Critical Infrastructure Cybersecurity
|
|
- Luke Griffin
- 8 years ago
- Views:
Transcription
1 Critical Infrastructure Cybersecurity Webinar July 23, 2014 Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Kim Legelis Vice President, Marketing Lockheed Martin Industrial Defender L O C K H E E D M A R T I N I N D U S T R I A L D E F E N D E R. A L L R I G H T S R E S E R V E D.
2 Security Posture Proportional to + Program vs. Project 7/25/2014 2
3 Risk Management - A Fundamental Driver Risk Escalation is Real and Continuing Viruses More Integration More Connectivity Diverse Sophisticated Combination Attacks Criminals and Insider Threats Cyber Warfare Highly Targeted Governments Stuxnet Infected [Oil & Gas Companies] IT Networks Wall Street Journal November 2012 Obama Executive Order Redefines Critical Infrastructure Computerworld February 2013 House Democrats Report Says Power Grid is Vulnerable to Cyberattack The Washington Post May 2013 Major Cyber Attack Aimed at Natural Gas Pipeline Companies Msnbc.com May 2012 Iran Hacks Energy Firms, U.S. Says Wall Street Journal May 2013 Chinese Hackers Stole Plans For Dozens Of Critical US Weapons Systems Business Insider May 2013 Businesses Will Get More Help in Defining Risk 7/25/2014 3
4 Rethinking Cyber-Security We Now have Years of Experience Security is Complex Security Issues Cost is High Motivations for Investing in Security is Changing Solving Persistent Security Problems Securing Remote Access Accelerating Standards Development Explanation The cost of implementation and maintaining security is high, it adds nothing to the value of most manufactured products and security is never 100% no matter how much is invested. Over recent years, regulations and government involvement have driven security investments, especially in critical infrastructure industries. Regulations are likely to broaden and spread to other industries, changing security strategies significantly. One example: Patches cannot be tested and installed fast enough for systems operations because of the large variety of applications and system configurations. Consequently, the period of high exposure to successful attack is too long Effective maintenance of business assets requires that service providers remotely access the assets, yet the risk of connecting assets to the internet is high. Many approaches are used but a consistent, cost effective, and highly secure solution is needed. Standards are critical for improving security but the process is too slow and the results are barely adequate. Most standards must be adapted and extended for systems in operations. Making Sure We Are on Track Cyber security activity is intense; it is a good time to step back and be sure we are working on the right problems and solutions Are We on the Right Track? What are the Emerging Opportunities Are We Investing in the Right Security Activities? 7/25/2014 4
5 Security Is Not a One-time Investment Practices are Maturing - It Is Difficult Skills Shortage? New Business Initiatives Acquisitions Partners Regulations Cost Pressures Applications Systems New Technologies Architectures Practices Design Assess Renovate Test, Monitor, Mitigate, Adapt Audit New Vulnerabilities Threats Patches People Organizations Governments Cyber Security is a Very Dynamic Activity Continued Investment is Required 7/25/2014 5
6 Evolutionary Security Maturity Where Are You Today? Intelligence Driven Defense (Predictive) Cyber Intelligence Integrated in Operations Sustainable Security (Proactive) Automation and Efficient IT/OT Process Integration Compliant Security (Reactive) Procedures and Documentation Basic Security Foundational Security Technologies Developing a Security Roadmap is Essential to Your Long Term Program Success Where Do You Want to be Tomorrow? 7/25/2014 6
7 Integrated Risk Management at All Levels Board of Directors Aware of Cyber Threats Ensures Controls and Adequate Resources Exist Understands Risk Exposure Executive Management Alignment of Resources to Risk Measures Success of Cyber Defenses Ensures Return on Security Investment Cyber Intel Analysts Understands the Adversary Derives Intelligence from Internal & External Sources Integrates Cyber Intelligence into Security Operations 7/25/2014 7
8 Understand the Challenges Business Adverse impact on critical infrastructure from potential cyber attacks Increasing level of government oversight and regulatory interest Complex mix of IT and OT environments Disciplined programmatic approaches to safety and availability Business investment constraints Security staffing and training challenges for security Varying security maturity levels across business areas & supply chains Measure of security effectiveness/roi Operational Fragmented situational awareness across the enterprise Overabundance of technology point solutions Challenged to stay ahead of the threat landscape Priority & fidelity of intelligence sources Strategic and sustainable cybersecurity roadmap Governance & risk management Regulatory reporting requirements (internal & external) Uptime and reliability drivers 7/25/2014 8
9 Unique Requirements of IT & OT Enterprise IT Systems Management Business critical Confidentiality and integrity take priority reboot common Transactional orientation HP, Cisco, McAfee, etc. PCs, servers and cloud Web services model is dominant Many commercial OTC software products installed Protocol is primarily HTTP/HTTPS over TCP/IP - widely known Office environment, plus mobile Governance and compliance OT Systems Management Safety first Zero downtime focus & real-time focus Few people; many, many devices ABB, Siemens, GE, Honeywell, Emerson, etc. Sensors, Controllers, Servers, Industrial Devices (IED, RTU, PLC) Polled process control model Purpose-specific devices Industrial Protocols: ICCP, Modbus, DNP3, some over TCP/IP Harsh operating plant environments Industry regulations 7/25/2014 9
10 Threat Trends for Control Systems 7/25/
11 Impacts to Automation Systems Loss of Control, Production and Physical Damage STUXNET Exfiltration of data related to ICS DUQU Theft of legitimate user accounts Flame Espionage, Data theft Gauss Operator Error 7/25/
12 Technology Sophistication Security Evolution in Industrial Control Systems Firewalls Business connectivity Locks on the Door Intrusion Detection Network Based Host Based Known Bad Industrial Protocols Alarm Sensors Event Monitor Central Logging Monitor and respond Alert on Events of interest Log everything and apply forensics Incident Management Flight recorder Intrusion Prevention Network Based Host Based Deep packet inspection Known Bad signatures Known Good Signatures Whitelisting System hardening System locked down Security Management Automate manual process Enforce policy, process & procedures Leverage baselines Manage changes Audit reporting Continuous assessments Attestation data Doing it and Proving you are doing it Today 7/25/
13 Converging Challenges Improving cybersecurity, addressing compliance mandates, and enhancing operational effectiveness. Cybersecurity Threats exist from both malicious outsiders and well-intentioned insiders. Compliance Increasing external oversight from government (NERC CIP, BSI). Internal compliance with corporate policies, industry associations and best practices (NIST, CPNI, ISA99, API 1164, etc.) Change Management Need to know what assets are in your environment and when changes are made to those assets. 7/25/
14 Automation Systems Balancing Act Secure, Comply Gain Operational Advantage Security We need to do it Insurance Compliance We have to do it Corporate tax Operational Management We want to do it! Business Advantage! Striving for Operational Excellence via Improved, Reliability, Availability, Health and Safety 7/25/
15 Operational Challenges Balancing operational requirements with emerging cybersecurity, compliance and change management requirements: More complex automation systems Budgetary pressure Need for increased security Increasing compliance requirements Fewer resources and increasing skill set gaps Limited resources to allocate for change management and business process requirements 7/25/
16 Meeting the Challenge Vendor agnostic offering across disparate asset base Reduced manual labor through automation More complex automation systems Budgetary pressure Integrated defense-in-depth Need for increased security Automated collection tools and standardized reports Ease-of-use software. Outsourced partnership options Baseline archiving, variances, workflow, trouble-ticketing Increasing compliance requirements Fewer resources and increasing skill set gaps Limited resources to allocate for change management and business process requirements 7/25/
17 Lockheed Martin Cyber Security Solutions Risk Assessment Lockheed Martin Intelligence Driven Defense Risk Mitigation Risk Management Professional Services Enterprise Solutions Managed Services Intelligence Situational Awareness Actionable Intelligence 7/25/
18 Lockheed Martin Comprehensive Portfolio Intelligence Driven Defense Portfolio Professional Services Enterprise Solutions Managed Service Intelligence Security Risk assessment Cyber Architecture Systems Integration Incident Response SIC/SOC Transformation IT/SOC Insource/Outsource Training Cyber Intelligence Management Automation (OT) Systems Management Solution External and Insider Threat ID Solutions Security Education & Awareness SOC/SIC/MSSP Services Advanced Threat Mitigation LM & Classified Intelligence Analysis-on-Demand Managed IT Intelligence Driven Defense Cyber Kill Chain Analysis Industry-Specific and Cross-Industry Visibility 12-year Knowledge Base Across >25 SOC/SICs Risk Assessment Risk Mitigation Risk Management Risk Lifecycle Over 3,000 Cyber-Security Professionals on Staff 7/25/
19 Industrial Defender s ASM Architecture Asset Event Configuration Policy Compliance Work Automation Optional Agent Automation Systems End-Points 7/25/
20 Applications Asset Management Event Management Configuration Management A single unified view of all assets enables onboarding and decommissioning of assets, device status reporting, information access and state information. Brings visibility to control system and networks by providing event log data from multiple security sources, centralizes operations and reduces expenses. Track and audit device settings, software, firewall rules and user accounts and view and baseline the system configurations, ports & services, and software. Policy Management Communicate new policies, track acceptance and manage conformance. Compliance Reporting Work Automation Suite A comprehensive suite of standard configurable reports to meet audit requirements, internal or external. Enables users to define, generate and automate reports as needed. Integrates document management, ticketing, and reporting as part of a structured workflow enabling ICS professionals to initiate, track, approve, document, and report on changes made to control system assets. 7/25/
21 Capabilities Event logging, correlation, and archiving Customizable user interface dashboards Scalable architecture Configuration change management File integrity monitoring Device configuration file archiving Network traffic monitoring Critical process & service monitoring Report subscriptions User account change identification Network & system health and performance Analyze changes across asset base & environment Maintain central configuration policy Collect & report on settings, accounts, configurations Manage hardened electronic security perimeter Extensive Capabilities on a Single Platform 7/25/
22 In Depth Integration Integration with: ABB 800xA, ABB Symphony/Harmony, ABB Infi90, ABB FACTS and ABB SYS600C & MicroSCADA, Ventyx Network Manager Elster Calisto & EnergyAxis Emerson DeltaV and Emerson Ovation GE XA / 21 & PowerOn FUSION Foxboro I/A Series Honeywell Experion Itron OpenWay System Rockwell RSView Schneider Electric Momentum, Quantum, OASyS, Citec Siemens PCS7 and many more! Operating Systems Windows NIT, 2003, NT, 7, 8 HP-UX PA-RISC & Itanium Linux DEC Tru-64 Sun Solaris IBM AIX Industrial Rules DNP3 Modbus ICCP IEC Siemens S7 Protocol TCP/IP 7/25/
23 Industrial Defender FleetView Unprecedented situational awareness for control systems. a a a a Aggregates data across all sites for improved visibility Easily view trends over time at site-bysite level, or to specific systems and assets Quickly spot trends in changes between groups of assets including firewalls, switches, or routers Compare changes over time to see where anomalies exist for process improvements 7/25/
24 The Industrial Defender Platform is Open in its Ability to Integration with Enterprise IT & Security Systems Integrate with Enterprise IT & Security Systems Third Party Threat Intelligence Threat Intelligence Feeds Systems Management Change Management Policy Management Patch Management Infrastructure/Utility Event, Log Data End-Point Data Compliance SIEM 7/25/
25 Industrial Defender Solutions Simplify and scale with a complete turnkey solution. Asset Event Configuration Policy Compliance Work Automation a Infrastructure Address resource and expertise challenges with a single view, vendor agnostic platform. a Applications Tackle increasing security, compliance and change management challenges despite resource constraints. a Services Partner with Lockheed Martin s OT-experienced team so your team can deliver on reliability and availability of your systems. 7/25/
26 Best Practices Recommendation 1. Encourage Dialogue between the key stakeholders Engineering, Enterprise Security and Operations 2. Keep a regular inventory of Applications and Infrastructure dependencies Hardware, software, interdependencies 3. Understand that many OT systems were not designed with Security in mind Availability and operational efficiency 4. Understand your cybersecurity maturity Create an ongoing program 5. Ensure situational awareness across the entire organization: IT &OT Understand the differing requirements for cybersecurity Leverage vendors and expertise unique to your business and operations 7/25/
27 Questions Please use the Ask a Question button at the top of the Player to interactively text your questions in to our presenter Want to know more about Industrial Defender ASM? Join a Product Webinar and Demonstration: or visit 7/25/
28
A Tactical Approach to Continuous Compliance. Walt Sikora, Vice President Security Solutions EMMOS 2013
A Tactical Approach to Continuous Compliance Walt Sikora, Vice President Security Solutions EMMOS 2013 Abstract NERC has moved quickly to address shortcomings and lack of clarity in previous versions of
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?
ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? Agenda Threats Risk Assessment Implementation Validation Advanced Security Implementation Strategy
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationCOMPANY PROFILE- INDUSTRIAL DEFENDER
COMPANY PROFILE- INDUSTRIAL DEFENDER MarketsandMarkets sales@marketsandmarkets.com www.marketsandmarkets.com MarketsandMarkets is a global market research and consulting company based in the U.S. We publish
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationThe Importance of Cybersecurity Monitoring for Utilities
The Importance of Cybersecurity Monitoring for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationTRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationBest Practices in ICS Security for System Operators. A Wurldtech White Paper
Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationGE Measurement & Control. Cyber Security for NERC CIP Compliance
GE Measurement & Control Cyber Security for NERC CIP Compliance GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used for purposes
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationFrost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends
Frost & Sullivan s Aerospace, Defence & Security Practice Global Industrial Cyber Security Trends Presented by Philipp Reuter Director Frost & Sullivan, Turkey 1 Worth over $ 50 Billion globally in 2014
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More informationINTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT
Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationDefending against modern cyber threats
Defending against modern cyber threats Protecting Critical Assets October 2011 Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda 1. The seriousness of today s situation
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationBREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT
BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT Rashmi Knowles RSA, The Security Division of EMC Session ID: Session Classification: SPO-W07 Intermediate APT1 maintained access to
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationEnterprise Cybersecurity: Building an Effective Defense
: Building an Effective Defense Chris Williams Scott Donaldson Abdul Aslam 1 About the Presenters Co Authors of Enterprise Cybersecurity: How to Implement a Successful Cyberdefense Program Against Advanced
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationOlav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord
Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord Implementation of Cyber Security for Yara Glomfjord Speaker profile Olav Mo ABB
More informationCYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric Challenges What challenges are there for Cyber Security in Industrial
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationEnterprise Security. Moving from Chaos to Control with Integrated Security Management. Yanet Manzano. Florida State University. manzano@cs.fsu.
Enterprise Security Moving from Chaos to Control with Integrated Security Management Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Enterprise Security Challenges Implementing
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,
More informationRethinking Cyber Security for Industrial Control Systems (ICS)
Rethinking Cyber Security for Industrial Control Systems (ICS) Bob Mick VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1 Rethinking Cyber Security We Now Have Years of Experience - Security
More informationDocument ID. Cyber security for substation automation products and systems
Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationThe IBM Solution Architecture for Energy and Utilities Framework
IBM Solution Architecture for Energy and Utilities Framework Accelerating Solutions for Smarter Utilities The IBM Solution Architecture for Energy and Utilities Framework Providing a foundation for solutions
More informationCyber Security Seminar KTH 2011-04-14
Cyber Security Seminar KTH 2011-04-14 Defending the Smart Grid erik.z.johansson@se.abb.com Appropriate Footer Information Here Table of content Business Drivers Compliance APT; Stuxnet and Night Dragon
More informationEndpoint Security for DeltaV Systems
DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security
More informationIBM SECURITY QRADAR INCIDENT FORENSICS
IBM SECURITY QRADAR INCIDENT FORENSICS DELIVERING CLARITY TO CYBER SECURITY INVESTIGATIONS Gyenese Péter Channel Sales Leader, CEE IBM Security Systems 12014 IBM Corporation Harsh realities for many enterprise
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationIndustrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities
Industrial Cyber Security Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities WE HEAR ABOUT CYBER INCIDENTS EVERY DAY IN THE NEWS, BUT JUST HOW RELEVANT ARE THESE
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationSymantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it
Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationWorldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares
EXCERPT Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares IN THIS EXCERPT Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationEnCase Endpoint Security Product Overview
GUIDANCE SOFTWARE EnCase Endpoint Security EnCase Endpoint Security Product Overview Detect Sooner. Respond Faster. Recover Effectively. GUIDANCE SOFTWARE EnCase Endpoint Security EnCase Endpoint Security
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationISACA rudens konference
ISACA rudens konference 8 Novembris 2012 Procesa kontroles sistēmu drošība Andris Lauciņš Ievads Kāpēc tēma par procesa kontroles sistēmām? Statistics on incidents Reality of the environment of industrial
More informationOperational Continuity
Solution Brief Operational Continuity Achieve Maximum Uptime In a recent speech, Omar Sherin of the Qatar CERT, shared how they shifted their focus from protection and detection to response in the wake
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationDas sollte jeder ITSpezialist über. Automations- und Produktionsnetzwerke wissen
Das sollte jeder ITSpezialist über Automations- und Produktionsnetzwerke wissen Frank Schirra, Rockwell Automation Solution Architect Edi Truttmann, Cisco Systems Network Solution Sales Specialist 2012
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationPROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191
Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3
More informationManaged Security Services
Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationCurrent IBAT Endorsed Services
Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network
More informationOPC & Security Agenda
OPC & Security Agenda Cyber Security Today Cyber Security for SCADA/IS OPC Security Overview OPC Security Products Questions & Answers 1 Introduction CYBER SECURITY TODAY The Need for Reliable Information
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationMaturation of a Cyber Security Incident Prevention and Compliance Program
Maturation of a Cyber Security Incident Prevention and Compliance Program Utilities & Energy Compliance & Ethics Conference February 25, 2013 Houston, Texas Anna Wang Principal Consultant Imminent Cyber
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationCLOUD GUARD UNIFIED ENTERPRISE
Unified Security Anywhere CLOUD SECURITY CLOUD GUARD UNIFIED ENTERPRISE CLOUD SECURITY UNIFIED CLOUD SECURITY Cloudy with a 90% Chance of Attacks How secure is your cloud computing environment? If you
More informationManaged Security Services for Data
A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified
More informationHP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise
HP ENTERPRISE SECURITY Protecting the Instant-On Enterprise HP SECURITY INTELLIGENCE AND RISK MANAGEMENT PLATFORM Advanced Protection Against Advanced Threats 360 Security Monitoring to Detect Incidents
More informationIBM Security Intelligence Strategy
IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationIT S TIME TO RETHINK SECURITY MANAGEMENT A Resource for the Security Professional
IT S TIME TO RETHINK SECURITY MANAGEMENT A Resource for the Security Professional ONE STEP AHEAD TABLE OF CONTENTS IT S TIME TO RETHINK SECURITY MANAGEMENT 03 INTRODUCTION 05 START SOLVING REAL PROBLEMS
More information2012 North American Managed Security Service Providers Growth Leadership Award
2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationFirst Line of Defense
First Line of Defense SecureWatch ANALYTICS FIRST LINE OF DEFENSE OVERVIEW KEY BENEFITS Comprehensive Visibility Gain comprehensive visibility into DDoS attacks and cyber-threats with easily accessible
More informationwhitepaper 4 Best Practices for Building PCI DSS Compliant Networks
4 Best Practices for Building PCI DSS Compliant Networks Cardholder data is a lucrative and tempting target for cyber criminals. Recent highly publicized accounts of hackers breaching trusted retailers
More informationCyber Security nei prodotti di automazione
Cyber Security nei prodotti di automazione Marco Biancardi, ABB SpA, Power System Division 11 dicembre 2013, Roma Why is it an issue? Isolated devices Point to point interfaces Proprietary networks Standard
More informationSITUATIONAL AWARENESS MITIGATE CYBERTHREATS
Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events
More informationEcom Infotech. Page 1 of 6
Ecom Infotech Page 1 of 6 Page 2 of 6 IBM Q Radar SIEM Intelligence 1. Security Intelligence and Compliance Analytics Organizations are exposed to a greater volume and variety of threats and compliance
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationProtecting productivity with Plant Security Services
Protecting productivity with Plant Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. siemens.com/plant-security-services
More information