Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps



Similar documents
A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

Are you prepared to be next? Invensys Cyber Security

Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v

How Secure is Your SCADA System?

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

How To Defend Against A Cyber Attack

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Cybersecurity and internal audit. August 15, 2014

Cedric Leighton, Colonel, USAF (Ret) Founder & President, Cedric Leighton Associates

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Cybersecurity. Are you prepared?

EY Cyber Security Hacktics Center of Excellence

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security

Cybersecurity Awareness. Part 1

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Discussion Draft of the Preliminary Cybersecurity Framework Illustrative Examples

Five keys to a more secure data environment

Cybersecurity and Privacy Hot Topics 2015

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

DeltaV System Cyber-Security

Presenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

Understanding SCADA System Security Vulnerabilities

Cyber Security for SCADA/ICS Networks

Getting real about cyber threats: where are you headed?

Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Lessons from Defending Cyberspace

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Risk Management in Practice A Guide for the Electric Sector

Malware isn t The only Threat on Your Endpoints

Defending Against Data Beaches: Internal Controls for Cybersecurity

ICS Cyber Security Briefing

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Energy Cybersecurity Regulatory Brief

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

Industrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities

How GCs And Boards Can Brace For The Cybersecurity Storm - Law360

Mobile Security - Mobilidade Bancária e Digital Workers. Américo Alonso, CISSP, CIS LATAM Offering Manager for CyberSecurity

SCADA Security: Challenges and Solutions

Into the cybersecurity breach

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Ahead of the threat with Security Intelligence

Securing Industrial Control Systems in the Chemical Sector. Roadmap Awareness Initiative Making the Business Case

Cybersecurity The role of Internal Audit

Working with the FBI

Phone: Fax:

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Cyber Security Initiatives and Issues

Using the HITRUST CSF to Assess Cybersecurity Preparedness 1 of 6

Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development

Qualification Specification. Level 4 Certificate in Cyber Security and Intrusion For Business

Managing IT Security with Penetration Testing

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Network Security Landscape

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

CyberReady Solutions. Integrated Threat Intelligence and Cyber Operations MONTH DD, YYYY SEPTEMBER 8, 2014

White Paper An Enterprise Security Program and Architecture to Support Business Drivers

Three Simple Steps to SCADA Systems Security

Document ID. Cyber security for substation automation products and systems

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Airports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions

White Paper. April Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

Cyber Security Incident Management

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

Communication Security Measures for SCADA Systems

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

GEARS Cyber-Security Services

How To Protect Your Business From A Cyber Attack

White Paper. Information Security -- Network Assessment

Supplier Vigilance: A Critical Layer of Defense

Audit summary of Security of Infrastructure Control Systems for Water and Transport

Cybersecurity Framework Security Policy Mapping Table

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

SECURITY. Risk & Compliance Services

Secure SCADA Summit. Dan Mintz, CTO. Civil Health Services Group Twitter: technogeezer, December 2009

Security Policy for External Customers

September 20, 2013 Senior IT Examiner Gene Lilienthal

Practical Steps To Securing Process Control Networks

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

External Supplier Control Requirements

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

A NEW APPROACH TO CYBER SECURITY

Industrial Cyber Security 101. Mike Spear

Transcription:

Agenda Introduction to SCADA Importance of SCADA security Recommended steps

SCADA systems are usually highly complex

and SCADA systems are used to control complex industries

Yet.SCADA systems are actually quite basic in nature Start Cooling Continuous Loop Start Heating

Evolving Cyber Security threats require more aggressive and proactive Cyber Security programs strategies to stay ahead of threat actors Global Cybersecurity Threat Landscape Most organizations are only prepared to handle a fraction of security concerns Known Threat Actors Vulnerabilities Unprecedented Risk Insiders Criminals State Actors Hacktivists Affinity Groups Hyper Interconnectivity of Information Systems Rapid Technological Infrastructure Expansion Hard to Define Organizational Perimeters Unprepared Workforce and Culture Dissimilar Security Models Applied Across the Enterprise Misaligned Policies Intellectual Property Theft Government and military strategy compromised Monetary Losses Operational Disruptions Theft of classified information National security at risk Media Publicity Regulator Intervention Loss of Public Confidence Representative Attacks Mahdi (2012) Trojan espionage attack designed to target Middle Eastern critical infrastructure firms, engineering students, financial services firms, and government embassies. Shamoon (2012) Saudi Aramco, the worlds largest oil producer, was targeted by hackers for the government s supposed support of oppressive measures in the Middle East. Gauss (2012) One of the most sophisticated pieces of malware yet designed to monitor bank account information and the money flow for various Middle Eastern banks. Use either Flame or Cyber Skirmishes (see subsequent slides) Source: Booz Allen Hamilton

Translating these threats into an oil & gas environment, means there are four main areas of concern Operation Sabotages Communication Interference Data Security (Database & Communication) RTU Control Center Grid Security

Many new developments in SCADA have an impact on the risks of these systems which must be mitigated Old Highly specialized Closed door operations No remote monitoring Minimal/no external integration Serial Interfaces New Becoming more common Remote monitoring and operations Increased integration with outside systems IP based communications as standard SCADA-Infrastructure Security Model Intrusion Dynamics Process Control Manipulation Process Disruption Cyber Attack on SCADA Cyber Risk Scenarios Product Disruption Physical Coupling Impact Public Response Sector Inoperability Economic Inoperability Network Security Strategies Recovery Dynamics Management Regional Risk Management Risk Management based on ISO 27001

Regular security practices are also applicable in SCADA environments (1/2) 1. Clearly define cyber security roles, responsibilities, and authorities for managers, system administrators, and users 2. Establish policies and conduct security training 3. Establish system backups and disaster recovery plans 4. Clearly identify cyber security requirements 5. Implement the security features provided 6. Establish effective configuration management processes 7. Identify and evaluate all connections to SCADA networks

The idea that SCADA systems are isolated, or air gapped, is notoriously flawed

Regular security practices are also applicable in SCADA environments (2/2) 8. Disconnect unnecessary connections to the SCADA network 9. Harden SCADA networks by removing or disabling unnecessary services 10. Do not rely on proprietary protocols to protect your system 11. Implement internal and external intrusion detection systems and establish 24 hour a day incident monitoring 12. Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns 13. Conduct physical security surveys and assess all remote sites connected to the SCADA network to evaluate their security 14. Establish a rigorous, ongoing risk management process

The ISA 99 Standard specifically addressed SCADA security and presents the Zoning / Conduit model

SCADA environments present their own unique challenges to implementing IT security measures SCADA systems usually not under control of IT SCADA systems are always on SCADA systems were never built with security in mind SCADA systems can be in remote areas SCADA systems are not always well documented and studied Liaise with Engineering team in charge of SCADA systems Include IT security updates in maintenance windows Identify work around solutions to mitigate the risks Physical security controls deserve full attention from IT security Build partnership with vendors to obtain relevant information

Thank you

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information