the IEEE Joint Task Force on QER Trends: Resilience
More information2012 Smart Grid Peer Review Meeting San Diego, CA. Los Angeles Department of Water and Power Smart Grid Regional Demonstration Program
2012 Smart Grid Peer Review Meeting San Diego, CA Los Angeles Department of Water and Power Smart Grid Regional Demonstration Program Mukhles Bhuiyan Program Director June 8, 2012 Smart Grid Regional Demonstration
More informationEnergy Cybersecurity Regulatory Brief
Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider
More informationHow To Secure A Wireless Utility Network
Utilities Facing Many Challenges Cyber Security Is One Area Where Help Is Available Executive Summary Utilities are in the crosshairs of many forces in the world today. Among these are environmental global
More informationSecurity Orchestration with IF-MAP
Security Orchestration with IF-MAP Gary Holland, Lumeta/IMRI 2 November 2011 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Trusted Network Connect Explanation of IF-MAP
More informationHow To Protect Water Utilities From Cyber Attack
Cybersecurity in the Water Sector Copyright 2015 American Water Works Association Overview Reality of the Threat Environment Water Sector Cyber Risk Management Key Resources Connectivity = Exposure Process
More informationUtility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security
Boeing Defense, Space & Security Ventures Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Tristan Glenwright - Boeing BOEING is a trademark of Boeing Management Company. The
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationCyber Security. Smart Grid
Cyber Security for the Smart Grid Peter David Vickery Executive Vice President N-Dimension Solutions Inc. APPA National Conference June 21, 2010 Cyber Security Solutions For Cyber Security
More informationSecurity Coordination with IF-MAP
Security Coordination with IF-MAP Matt Webster, Lumeta 28 Sept 2010 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Recap of TNC Explanation of IF-MAP What is IF-MAP?
More informationWhy we Need Standards for Breaking the Smart Grid
Why we Need Standards for Breaking the Smart Grid Stephen McLaughlin 2012 Western Energy Policy Research Conference 1 NISTIR 7628 The organization assesses the security requirements in the Smart Grid information
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationA New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager
A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks Alex Leemon, Sr. Manager 1 The New Cyber Battleground: Inside Your Network Over 90% of organizations have been breached
More informationMANAGE THIRD PARTY RISKS
SECURITY FOR INDUSTRIAL CONTROL SYSTEMS MANAGE THIRD PARTY RISKS A GOOD PRACTICE GUIDE Disclaimer Reference to any specific commercial product, process or service by trade name, trademark, manufacturer,
More informationSCADA Security: Challenges and Solutions
SCADA Security: Challenges and Solutions June 2011 / White paper by Metin Ozturk, Philip Aubin Make the most of your energy Summary Executive Summary... p 2 Protecting Critical Infrastructure Includes
More informationARC INDUSTRY FORUM 2015
ARC INDUSTRY FORUM PRESENTATION TOPIC: MANAGING INDUSTRIAL CYBER SECURITY RISK Tyler Williams Manager, Industrial Cyber Security Shell Global Solutions tyler.williams@shell.com 1 THE TRADITIONAL APPROACH
More informationEnabling the SmartGrid through Cloud Computing
Enabling the SmartGrid through Cloud Computing April 2012 Creating Value, Delivering Results 2012 eglobaltech Incorporated. Tech, Inc. All rights reserved. 1 Overall Objective To deliver electricity from
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationExecutive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.
Executive Summary Statement of Nadya Bartol Vice President, Industry Affairs and Cybersecurity Strategist Utilities Telecom Council Before the Subcommittee on Oversight and Subcommittee on Energy Committee
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationIncluding Threat Actor Capability and Motivation in Risk Assessment for Smart Grids
CPSR-SG 2016: Joint International Workshop on Cyber-Physical Security and Resilience in Smart Grids, 12th April 2016, Vienna Security for smart Electricity GRIDs Including Threat Actor Capability and Motivation
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationSecurity in the smart grid
Security in the smart grid Security in the smart grid It s hard to avoid news reports about the smart grid, and one of the media s favorite topics is security, cyber security in particular. It s understandable
More informationHow To Create Situational Awareness
SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules
More informationHow Much Cyber Security is Enough?
How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right
More informationBest Practices to Improve Breach Readiness
Best Practices to Improve Breach Readiness Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC http://blog.emc2.de/trust-security @RobtWesGriffin 1 Security Breaches 2 Security
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationWilliam Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly
William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly Ramesh Karri (rkarri@poly.edu) Associate Professor, Electrical and Computer Engineering NYU-Poly Why is cyber
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationCG Automation Solutions USA
CG Automation Solutions USA (Formerly QEI Inc.) Automation Products and Solutions CG Automation Works for You INDUSTRY SOLUTIONS Electric T&D Utilities Renewable Energy Transit Authorities Public Power
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationEnterprise Security Platform for Government
Enterprise Security Platform for Government Today s Cybersecurity Challenges in Government Governments are seeking greater efficiency and lower costs, adopting Shared Services models, consolidating data
More informationIndustrial Control System Cyber Security
2012 Honeywell Users Group Asia Pacific Sustain.Ability. Industrial Control System Cyber Security 1 Honeywell Process Solutions Cyber Security Architect Global Architect Team Mike Baldi Responsible for
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationFrost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends
Frost & Sullivan s Aerospace, Defence & Security Practice Global Industrial Cyber Security Trends Presented by Philipp Reuter Director Frost & Sullivan, Turkey 1 Worth over $ 50 Billion globally in 2014
More informationCyber Infrastructure for the Smart Grid
Cyber Infrastructure for the Smart Grid Dr. Anurag K. Srivastava, Dr. Carl Hauser, and Dr. Dave Bakken Smart Grid Use Cases: Part 2 SGIC Xcel Energy SG Xcel Energy A public Service company of Colorado
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationRisk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit
Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationHow-To Guide: Cyber Security. Content Provided by
How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses
More informationThe Internet of Things (IoT) Opportunities and Risks
Session No. 744 The Internet of Things (IoT) Opportunities and Risks David Loomis, CSP Risk Specialist Chubb Group of Insurance Companies Brian Wohnsiedler, CSP Risk Specialist Chubb Group of Insurance
More informationIntroduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec
Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing
More informationTest di sicurezza in ambienti Smart Grid e SCADA
Test di sicurezza in ambienti Smart Grid e SCADA Simone Riccetti, IBM Italy simone.riccetti@it.ibm.com Agenda SCADA/Smart Grid overview SCADA/Smart Grid security issues Security test challenges Testing
More informationGE Measurement & Control. Cyber Security for Industrial Controls
GE Measurement & Control Cyber Security for Industrial Controls Contents Overview...3 Cyber Asset Protection (CAP) Software Update Subscription....4 SecurityST Solution Options...5 Centralized Account
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationGOOD PRACTICE GUIDE PROCESS CONTROL AND SCADA SECURITY
GOOD PRACTICE GUIDE PROCESS CONTROL AND SCADA SECURITY GUIDE 5. MANAGE THIRD PARTY RISK This guide is designed to impart good practice for securing industrial control systems such as: process control,
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationReducing Configuration Complexity with Next Gen IoT Networks
Reducing Configuration Complexity with Next Gen IoT Networks Orama Inc. November, 2015 1 Network Lighting Controls Low Penetration - Why? Commissioning is very time-consuming & expensive Network configuration
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationIndustrial Cyber Security 101. Mike Spear
Industrial Cyber Security 101 Mike Spear Introduction Mike Spear Duluth, GA USA Global Operations Manager, Industrial Cyber Security Mike.spear@honeywell.com Responsible for the Global Delivery of Honeywell
More informationIntroduction. Along with consulting, I previously. developing regulatory policy initiatives
1 Customer Data Privacy in AMI Applications Will McNamara Sr. Manager, Energy & Utilities West Monroe Partners 2 Introduction Will McNamara, Senior Manager, and Lead for WMP s Regulatory Support & Stakeholder
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationRobert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens
Robert Malmgren Smart Grid Security Challenges - Legacy and Infrastructure Burdens Short bio Robert Malmgren Independent consultant that have worked with utility companies regarding IT- and info sec since
More informationThe State of Industrial Control Systems Security and National Critical Infrastructure Protection
The State of Industrial Control Systems Security and National Critical Infrastructure Protection Emerging Threats Tinuade Adesina, Lulea University of Technology Sweden IT Security for the Next Generation
More informationCDM Hardware Asset Management (HWAM) Capability
CDM Hardware Asset Management (HWAM) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Table of Contents 1 PURPOSE AND SCOPE... 2 2 THREAT
More informationBEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA ) ) ) ) ) )
BEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA Order Instituting Rulemaking on the Commission s Own Motion to Improve Distribution Level Interconnection Rules and Regulations for Certain
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationSymantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it
Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection
More informationARC Forum Orlando 2015 Building a Secure Industrial Internet of Things
ARC Forum Orlando 2015 Building a Secure Industrial Internet of Things Sid Snitkin Vice-President & GM Enterprise Advisory Services ARC Advisory Group srsnitkin@arcweb.com Session Overview ARC Presentation
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationThe Importance of Cybersecurity Monitoring for Utilities
The Importance of Cybersecurity Monitoring for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationSCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP
SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationPROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191
Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationTop 10 Tips to Keep Your Small Business Safe
Securing Your Web World Top 10 Tips to Keep Your Small Business Safe Protecting your business against the latest Web threats has become an incredibly complicated task. The consequences of external attacks,
More informationWater Sector Initiatives on Cyber Security. Water Sector Cyber Security Symposium Dallas, TX August 15, 2013
Water Sector Initiatives on Cyber Security Water Sector Cyber Security Symposium Dallas, TX August 15, 2013 Presentation Outline The water sector Interdependencies with other critical infrastructure sectors
More informationCyber Security. Doug Houseman Doug@Enernex.com. Engineering Consulting Research. Modeling Simulation Security. The Practical Grid Visionaries TM
Cyber Security Engineering Consulting Research Modeling Simulation Security Doug Houseman Doug@Enernex.com The Practical Grid Visionaries TM Warnings The costs given are based on prior projects They may
More informationCybersecurity. Are you prepared?
Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data
More information