SCADA Security Training



Similar documents
Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

Innovative Defense Strategies for Securing SCADA & Control Systems

Industrial Cyber Security 101. Mike Spear

Roadmaps to Securing Industrial Control Systems

White Paper. 7 Steps to ICS and SCADA Security. Tofino Security exida Consulting LLC. Contents. Authors. Version 1.0 Published February 16, 2012

Safe Network Integration

SANS SCADA and Process Control Security Survey

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Rethinking Cyber Security for Industrial Control Systems (ICS)

Department of Management Services. Request for Information

What Risk Managers need to know about ICS Cyber Security

future data and infrastructure

Industrial Security for Process Automation

Utility Telecom Forum. Robert Sill, CEO & President Aegis Technologies February 4, 2008

OPC & Security Agenda

An International Perspective on Security and Compliance

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

The Importance of Cybersecurity Monitoring for Utilities

Verve Security Center

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

CyberNEXS Global Services

The State-of-the-State of Control System Cyber Security

WORKSHOP Rethinking Cyber Security for Industrial Control Systems

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

DeltaV System Cyber-Security

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

Cybersecurity in a Mobile IP World

Cyber Security Seminar KTH

Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

WHITE PAPER PROTECTING OUR CRITICAL UTILITIES WITH INTEGRATED CONTROL SYSTEMS PROTECTING OUR CRITICAL UTILITIES WITH INTEGRATED CONTROL SYSTEMS

Resilient and Secure Solutions for the Water/Wastewater Industry

You Don t Know What You Can t See: Network Security Monitoring in ICS Rob Caldwell

New Era in Cyber Security. Technology Development

Industrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities

TRIPWIRE NERC SOLUTION SUITE

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

UNIDIRECTIONAL SECURITY GATEWAYS. Utilizing Unidirectional Security Gateways to Achieve Cyber Security for Industrial Environments

Solutions and IT services for Oil-Gas & Energy markets

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

ICS Cyber Attacks: Fact vs. Fiction and Why it Matters

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005

IoT & SCADA Cyber Security Services

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?

Cyber Security and Privacy - Program 183

Robert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens

ISACA rudens konference

Communication Security Measures for SCADA Systems

Protecting Your Organisation from Targeted Cyber Intrusion

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Security Testing in Critical Systems

Session 14: Functional Security in a Process Environment

SCADA SYSTEMS AND SECURITY WHITEPAPER

Cybersecurity Guidance for Industrial Automation in Oil and Gas Applications

Are you prepared to be next? Invensys Cyber Security

IT Security and OT Security. Understanding the Challenges

2012 Honeywell Users Group Americas. Sustain.Ability. Rick Kaun - Honeywell. Cyber Security

Cyber Security Controls Assessment : A Critical Discipline of Systems Engineering

Claes Rytoft, ABB, Security in Power Systems. ABB Group October 29, 2009 Slide 1

SECURITY. Risk & Compliance Services

Document ID. Cyber security for substation automation products and systems

IEEE-Northwest Energy Systems Symposium (NWESS)

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute

SCADA Security: Challenges and Solutions

GOOD PRACTICE GUIDE PROCESS CONTROL AND SCADA SECURITY

Understanding SCADA System Security Vulnerabilities

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

GOOD PRACTICE GUIDE PROCESS CONTROL AND SCADA SECURITY

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr.

Assessing the Effectiveness of a Cybersecurity Program

Cyber Watch. Written by Peter Buxbaum

N-Dimension Solutions Cyber Security for Utilities

Meeting the Cybersecurity Standards of ANSI/ISA with Data Diodes

Logging In: Auditing Cybersecurity in an Unsecure World

13 Ways Through A Firewall What you don t know will hurt you

Using ISA/IEC Standards to Improve Control System Security

Feature. SCADA Cybersecurity Framework

Three Simple Steps to SCADA Systems Security

Roger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative

SCADA City of Raleigh. Martin Petherbridge, CPA, CIA Internal Audit Manager Shirley McFadden, CPA, CIA Senior Internal Auditor

Down the SCADA (security) Rabbit Hole. Alberto Volpatto

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

This is a preview - click here to buy the full publication

SIMPLIFYING THE PATCH MANAGEMENT PROCESS

Defending Against Data Beaches: Internal Controls for Cybersecurity

Facilitated Self-Evaluation v1.0

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

ICS CYBER SECURITY RKNEAL, INC. Protecting Industrial Control Systems: An Integrated Approach. Critical Infrastructure Protection

Transcription:

SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6

Introduction Corporate Background Axenic Ltd Since 2009, Axenic has been delivering independent information security consultancy services specialising in governance, risk and assurance. Our partners and senior staff have been involved in all aspects of ICT infrastructure design, implementation and review, with a focus on security and we have the most highly qualified and experienced Enterprise Security Architects in NZ. At Axenic, we know that good information security is a business risk discipline that empowers you to make the best use of the information assets that support your organisation in achieving its objectives. Our mission is to empower our clients to use information assets to their full potential, with confidence, by enabling informed decision making on information security and privacy risk. Axenic has delivered services to a range of Government sector, NGO and private sector organisations and has helped define the risk management framework promoted by the GCIO for NZ Government agencies while using the framework to deliver its services to those agencies. Most organisations have difficulty in getting a real understanding of the risks that they are exposed to through their use of technology. There is frequently a communication gap between those responsible for managing risk and those implementing and managing controls. Axenic has partnered with Red Tiger Security to bring its 5-day course to New Zealand in order to give the designers, implementers and operators of Industrial Control and SCADA systems an in-depth technical understanding of the risks they are required to manage. Corporate Background Red Tiger Security The founder and team members at Red Tiger Security have been leaders in securing SCADA, EMS, DCS, and process control systems since 2001. We have the right mix of Electrical Engineering, Cyber Security, Control Systems, SCADA, IT Security, Hacker Mentality, and NERC CIP compliance experience. Our team has performed over 200 SCADA Vulnerability Assessments on live operating equipment. We have written numerous whitepapers on this subject, spoken at over 75 industry conferences and workshops, planned and led NERC CIP compliance workshops, and established a 5-day training curriculum to pass on this knowledge to others. SCADA Security and compliance is our main focus and mission, and we have been doing this since 2001. Since then, we have developed into a trusted resource in the industry for SCADA Security, and we have a proven methodology specifically for executing this scope of work. The following items describe some of the areas where the Red Tiger Security team has already made a lasting impact in securing Critical Infrastructure: Conducted more than 200 security assessments of real-time, live SCADA and Industrial Process Control System environments. Sought out by the US DHS, FBI, DOD, London NISCC, Canadian PSEPC, and Australian Ministries of Defense for Critical Infrastructure Security Training from 2001 through present. web: www.axenic.co.nz phone: +64 21 689998 page 2 of 6

Consultants to Idaho National Labs, Sandia National Labs, and the US National SCADA Test Bed initiative. Active participants and authors of portions of the ISA SP99 security standard, NERC CIP energy security standard, the ISA Certified Automation Professional (CAP) Certification, and the PCIP (Professional in Critical Infrastructure Protection) certification. Keynote speakers on security at many leading security conferences from 2002 to the present. Instructors for all DHS-sponsored training courses offered through the Idaho National Labs. Developers of the 1-Day Awareness Training, 3-Day SCADA Security Intermediate, and 5-day SCADA Security Advanced Training, and trained over 1,400 professionals around the world since 2009. Appointed to the Smart Grid Networks Council in 2009, and still an active member. web: www.axenic.co.nz phone: +64 21 689998 page 3 of 6

Why Red Tiger Developed the SCADA Security Training Course Since 2001, Red Tiger have participated in over 200 security assessments of various power plants, chemical plants, refineries, pipeline systems, banks, military bases, water / waste water, and other critical infrastructure facilities. Many of the employees and system administrators working at these facilities asked us where they could obtain additional training in this field. We often referred them to several books and online resources, but many came back asking for instructor-lead, hands-on training in specific Advanced Technical topics that covered both IT security and SCADA and Critical Infrastructure Protection concepts. Many also wanted to put theoretical concepts into direct use by learning how to use hacking tools in live operations. To solve these issues, we have taken our own Red Tiger Security methodology and mindset, along with advanced hacking techniques, and weaved them into a 5-day course that applies these methodologies and techniques to attacking and defending various types of advanced technology fields that include SCADA, DCS, Building Automation, Smart Grid, Telecom, and Wireless Systems. We also built a fully functional portable SCADA Lab complete with PLCs, RTUs, Building Automation controllers, industrial DIN-rail mounted computers running embedded Windows XP, various wireless RF and telemetry products, and protocol gateways. This lab has been built to travel onsite with our instructors and all equipment is mounted on Plexiglas stands for quick assembly and teardown. In summary, the training has been designed to be mobile and bring onsite anywhere in the world, and since early 2009, we have trained over 1,400 professionals. web: www.axenic.co.nz phone: +64 21 689998 page 4 of 6

Workshop Outline Morning Session > Security Threats to ICS / SCADA Systems 1.1 Course Overview, Introductions and Ground rules Introduce the Course, Instructor, and Students Review the Workshop Outline and Ground Rules 1.2 Recent Threats to ICS / SCADA Systems Malware, Social Networking Sites, USB devices, and Smartphones APT (Advanced Persistent Threats) How Night Dragon and other C&C attacks work How Stuxnet specifically targeted SCADA computers and PLCs Other additional real-world incidents due to SCADA attacks 1.3 SCADA and DCS Vulnerabilities and Weaknesses SCADA Vulnerabilities from a data set of over 40,000 vulnerabilities from over 250 assessments performed out in the field and in industrial facilities Most Common Security Findings within SCADA and DCS Workstations, Servers, and Applications Weaknesses in Embedded Devices (PLCs and RTUs) Mid-Morning Break 1.4 Cyber Security 101 Introduction to Cyber Security CIA Defined C. I. A vs. A. I. C Cyber Attack Triangle Threat, Vulnerabilities, and Exploits Defined Examples of Threats, Vulnerabilities, and Exploits on SCADA Systems Afternoon Session > Defending ICS / SCADA Systems 1.5 SCADA Security Maturity Model and Strategic Planning Introduction to the SCADA Security Maturity Model Introduction to the ISA S99 Secure Architecture for Industrial Control Systems How to build a Strategic Roadmap for Securing ICS / SCADA Systems Where Security Assessments fit into the overall strategy, and what comes next after the assessments are complete web: www.axenic.co.nz phone: +64 21 689998 page 5 of 6

1.6 Secure Architecture Design, Network Segmentation, and Remote Access Compare and Contrast insecure and best practice network designs DMZ Architectures for SCADA Networks Review of insecure methods for remote access and dial-up solutions 2-Factor Remote Access Solutions Designed Specifically for SCADA Managing Employee, Contractor, and Vendor Access to SCADA Mid-Afternoon Break 1.7 Security Log Management and Collection Where and how to properly deploy IDS and IPS sensors Where and how to properly deploy IDS and IPS sensors HIDS versus Application Whitelisting Security Event Monitoring - what systems create events/logs? Alert Management - Incident Response 1.8 Overview of Security Control Frameworks that impact SCADA (NIST 800-53, NIST 800-82, ISA S99, CFATS, NERC CIP) Review several major SCADA Security Standards and Regulations Show how they can map to one all-inclusive security controls matrix with the NIST Cybersecurity Framework for Critical Infrastructure Systems Map components of the matrix to fundamental security capabilities: Identify, Protect, Detect, Respond, and Recover web: www.axenic.co.nz phone: +64 21 689998 page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information