I. LACK OF EXPERTISE AND COMMUNICATION
II. LACK OF RIGHTS TO ACT
CONCLUSION
Dmitry Yarushevskiy | CISA | CISM
Head of ICS Cyber security department
JSC DialogueScience
Choreo: Empowering the Future of Enterprise Software Engineering
SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY
1. SOMETHING INTANGIBLE, BUT REAL
ABOUT CYBERSECURITY
tel.: +7 (495) 980 67 76
http://www.DialogNauka.ru
yad@dials.ru
Dmitry Yarushevskiy | CISA | CISM
Head of ICS Cyber security department
JSC DialogueScience
2. JSC DialogueScience
JSC DialogueScience, established in 1992 is a system integrator
in the information security field, one of the leading Russian provider of IT
security services, products and solutions.
We have good experience in designing, development and
implementation of cybersecurity systems and solutions on critical
infrastructure and industrial objects, including power generation and power
distribution sector.
.
2
7. Cyber security is a serious business!
ICS Cyber Security is too complicated to be managed by only
security personnel or only but automation engineers
7
Only well-balanced team of experts in different fields of
knowledge could be effective in cyber security
Before starting cyber security program or implementing
security system, ask yourself “Who will manage it?”
9. Lack of rights to act
When cyber security staff finds that malicious activity or attack,
perhaps, happening right now…
9
What they can do?
• Lack of well-studied scenarios
• Not clear understandable consequences
• Hard to calculate likelihood
10. Who will be responsible
Shutting down power grid control center because of feeling “that something
going wrong” can be a definitely bad idea.
10
OR NOT?
vs
11. Lack of rights to act
To be effective cyber security staff, should clearly understand
which actions and measures are allowed to apply and when,
and which are not.
And which actions are vital
11
Management and automation engineers also
Usually they all do not
(Risk analysis and BCP could help)
15. Embedded security features
There are a lot of “common” security features are embedded
in some PLC now:
• Access control with strong authentication;
• RADIUS
• Logging and SNMP
• Firewall
• VPN client
15
17. At least three interesting question
There are at least three questions, that you should ask during
establishing cyber security program:
• Who will manage it?
• What they are allowed to do, and what the must do in case
they suspect an attack?
• Are there some cool security features already embedded in
your PLC or SCADA?
17
18. Thanks for your time!
Dmitry Yarushevskiy
CISA, CISM
Head of ICS Cyber security department
JSC DialogueScience
Dmitry.yarushevskiy@dialognauka.ru
yad@dials.ru
Cell: +7 (916) 677 3763