2012 Honeywell Users Group Americas. Sustain.Ability. Rick Kaun - Honeywell. Cyber Security

Transcription

1 2012 Honeywell Users Group Americas Sustain.Ability. Rick Kaun - Honeywell Cyber Security 1

2 Industrial IT: Security Concerns Industrial facilities must run safely, reliably and predictably Process Control Systems were long considered immune to attack Adoption of open standards has created new security threats Industries must meet increased security expectations due to: Regulatory compliance Corporate expectation Prevalence of threats 2

3 Challenges Nothing new right? Increased Complexity Greater uptime Vibration monitoring, wireless I/O, environmental monitoring/reporting etc Increased Technology System to human ratio exploding Aging Workforce Increased Cyber Risk Stuxnet, Duqu, Flame,??? Increased Regulation NERC CIP, CFATS, Pipeline Guidelines, etc 3

4 What is the answer? Intelligent application of technology in a production environment Scalable, manageable, cost effective What is the toughest challenge? What is the true test of security? We need to run safe, reliably and expectedly Any risk to that mandate is a real risk All the controls in the world will do nothing if. Not properly applied and managed over time. This is the true risk 4

5 Management is the true challenge If security is measured by how quickly you can detect, contain, recover and improve from an incident then how you manage your program is key Security program is People, Process and Technology Some recent developments include: AWL Virtualization Cloud Computing IDS/IPS or SIEM Etc All are only effective if properly managed 5

6 Revisit the Challenge vs Solutions Increased complexity => Need more Experts! Can you hire enough Experts? Where do they sit? Increased Technology => Need more IT guys Not just IT but Process control IT. They are everywhere right? Aging Workforce => Need Bodies! No problem adding team members! Increased Cyber Risk => Need SOC? Where to even start? Skills? Cost? Increased Regulation => Need Documentation Paperwork is always current, effective and up to date! 6

7 Sample Solutions In-house versus outsource? Or Build versus buy? In my humble opinion, the future of cyber security lies in the conjoined management of security programs True partnership between owner/operator and specific support programs/organizations A large consultant/vendor can: afford to stand up an SOC Properly staff an R&D department build a 24 X 7 support center employ sufficient specialty skill sets develop and maintain a dashboard or an HMI for the security manager 7

8 Honeywell s Industrial IT Solutions Assess against industry standards, regulatory requirements and best practices Remediate focuses on the actions needed to address issues identified in the Assess phase Assure addresses methods to assure your Industrial IT solutions are functioning as designed Manage refers to the management of your Industrial IT investment, including network security 8 Evolving services and solutions for a changing Industrial IT environment

9 Cyber Security Services Advanced Securing your critical infrastructure is an evolving process with four distinct phases Basic IITS Intermediate Enhanced Functionality Expanded Capability Integrated Assessments Security Manager HMI (dashboard) Automated Compliance Tools Security Operations Center (SOC) Assurance Monitoring Role Based Authentication (RBAC) Backup/Restore Services Application Whitelisting Virtual Patching IDS/IPS Security Incident and Event Mgmt (SIEM) Forensics (Root Cause Analysis) Integration of OSS Global Ops and Matrikon ICS Assess, Remediate, Manage, Assure A/V, Patch, Remote Monitoring, Perimeter Mgmt. 9

10 DCS Agnostic Most clients have more than one DCS/SCADA system Most clients need to manage the security on all IITS vision is to partner with our clients to deploy best practice solution across your fleet of assets. 10

11 SOC/NOC Automatic monitoring and review Outsource repetitive tasks Access to high skills and tools Ad-hoc security alerts 11

12 12 Security Program Dashboard

13 Questions? Rick Kaun Business Manager, Industrial IT Solutions phone: +1 (780) cell: +1 (780) Shawn Gold Global Solution Leader, Open Systems Services phone: +1 (604) cell: +1 (604) Follow us: twitter.com/rickkaun Blog: Website: Website: 13