Network/Cyber Security



Similar documents
Critical Controls for Cyber Security.

INCIDENT RESPONSE CHECKLIST

Presented by: Mike Morris and Jim Rumph

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Security for. Industrial. Automation. Considering the PROFINET Security Guideline

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

IT Security Risks & Trends

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Your security is our priority

1B1 SECURITY RESPONSIBILITY

Securing Web Applications...at the Network Layer

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

SANS Top 20 Critical Controls for Effective Cyber Defense

PCI DSS Requirements - Security Controls and Processes

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Information Security for the Rest of Us

How To Secure Your System From Cyber Attacks

Section 12 MUST BE COMPLETED BY: 4/22

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Designing a security policy to protect your automation solution

Building A Secure Microsoft Exchange Continuity Appliance

Jort Kollerie SonicWALL

Client Security Risk Assessment Questionnaire

The Protection Mission a constant endeavor

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

LogRhythm and PCI Compliance

Central Agency for Information Technology

Supplier Information Security Addendum for GE Restricted Data

Supplier Security Assessment Questionnaire

Payment Card Industry (PCI) Data Security Standard. Summary of Changes from PCI DSS Version 2.0 to 3.0

The Information Security Problem

Information Technology Security Procedures

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

13 Ways Through A Firewall

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited

Network and Security Controls

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Cyber Security for NERC CIP Version 5 Compliance

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Achieving PCI Compliance Using F5 Products

Protecting Your Organisation from Targeted Cyber Intrusion

Why The Security You Bought Yesterday, Won t Save You Today

I ve been breached! Now what?

University System of Maryland University of Maryland, College Park Division of Information Technology

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Are you prepared to be next? Invensys Cyber Security

Seven Strategies to Defend ICSs

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

State of Texas. TEX-AN Next Generation. NNI Plan

74% 96 Action Items. Compliance

Chapter 9 Firewalls and Intrusion Prevention Systems

OPC & Security Agenda

How To Protect Your Data From Being Stolen

SUPPLIER SECURITY STANDARD

Cisco Advanced Services for Network Security

Security Management. Keeping the IT Security Administrator Busy

Global Partner Management Notice

CloudCheck Compliance Certification Program

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Goals. Understanding security testing

Corporate Account Take Over (CATO) Guide

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

ABB s approach concerning IS Security for Automation Systems

Is Your IT Environment Secure? November 18, Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES. By James Christiansen, VP, Information Risk Management

Retention & Destruction

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Internet threats: steps to security for your small business

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

The Cloud App Visibility Blindspot

Lesson 5: Network perimeter security

CYBER SECURITY. Is your Industrial Control System prepared?

Security Policy for External Customers

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Dooblo SurveyToGo: Security Overview

White Paper. Data Security. The Top Threat Facing Enterprises Today

Overcoming PCI Compliance Challenges

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

Information Security Basic Concepts

Questions You Should be Asking NOW to Protect Your Business!

Top tips for improved network security

Transcription:

Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security Breaches Several small, mostly rural, police and sheriff offices- Targeted by company they had investigated. Computer systems hacked, websites defaced, sensitive information exposed,(emails, tips on suspected crimes and profiles of gang members) $200,000 theft of electronic fund transfers for schools and cities in a county Wastewater management system hacked by computer expert rejected for city job SCDOR SS Numbers of 3.6 million SC residents 40 million customer s credit and debit card data stolen through Target Point of Sale systems 1

The Security Challenge Topic can be overwhelming Concepts are confusing Seen as purely an IT issue Ignore until an event occurs Rapidly changing technology and tactics Large time investment to remain current Areas of focus Perimeter Security Device Security Monitoring Change control Testing User training Incident Response SCADA/ICS Specific Perimeter Security Protecting your networks from directed attacks Physical security Firewalls Network segmentation - VLANs Implement DMZs to contain any Internet facing services Wireless Networks Intrusion Detection Systems (IDS) Identify malicious traffic and notify Intrusion Prevention Systems (IPS) Identify malicious traffic and act 6 2

Device Security Preventative Maintenance Patch management (Servers,Workstations) Code management (Firewalls, switches, appliances) Lifecycle management Ensure security from deployment to decommission Anti-Virus Anti-Spam Mobile Device Management Data Encryption Remote wipe capabilities Network Access Control 7 Monitoring Tracking your security state IDS/IPS Need to know an event has happened Log and Event Management Systems (LEMS) Managed Security Services 3 rd Party Monitoring Do you know what s leaving your network? Malicious traffic Confidential documents and information 8 Change Control Does your change control process account for security? IT environments change constantly Change introduces new risk New systems brought online without current security patches Removal of legacy equipment leaves vulnerabilities Make sure your decommission process is complete! 9 3

Testing Scans & Audits Vulnerability scans External & Internal Periodic review of access rights Terminated employees Process audits Third party reviews 10 End Users Your #1 Security Risk Consider using a password management tool (forces regular change, authentication) Grant access rights on an as needed basis Don t click on links in emails/texts Don t open attachments unless you are expecting them Don t click on email or pop-up messages that ask for personal or financial information Don t download and install software Don t email personal or financial information 11 End Users Your #1 Security Risk Implement encryption on laptops and mobile devices Exercise caution when accessing public hotspots Avoid risky sites (gambling, foreign, etc.) Install a comprehensive security suite Limit use of the Administrator account Don t ever share your password!!!! Implement dual factor authentication 12 4

End UserTraining Education is the first line of defense Explain the ramifications of a breach Start with basics as simple as password policies Document rules for various situations Expose your employees to real world scenarios Employee Termination Take the necessary steps Change password and disable users account Remote access Vendor sites Partner sites Mobile devices Hosted services 14 Incident Response Plan How will you react when the inevitable occurs? Assess and categorize impact Engage your Incident Response team Roles should be pre-defined Nature of incident dictates which roles are required Containment Stop the spread Eradicate Remove the cause of the incident Recovery Return to normal operation Lessons learned How did it happen? Complete Incident Report 15 5

Security and SCADA ICS / SCADA Specific Risks Blocked or delayed information flow Unauthorized changes Instruction sets, controls, alarm thresholds Inaccurate information ICS systems infected with malware Impact to safety systems 16 Homeland Security Policy Security policies, procedures, training and educational Addressing security throughout the lifecycle of the ICS Implementing a network topology for the ICS that has multiple layers Employing a DMZ network architecture Ensuring that critical components are redundant and are on redundant networks Disabling unused ports and services on ICS devices Restricting physical access to the ICS network and devices Restricting ICS user privileges to only those that are required to perform each person s job 17 Homeland Security Policy Separate authentication mechanisms and credentials for users of the ICS network and the corporate network Using modern technology, such as smart cards for Personal Identity Verification (PIV) Implementing security controls such as intrusion detection software, antivirus software and file integrity checking Applying security techniques such as encryption and/or cryptographic hashes to ICS data storage Expeditiously deploying security patches after testing all patches under field conditions on a test system if possible Tracking and monitoring audit trails on critical areas of the ICS http://csrc.nist.gov/publications/nistpubs/800-82/sp800-82-final.pdf 18 6

Practical Steps Isolate your SCADA networks Encrypt network traffic if possible Grant access to only those that need it Do not mix administrative and SCADA systems Implement dual factor authentication Define strict policies and procedures Leverage independent audits Joe Howland,VCIO joe.howland@vc3.com (803) 978.2714 Larry Mattox,Account Executive larry.mattox@vc3.com (803) 978.2725 20 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information