SlideShare a Scribd company logo

SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY

Download as PPTX, PDF
DialogueScience
DialogueScience

I. LACK OF EXPERTISE AND COMMUNICATION II. LACK OF RIGHTS TO ACT CONCLUSION Dmitry Yarushevskiy | CISA | CISM Head of ICS Cyber security department JSC DialogueScience

Technology
1 of 18
SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY tel.: +7 (495) 980 67 76 http://www.DialogNauka.ru yad@dials.ru Dmitry Yarushevskiy | CISA | CISM Head of ICS Cyber security department JSC DialogueScience
JSC DialogueScience JSC DialogueScience, established in 1992 is a system integrator in the information security field, one of the leading Russian provider of IT security services, products and solutions. We have good experience in designing, development and implementation of cybersecurity systems and solutions on critical infrastructure and industrial objects, including power generation and power distribution sector. . 2
SOMETHING INTANGIBLE, BUT REAL
I. LACK OF EXPERTISE AND COMMUNICATION
LACK OF EXPERTISE First issue is LACK OF EXPERTISE AND COMMUNICATION 5 Automation don’t understand security Security don’t understand automation
6
Cyber security is a serious business! ICS Cyber Security is too complicated to be managed by only security personnel or only but automation engineers 7 Only well-balanced team of experts in different fields of knowledge could be effective in cyber security Before starting cyber security program or implementing security system, ask yourself “Who will manage it?”
II. LACK OF RIGHTS TO ACT
Lack of rights to act When cyber security staff finds that malicious activity or attack, perhaps, happening right now… 9 What they can do? • Lack of well-studied scenarios • Not clear understandable consequences • Hard to calculate likelihood
Who will be responsible Shutting down power grid control center because of feeling “that something going wrong” can be a definitely bad idea. 10 OR NOT? vs
Lack of rights to act To be effective cyber security staff, should clearly understand which actions and measures are allowed to apply and when, and which are not. And which actions are vital 11 Management and automation engineers also Usually they all do not (Risk analysis and BCP could help)
III. Focus on too sophisticated solutions
Focus on too sophisticated solutions instead of using embedded features 13
Modern PLC are far away from their roots 14
Embedded security features There are a lot of “common” security features are embedded in some PLC now: • Access control with strong authentication; • RADIUS • Logging and SNMP • Firewall • VPN client 15
CONCLUSION
At least three interesting question There are at least three questions, that you should ask during establishing cyber security program: • Who will manage it? • What they are allowed to do, and what the must do in case they suspect an attack? • Are there some cool security features already embedded in your PLC or SCADA? 17
Thanks for your time! Dmitry Yarushevskiy CISA, CISM Head of ICS Cyber security department JSC DialogueScience Dmitry.yarushevskiy@dialognauka.ru yad@dials.ru Cell: +7 (916) 677 3763

Recommended

Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
Veezo - Virtual Security Officer
Veezo - Virtual Security OfficerVeezo - Virtual Security Officer
Veezo - Virtual Security OfficerDirk Cipido
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecuritynathan-axonius
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 

Recommended

Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
Veezo - Virtual Security Officer
Veezo - Virtual Security OfficerVeezo - Virtual Security Officer
Veezo - Virtual Security OfficerDirk Cipido
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecuritynathan-axonius
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & MicrosoftCCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & Microsoftwalk2talk srl
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionBen Rothke
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Omar Khawaja
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityHackerOne
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security Kofax
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesOverload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesTripwire
 
Security architecture - Perform a gap analysis
Security architecture - Perform a gap analysisSecurity architecture - Perform a gap analysis
Security architecture - Perform a gap analysisCarlo Dapino
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeterBen Rothke
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...LeMeniz Infotech
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 
Addressing Healthcare Challenges Today
Addressing Healthcare Challenges TodayAddressing Healthcare Challenges Today
Addressing Healthcare Challenges TodayIvanti
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Iftikhar Ali Iqbal
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeSounil Yu
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTAbdullahi Arabo Jr (MEng, MBCS, PhD)
 
Catalogo Inspiraflor
Catalogo InspiraflorCatalogo Inspiraflor
Catalogo InspiraflorInspiraflor
 
Отчет. приложение 2.
Отчет. приложение 2.Отчет. приложение 2.
Отчет. приложение 2.Софья Митрошина
 

More Related Content

What's hot

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & MicrosoftCCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & Microsoftwalk2talk srl
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionBen Rothke
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Omar Khawaja
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityHackerOne
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security Kofax
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesOverload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesTripwire
 
Security architecture - Perform a gap analysis
Security architecture - Perform a gap analysisSecurity architecture - Perform a gap analysis
Security architecture - Perform a gap analysisCarlo Dapino
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeterBen Rothke
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...LeMeniz Infotech
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 
Addressing Healthcare Challenges Today
Addressing Healthcare Challenges TodayAddressing Healthcare Challenges Today
Addressing Healthcare Challenges TodayIvanti
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Iftikhar Ali Iqbal
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeSounil Yu
 

What's hot (20)

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & MicrosoftCCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In Cybersecurity
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesOverload: Critical Lessons from 15 Years of ICS Vulnerabilities
Overload: Critical Lessons from 15 Years of ICS Vulnerabilities
 
Security architecture - Perform a gap analysis
Security architecture - Perform a gap analysisSecurity architecture - Perform a gap analysis
Security architecture - Perform a gap analysis
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey Results
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explained
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICS
 
Addressing Healthcare Challenges Today
Addressing Healthcare Challenges TodayAddressing Healthcare Challenges Today
Addressing Healthcare Challenges Today
 
Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)Symantec Data Loss Prevention - Technical Proposal (General)
Symantec Data Loss Prevention - Technical Proposal (General)
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor Landscape
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
 

Viewers also liked

Catalogo Inspiraflor
Catalogo InspiraflorCatalogo Inspiraflor
Catalogo InspiraflorInspiraflor
 
медиаобразование
медиаобразованиемедиаобразование
медиаобразованиеOlga Shaporina
 
Benefits and struggles of Lean Game Development
Benefits and struggles of Lean Game DevelopmentBenefits and struggles of Lean Game Development
Benefits and struggles of Lean Game DevelopmentBitCake Studio
 
Git Money
Git MoneyGit Money
Git MoneyTim N
 
Device inspection to remote root
Device inspection to remote rootDevice inspection to remote root
Device inspection to remote rootTim N
 
Practically DROWNing
Practically DROWNingPractically DROWNing
Practically DROWNingTim N
 
ifwt remote (sydney ruxmon edition)
ifwt remote (sydney ruxmon edition)ifwt remote (sydney ruxmon edition)
ifwt remote (sydney ruxmon edition)Tim N
 
Unifi'd Ownage
Unifi'd OwnageUnifi'd Ownage
Unifi'd OwnageTim N
 
GAME ON! Integrating Games and Simulations in the Classroom
GAME ON! Integrating Games and Simulations in the Classroom GAME ON! Integrating Games and Simulations in the Classroom
GAME ON! Integrating Games and Simulations in the Classroom Brian Housand
 
IT in Healthcare
IT in HealthcareIT in Healthcare
IT in HealthcareNetApp
 
Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Emiland
 
What I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessWhat I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessJonathon Colman
 
UX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesUX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesNed Potter
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging ChallengesAaron Irizarry
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShareSlideShare
 

Viewers also liked (20)

Catalogo Inspiraflor
Catalogo InspiraflorCatalogo Inspiraflor
Catalogo Inspiraflor
 
Отчет. приложение 2.
Отчет. приложение 2.Отчет. приложение 2.
Отчет. приложение 2.
 
медиаобразование
медиаобразованиемедиаобразование
медиаобразование
 
Benefits and struggles of Lean Game Development
Benefits and struggles of Lean Game DevelopmentBenefits and struggles of Lean Game Development
Benefits and struggles of Lean Game Development
 
Git Money
Git MoneyGit Money
Git Money
 
Device inspection to remote root
Device inspection to remote rootDevice inspection to remote root
Device inspection to remote root
 
Practically DROWNing
Practically DROWNingPractically DROWNing
Practically DROWNing
 
ifwt remote (sydney ruxmon edition)
ifwt remote (sydney ruxmon edition)ifwt remote (sydney ruxmon edition)
ifwt remote (sydney ruxmon edition)
 
La informacion
La informacionLa informacion
La informacion
 
Unifi'd Ownage
Unifi'd OwnageUnifi'd Ownage
Unifi'd Ownage
 
GAME ON! Integrating Games and Simulations in the Classroom
GAME ON! Integrating Games and Simulations in the Classroom GAME ON! Integrating Games and Simulations in the Classroom
GAME ON! Integrating Games and Simulations in the Classroom
 
IT in Healthcare
IT in HealthcareIT in Healthcare
IT in Healthcare
 
Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.
 
What I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessWhat I Carry: 10 Tools for Success
What I Carry: 10 Tools for Success
 
UX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesUX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and Archives
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging Challenges
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with Data
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your Niche
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
 

Similar to SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY

85320337 networking-case-study
85320337 networking-case-study85320337 networking-case-study
85320337 networking-case-studyhomeworkping3
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityMighty Guides, Inc.
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud worldZscaler
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Kyle Lai
 
111.pptx
111.pptx111.pptx
111.pptxJESUNPK
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP securityERPScan
 
Presentation 1.pptx
Presentation 1.pptxPresentation 1.pptx
Presentation 1.pptxrabeetkashif
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
Rothke - A Pragmatic Approach To Purchasing Information Security Products
Rothke - A Pragmatic Approach To Purchasing Information Security ProductsRothke - A Pragmatic Approach To Purchasing Information Security Products
Rothke - A Pragmatic Approach To Purchasing Information Security ProductsBen Rothke
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Tripwire
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Security economics
Security economicsSecurity economics
Security economicsYansi Keim
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 

Similar to SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY (20)

85320337 networking-case-study
85320337 networking-case-study85320337 networking-case-study
85320337 networking-case-study
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
 
Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real life
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
 
111.pptx
111.pptx111.pptx
111.pptx
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP security
 
Presentation 1.pptx
Presentation 1.pptxPresentation 1.pptx
Presentation 1.pptx
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Rothke - A Pragmatic Approach To Purchasing Information Security Products
Rothke - A Pragmatic Approach To Purchasing Information Security ProductsRothke - A Pragmatic Approach To Purchasing Information Security Products
Rothke - A Pragmatic Approach To Purchasing Information Security Products
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar Asia
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Security economics
Security economicsSecurity economics
Security economics
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 

More from DialogueScience

Вебинар: Подход Лаборатории Касперского к противодействию целевым атакам
Вебинар: Подход Лаборатории Касперского к противодействию целевым атакамВебинар: Подход Лаборатории Касперского к противодействию целевым атакам
Вебинар: Подход Лаборатории Касперского к противодействию целевым атакамDialogueScience
 
Вебинар: Next Generation DLP
Вебинар: Next Generation DLPВебинар: Next Generation DLP
Вебинар: Next Generation DLPDialogueScience
 
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...DialogueScience
 
Вебинар: DeviceLock - экспертный взгляд на DLP-технологии
Вебинар: DeviceLock - экспертный взгляд на DLP-технологииВебинар: DeviceLock - экспертный взгляд на DLP-технологии
Вебинар: DeviceLock - экспертный взгляд на DLP-технологииDialogueScience
 
Вебинар: Функциональные возможности HP ArcSight Logger \ ESM
Вебинар: Функциональные возможности HP ArcSight Logger \ ESMВебинар: Функциональные возможности HP ArcSight Logger \ ESM
Вебинар: Функциональные возможности HP ArcSight Logger \ ESMDialogueScience
 
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...DialogueScience
 
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО Я
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО ЯВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО Я
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО ЯDialogueScience
 
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХ
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХ
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХDialogueScience
 
Создание системы обеспечения ИБ АСТУ электросетевой компании
Создание системы обеспечения ИБ АСТУ электросетевой компанииСоздание системы обеспечения ИБ АСТУ электросетевой компании
Создание системы обеспечения ИБ АСТУ электросетевой компанииDialogueScience
 
Управление инцидентами информационной безопасности от А до Я
Управление инцидентами информационной безопасности от А до ЯУправление инцидентами информационной безопасности от А до Я
Управление инцидентами информационной безопасности от А до ЯDialogueScience
 
Практические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPПрактические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPDialogueScience
 
Целенаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваЦеленаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваDialogueScience
 
Safe inspect. Средство контроля за действиями привилегированных пользователей
Safe inspect. Средство контроля за действиями привилегированных пользователейSafe inspect. Средство контроля за действиями привилегированных пользователей
Safe inspect. Средство контроля за действиями привилегированных пользователейDialogueScience
 
Современные российские средства защиты информации
Современные российские средства защиты информацииСовременные российские средства защиты информации
Современные российские средства защиты информацииDialogueScience
 
Стандарт PCI DSS. Особенности внедрения.
Стандарт PCI DSS. Особенности внедрения.Стандарт PCI DSS. Особенности внедрения.
Стандарт PCI DSS. Особенности внедрения.DialogueScience
 
Целенаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваЦеленаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваDialogueScience
 
Обзор текущей ситуации в области импортозамещения СЗИ
Обзор текущей ситуации в области импортозамещения СЗИОбзор текущей ситуации в области импортозамещения СЗИ
Обзор текущей ситуации в области импортозамещения СЗИDialogueScience
 
Практические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPПрактические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPDialogueScience
 
Вебинар: Функциональные возможности современных SIEM-систем
Вебинар: Функциональные возможности современных SIEM-системВебинар: Функциональные возможности современных SIEM-систем
Вебинар: Функциональные возможности современных SIEM-системDialogueScience
 
Fireeye 201FireEye - система защиты от целенаправленных атак5
Fireeye 201FireEye - система защиты от целенаправленных атак5Fireeye 201FireEye - система защиты от целенаправленных атак5
Fireeye 201FireEye - система защиты от целенаправленных атак5DialogueScience
 

More from DialogueScience (20)

Вебинар: Подход Лаборатории Касперского к противодействию целевым атакам
Вебинар: Подход Лаборатории Касперского к противодействию целевым атакамВебинар: Подход Лаборатории Касперского к противодействию целевым атакам
Вебинар: Подход Лаборатории Касперского к противодействию целевым атакам
 
Вебинар: Next Generation DLP
Вебинар: Next Generation DLPВебинар: Next Generation DLP
Вебинар: Next Generation DLP
 
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...
Вебинар: MaxPatrol + MaxPatrol SIEM - что нужно знать об оценке состояния и у...
 
Вебинар: DeviceLock - экспертный взгляд на DLP-технологии
Вебинар: DeviceLock - экспертный взгляд на DLP-технологииВебинар: DeviceLock - экспертный взгляд на DLP-технологии
Вебинар: DeviceLock - экспертный взгляд на DLP-технологии
 
Вебинар: Функциональные возможности HP ArcSight Logger \ ESM
Вебинар: Функциональные возможности HP ArcSight Logger \ ESMВебинар: Функциональные возможности HP ArcSight Logger \ ESM
Вебинар: Функциональные возможности HP ArcSight Logger \ ESM
 
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...
ВЕБИНАР: ЛУЧШИЕ ПРАКТИКИ И РЕКОМЕНДАЦИИ ПО ПРОТИВОДЕЙСТВИЮ ЦЕЛЕВЫМ КИБЕРАТАКА...
 
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО Я
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО ЯВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО Я
ВЕБИНАР: УПРАВЛЕНИЕ ИНЦИДЕНТАМИ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОТ А ДО Я
 
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХ
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХ
ПРАВОПРИМЕНИТЕЛЬНАЯ ПРАКТИКА В ОБЛАСТИ ПЕРСОНАЛЬНЫХ ДАННЫХ
 
Создание системы обеспечения ИБ АСТУ электросетевой компании
Создание системы обеспечения ИБ АСТУ электросетевой компанииСоздание системы обеспечения ИБ АСТУ электросетевой компании
Создание системы обеспечения ИБ АСТУ электросетевой компании
 
Управление инцидентами информационной безопасности от А до Я
Управление инцидентами информационной безопасности от А до ЯУправление инцидентами информационной безопасности от А до Я
Управление инцидентами информационной безопасности от А до Я
 
Практические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPПрактические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLP
 
Целенаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваЦеленаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройства
 
Safe inspect. Средство контроля за действиями привилегированных пользователей
Safe inspect. Средство контроля за действиями привилегированных пользователейSafe inspect. Средство контроля за действиями привилегированных пользователей
Safe inspect. Средство контроля за действиями привилегированных пользователей
 
Современные российские средства защиты информации
Современные российские средства защиты информацииСовременные российские средства защиты информации
Современные российские средства защиты информации
 
Стандарт PCI DSS. Особенности внедрения.
Стандарт PCI DSS. Особенности внедрения.Стандарт PCI DSS. Особенности внедрения.
Стандарт PCI DSS. Особенности внедрения.
 
Целенаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройстваЦеленаправленные атаки на мобильные устройства
Целенаправленные атаки на мобильные устройства
 
Обзор текущей ситуации в области импортозамещения СЗИ
Обзор текущей ситуации в области импортозамещения СЗИОбзор текущей ситуации в области импортозамещения СЗИ
Обзор текущей ситуации в области импортозамещения СЗИ
 
Практические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLPПрактические особенности внедрения систем класса DLP
Практические особенности внедрения систем класса DLP
 
Вебинар: Функциональные возможности современных SIEM-систем
Вебинар: Функциональные возможности современных SIEM-системВебинар: Функциональные возможности современных SIEM-систем
Вебинар: Функциональные возможности современных SIEM-систем
 
Fireeye 201FireEye - система защиты от целенаправленных атак5
Fireeye 201FireEye - система защиты от целенаправленных атак5Fireeye 201FireEye - система защиты от целенаправленных атак5
Fireeye 201FireEye - система защиты от целенаправленных атак5
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxMarkSteadman7
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringWSO2
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 

SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY

  • 1. SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY tel.: +7 (495) 980 67 76 http://www.DialogNauka.ru yad@dials.ru Dmitry Yarushevskiy | CISA | CISM Head of ICS Cyber security department JSC DialogueScience
  • 2. JSC DialogueScience JSC DialogueScience, established in 1992 is a system integrator in the information security field, one of the leading Russian provider of IT security services, products and solutions. We have good experience in designing, development and implementation of cybersecurity systems and solutions on critical infrastructure and industrial objects, including power generation and power distribution sector. . 2
  • 4. I. LACK OF EXPERTISE AND COMMUNICATION
  • 5. LACK OF EXPERTISE First issue is LACK OF EXPERTISE AND COMMUNICATION 5 Automation don’t understand security Security don’t understand automation
  • 6. 6
  • 7. Cyber security is a serious business! ICS Cyber Security is too complicated to be managed by only security personnel or only but automation engineers 7 Only well-balanced team of experts in different fields of knowledge could be effective in cyber security Before starting cyber security program or implementing security system, ask yourself “Who will manage it?”
  • 8. II. LACK OF RIGHTS TO ACT
  • 9. Lack of rights to act When cyber security staff finds that malicious activity or attack, perhaps, happening right now… 9 What they can do? • Lack of well-studied scenarios • Not clear understandable consequences • Hard to calculate likelihood
  • 10. Who will be responsible Shutting down power grid control center because of feeling “that something going wrong” can be a definitely bad idea. 10 OR NOT? vs
  • 11. Lack of rights to act To be effective cyber security staff, should clearly understand which actions and measures are allowed to apply and when, and which are not. And which actions are vital 11 Management and automation engineers also Usually they all do not (Risk analysis and BCP could help)
  • 12. III. Focus on too sophisticated solutions
  • 13. Focus on too sophisticated solutions instead of using embedded features 13
  • 14. Modern PLC are far away from their roots 14
  • 15. Embedded security features There are a lot of “common” security features are embedded in some PLC now: • Access control with strong authentication; • RADIUS • Logging and SNMP • Firewall • VPN client 15
  • 17. At least three interesting question There are at least three questions, that you should ask during establishing cyber security program: • Who will manage it? • What they are allowed to do, and what the must do in case they suspect an attack? • Are there some cool security features already embedded in your PLC or SCADA? 17
  • 18. Thanks for your time! Dmitry Yarushevskiy CISA, CISM Head of ICS Cyber security department JSC DialogueScience Dmitry.yarushevskiy@dialognauka.ru yad@dials.ru Cell: +7 (916) 677 3763