SlideShare a Scribd company logo

InduSoft Cybersecurity Webinar Overview

AVEVA
AVEVA

There are new threats to cybersecurity for HMI/SCADA applications every week, and it can be difficult to stay on top of current threats and concerns. InduSoft is here to help, with an analysis of recent cybersecurity threats and how to take steps to protect SCADA/HMI systems from the vulnerabilities they seek to exploit. We will also be discussing the security features available in InduSoft Web Studio and how to take advantage of them to create the most stable, secure HMI or SCADA application possible.

Technology
1 of 153
Download to read offline
InduSoft Cybersecurity Webinar: Overview of Current Events and General Cybersecurity Guidance, Protection and Remediation Techniques, and Advanced InduSoft Web Studio Data Protection and Encryption Presenters: Richard Clark and Fabio Terezinho June 24, 2015
Speakers Today (in order of presentation) Richard Clark – Technical Marketing, Process and Controls Engineer, Cybersecurity Engineer
Richard H Clark Cybersecurity Background Mr. Clark has been in Mechatronics, Automation, Process Control, Industrial Control System Cybersecurity, and automation implementation for more than 15 years. He was employed by Wonderware where he developed a non-proprietary means of using IP-Sec for securing current and legacy Automation, SCADA, and Process Control Systems, and developed non-proprietary IT security techniques. Industry expert by peer review and spokesperson on IT security; consultant, analyst and voting member of ISA/IEC 62443 (SP99). Contributor to PCSF Vendor Forum. Consultant to NIST and other government labs and NSA during the development of NIST Special Publications 800-53/82. Published engineering white papers, manuals, and instruction documents, developed and given classes and lectures on the topic of ICS/SCADA Security. – Participated in forming the NIST Cybersecurity Framework during the workshops last year.
Speakers Today (in order of presentation) Richard Clark – Technical Marketing, Process and Controls Engineer, Cybersecurity Engineer Fabio Terezinho – Director of Engineering and Consulting Services for InduSoft
Fabio Terezinho Engineering and Cybersecurity Background VP/Director of Engineering and Consulting Services InduSoft/InduSoft-Wonderware January 1999 – Present (16 years 6 months) Application Engineer Altus Sistemas de Informatica SA January 1995 – March 1998 (3 years 3 months) Selected Publications: Remote access, any time, any place InTech Magazine October 2012 Designing New SCADA Systems Plant Engineering January 2012 Secure Against Process Automation Errors Control Design Magazine November 2011 Honors & Awards: Beta Gamma Sigma Beta Gamma Sigma (AACSB International - The Association to Advance Collegiate Schools of Business) March 2011 Patent: Method and system for communicating between an embedded device and relational databases United States 11/243,780 Education: Baylor University - Hankamer School of Business Executive Master of Business Administration (EMBA) 2010 – 2011 Escola de Engenharia Maua Electrical Engineering, Automation and Control 1999 – 2003 Mr. Terezinho has been in Mechatronics, Automation, Process Control, Industrial Control System Cybersecurity, automation implementation, and product development at InduSoft/InduSoft-Wonderware for more than 16 years.
Announcements This is an audio broadcast-only WebEx, so we can’t hear you speaking. – If you want to give us a comment or question, please type it into the Q&A or Chat Field in the WebEx presentation interface. We will answer your questions at the end in the Q&A section of the broadcast.
Announcements This is an audio broadcast-only WebEx, so we can’t hear you speaking. – If you want to give us a comment or question, please type it into the Q&A or Chat Field in the WebEx presentation interface. We will answer your questions at the end in the Q&A section of the broadcast. Fill out the InduSoft webinar survey that we will send you at the email address that you used to sign in, and get a free famous InduSoft webinar series Tee- Shirt!
Services On Demand is Available Now! Engineering assistance is available when designing projects and implementing project security
SCADA Cybersecurity eBooks InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Available at Smashwords.com and other major booksellers
Available to you as “Name Your Price” InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Download at Smashwords.com to “Name Your Price”
All eBook Proceeds Benefit the Eastern New Mexico University-Ruidoso Foundation
Announcements How to get Product Update Announcements
Announcements How to get Product Update Announcements
Webinar Agenda
Webinar Agenda Introductions
Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft
Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems
Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems
Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems Remediation and System Protection
Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems Remediation and System Protection Fabio: Advanced InduSoft Web Studio configurations for Data Protection and Encryption
Where do we start?
Where do we start? There have been an unprecedented number of Cybersecurity incidents
Where do we start? There have been an unprecedented number of Cybersecurity incidents There have been a lot of business-centered cyber- events, but we are interested in ICS and SCADA events
Where do we start? There have been an unprecedented number of Cybersecurity incidents There have been a lot of business-centered cyber- events, but we are interested in ICS and SCADA events Therefore, the best place to start is the state of the industry and current knowledge of known cyber-events
Stuxnet was the most infamous breach
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason…
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe.
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion.
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion. After a quick War Room analysis, it was quickly determined that the attack was specifically targeted
Theorized Stuxnet Analyses and Findings
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming could only have been done with a large, coordinated team of professional developers
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive…
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time …
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center)
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used…
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs to control the centrifuge Variable Frequency Drives (or VFD’s) in a completely different way than originally intended and programmed 9) and to operate surreptitiously in order to prematurely wear out the equipment…
Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs to control the centrifuge Variable Frequency Drives (or VFD’s) in a completely different way than originally intended and programmed 9) and to operate slowly and surreptitiously over weeks or months in order to prematurely wear out or severely damage the equipment, ultimately limiting and destroying the production lines …the conclusion was that Stuxnet was a deliberate, single, targeted attack by one or more Nation-States.
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion. After a quick War Room analysis, it was quickly determined that the attack was specifically targeted Is Stuxnet, because of all these factors, a danger to your facility?
Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion After a quick War Room analysis, it was quickly determined that the attack was specifically targeted Is Stuxnet, because of all these factors, a danger to your facility? – yes and no
So is Stuxnet a danger to your system?
So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system
So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild
So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware
So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware Additionally, the Zero Day exploits used in the Siemens PLC’s have been patched
So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware Additionally, the Zero Day exploits used in the Siemens PLC’s have been patched Stuxnet employed a very sophisticated Man-in-the- Middle scheme requiring PLC reprogramming
So moving forward in time…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also in 2012, were Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also in 2012, were Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and Havex or RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage…
So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System.
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
The Dell Annual Security Report (April 13, 2015)
The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186
The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186
The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186 “Whereas the motive behind data-focused attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information.”, Dell said.
The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186 “Whereas the motive behind data-focused attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information.”, Dell said. Buffer overflow vulnerabilities were the primary point of attack against SCADA systems, which control remote equipment and collect data on equipment performance, accounting for 25% of the attacks witnessed by Dell.
Other interesting items in April and May
Article Comments by Shawn McConnon “These emerging attacks are now being waged against a much wider variety of hardware, including mobile devices”, he explains.. – "There is no perimeter anymore," he says. – "There are many more touch-points in a company today," which, in turn, has made it easier for hackers penetrate networks.
Article Comments by Shawn McConnon Hackers, especially nation-state actors, know that most organizations fail to adequately address risks posed to their networks by third parties, McConnon says. – "Businesses today outsource everything ... and it's very hard to ensure security when you're outsourcing."
Article Comments by Shawn McConnon Hackers are increasingly targeting less- secure third parties to ultimately gain access to organizations' primary networks, McConnon explains. – "You can't prevent hacks. But you should focus on the information," he says. – "You've got to be able to look at your third-party risk and have somebody on your team who's looking at that risk regularly."
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
Other interesting items in April and May
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
And just in the past 3 weeks…
What are the takeaways?
What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year.
What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. That criminals involved are everything from amateurs to Nation States with deep pockets and many resources
What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving
What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving People still use insufficient security to protect themselves and/or their systems
What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving People still use insufficient security to protect themselves and/or their systems – Everything from poor password enforcement to inadequate perimeter defense, relying on 3rd parties with no in-house checking or reviews
What steps need to be taken?
What steps need to be taken? First and foremost, understand your assets, and how they are configured together
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc.
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc. – Further classifications might include: production, business, administrative, analysis, infrastructure backbone, executive, etc.
What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc. – Further classifications might include: production, business, administrative, analysis, infrastructure backbone, executive, etc. – Understanding these classifications will help when creating your Gap Analysis and Risk Assessment for the whole system: • http://www.belden.com/blog/industrialsecurity/Industrial-Networking- Easy-Security-Risk-Assessment.cfm
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security – Ad hoc approaches to security finally disappear and an organized methodology to asset management will come into focus.
What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security – Ad hoc approaches to security finally disappear and an organized methodology to asset management will come into focus. – Note that it is not necessary to “do everything at once”, since implementing various security phases or changes can be expensive
Analysis tools that can help you
Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start
Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it.
Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible.
Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible. Another tool that can be extremely useful is the ICS- CERT CSET Tool
Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible. Another tool that can be extremely useful is the ICS- CERT CSET Tool – This tool allows you to plug in any set of standards that you want to and it will start asking you questions based on those standards and the inventory/gap analysis that you performed • https://ics-cert.us-cert.gov/Downloading-and-Installing-CSET
SCADA Cybersecurity eBooks InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Available at Smashwords.com and other major booksellers
The cybersecurity webinars detail the steps InduSoft’s Cybersecurity Webinars from January 28th and February 17th of 2015 discussing guidance and the eBooks will also help you in moving forward – http://www.indusoft.com/Marketing/Article/ArticleID/555/ArtMID/684 – http://www.indusoft.com/Marketing/Article/ArticleID/562/ArtMID/684 – Professor Miller discusses the new changes to the CSET Tool
Due to your various system differences…
Due to your various system differences… It is not possible to give specific guidance for the process, platform, or enterprise.
Due to your various system differences… It is not possible to give specific guidance for the process, platform, or enterprise. Specific guidance for one type of system may be entirely inappropriate for a different configuration
Control System Generalities include:
Control System Generalities include: Network Segregation
Control System Generalities include: Network Segregation – Simple firewalls don’t work
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server Performance Server
Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server Performance Server -or- Centralized Management Server or System
FABIO TEREZINHO
Q&A (use the Q&A or Chat fields to ask a question)
THANKS FOR ATTENDING…
HOW TO CONTACT INDUSOFT
Email (US) info@indusoft.com (Brazil) info@indusoft.com.br (Germany) info@indusoft.com.de Support support@indusoft.com Web site (English) www.indusoft.com (Portuguese) www.indusoft.com.br (German) www.indusoft.com.de Phone (512) 349-0334 (US) +55-11-3293-9139 (Brazil) +49 (0) 6227-732510 (Germany) Toll-Free 877-INDUSOFT (877-463-8763) Fax (512) 349-0375 Germany USA Brazil Contact InduSoft Today

Recommended

Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 

Recommended

Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
IoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignIoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignPriyanka Aash
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingTonex
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...AVEVA
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationGavin Davey
 

More Related Content

What's hot

DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
IoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignIoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignPriyanka Aash
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingTonex
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...AVEVA
 

What's hot (20)

DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber Grief
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
IoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignIoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control Design
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar Asia
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
Cybersecurity Critical Infrastructure Framework Course Textbook and the class...
 

Viewers also liked

Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationGavin Davey
 
Cybersecurity for Your Law Firm: Data Security and Data Encryption
Cybersecurity for Your Law Firm: Data Security and Data EncryptionCybersecurity for Your Law Firm: Data Security and Data Encryption
Cybersecurity for Your Law Firm: Data Security and Data EncryptionShawn Tuma
 
InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015AVEVA
 
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...RodBeckstrom
 
Cybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementCybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementKeelan Stewart
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkTuan Phan
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityBen Liu
 
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsCybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsNowSecure
 

Viewers also liked (11)

Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentation
 
Cybersecurity for Your Law Firm: Data Security and Data Encryption
Cybersecurity for Your Law Firm: Data Security and Data EncryptionCybersecurity for Your Law Firm: Data Security and Data Encryption
Cybersecurity for Your Law Firm: Data Security and Data Encryption
 
InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015InduSoft Speaks at Houston Infragard on February 17, 2015
InduSoft Speaks at Houston Infragard on February 17, 2015
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
 
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...
Economics Of Networks - Rod Beckstrom, National Cybersecurity Center, Departm...
 
Cybersecurity Law and Risk Management
Cybersecurity Law and Risk ManagementCybersecurity Law and Risk Management
Cybersecurity Law and Risk Management
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsCybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar Associations
 

Similar to InduSoft Cybersecurity Webinar Overview

[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
IoT Panel, Part II: Security for Silicon, Software, and Sensors
IoT Panel, Part II: Security for Silicon, Software, and SensorsIoT Panel, Part II: Security for Silicon, Software, and Sensors
IoT Panel, Part II: Security for Silicon, Software, and SensorsReal-Time Innovations (RTI)
 
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...Tchelinux
 
Cyber security applied to embedded systems
Cyber security applied to embedded systemsCyber security applied to embedded systems
Cyber security applied to embedded systemsTonex
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environmentsamiable_indian
 
Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerAngie Willis
 
The new era of mega trends securtity
The new era of mega trends securtityThe new era of mega trends securtity
The new era of mega trends securtityAhmed Sallam
 
Webinar: Secure Offline and Online Updates for Linux Devices
Webinar: Secure Offline and Online Updates for Linux DevicesWebinar: Secure Offline and Online Updates for Linux Devices
Webinar: Secure Offline and Online Updates for Linux DevicesToradex
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Lucideus Certified Cyber Security Analyst
Lucideus Certified Cyber Security Analyst Lucideus Certified Cyber Security Analyst
Lucideus Certified Cyber Security Analyst Lucideus Tech
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Chaos Engineering: Why the World Needs More Resilient Systems
Chaos Engineering: Why the World Needs More Resilient SystemsChaos Engineering: Why the World Needs More Resilient Systems
Chaos Engineering: Why the World Needs More Resilient SystemsC4Media
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Security Presenatation for Onforce Pro Town Hall
Security Presenatation for Onforce Pro Town HallSecurity Presenatation for Onforce Pro Town Hall
Security Presenatation for Onforce Pro Town HallBev Robb
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsDaniel Miessler
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 

Similar to InduSoft Cybersecurity Webinar Overview (20)

[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
IoT Panel, Part II: Security for Silicon, Software, and Sensors
IoT Panel, Part II: Security for Silicon, Software, and SensorsIoT Panel, Part II: Security for Silicon, Software, and Sensors
IoT Panel, Part II: Security for Silicon, Software, and Sensors
 
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...
Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchel...
 
Cyber security applied to embedded systems
Cyber security applied to embedded systemsCyber security applied to embedded systems
Cyber security applied to embedded systems
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
 
ASDF WSS 2014 Keynote Speech 1
ASDF WSS 2014 Keynote Speech 1ASDF WSS 2014 Keynote Speech 1
ASDF WSS 2014 Keynote Speech 1
 
Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your Computer
 
The new era of mega trends securtity
The new era of mega trends securtityThe new era of mega trends securtity
The new era of mega trends securtity
 
security onion
security onionsecurity onion
security onion
 
Webinar: Secure Offline and Online Updates for Linux Devices
Webinar: Secure Offline and Online Updates for Linux DevicesWebinar: Secure Offline and Online Updates for Linux Devices
Webinar: Secure Offline and Online Updates for Linux Devices
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Lucideus Certified Cyber Security Analyst
Lucideus Certified Cyber Security Analyst Lucideus Certified Cyber Security Analyst
Lucideus Certified Cyber Security Analyst
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applications
 
Chaos Engineering: Why the World Needs More Resilient Systems
Chaos Engineering: Why the World Needs More Resilient SystemsChaos Engineering: Why the World Needs More Resilient Systems
Chaos Engineering: Why the World Needs More Resilient Systems
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
 
Security Presenatation for Onforce Pro Town Hall
Security Presenatation for Onforce Pro Town HallSecurity Presenatation for Onforce Pro Town Hall
Security Presenatation for Onforce Pro Town Hall
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of Things
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 

More from AVEVA

What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAWhat's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAAVEVA
 
What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2AVEVA
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...AVEVA
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...AVEVA
 
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1AVEVA
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioAVEVA
 
Graphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioGraphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioAVEVA
 
What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1AVEVA
 
Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1AVEVA
 
What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1AVEVA
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...AVEVA
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...AVEVA
 
Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017AVEVA
 

More from AVEVA (20)

What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAWhat's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4
 
Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5
 
What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3
 
Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3
 
Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2
 
What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
 
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
 
What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1
 
Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
Graphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioGraphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web Studio
 
What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1
 
Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1
 
What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
 
Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 

Recently uploaded (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 

InduSoft Cybersecurity Webinar Overview

  • 1. InduSoft Cybersecurity Webinar: Overview of Current Events and General Cybersecurity Guidance, Protection and Remediation Techniques, and Advanced InduSoft Web Studio Data Protection and Encryption Presenters: Richard Clark and Fabio Terezinho June 24, 2015
  • 2. Speakers Today (in order of presentation) Richard Clark – Technical Marketing, Process and Controls Engineer, Cybersecurity Engineer
  • 3. Richard H Clark Cybersecurity Background Mr. Clark has been in Mechatronics, Automation, Process Control, Industrial Control System Cybersecurity, and automation implementation for more than 15 years. He was employed by Wonderware where he developed a non-proprietary means of using IP-Sec for securing current and legacy Automation, SCADA, and Process Control Systems, and developed non-proprietary IT security techniques. Industry expert by peer review and spokesperson on IT security; consultant, analyst and voting member of ISA/IEC 62443 (SP99). Contributor to PCSF Vendor Forum. Consultant to NIST and other government labs and NSA during the development of NIST Special Publications 800-53/82. Published engineering white papers, manuals, and instruction documents, developed and given classes and lectures on the topic of ICS/SCADA Security. – Participated in forming the NIST Cybersecurity Framework during the workshops last year.
  • 4. Speakers Today (in order of presentation) Richard Clark – Technical Marketing, Process and Controls Engineer, Cybersecurity Engineer Fabio Terezinho – Director of Engineering and Consulting Services for InduSoft
  • 5. Fabio Terezinho Engineering and Cybersecurity Background VP/Director of Engineering and Consulting Services InduSoft/InduSoft-Wonderware January 1999 – Present (16 years 6 months) Application Engineer Altus Sistemas de Informatica SA January 1995 – March 1998 (3 years 3 months) Selected Publications: Remote access, any time, any place InTech Magazine October 2012 Designing New SCADA Systems Plant Engineering January 2012 Secure Against Process Automation Errors Control Design Magazine November 2011 Honors & Awards: Beta Gamma Sigma Beta Gamma Sigma (AACSB International - The Association to Advance Collegiate Schools of Business) March 2011 Patent: Method and system for communicating between an embedded device and relational databases United States 11/243,780 Education: Baylor University - Hankamer School of Business Executive Master of Business Administration (EMBA) 2010 – 2011 Escola de Engenharia Maua Electrical Engineering, Automation and Control 1999 – 2003 Mr. Terezinho has been in Mechatronics, Automation, Process Control, Industrial Control System Cybersecurity, automation implementation, and product development at InduSoft/InduSoft-Wonderware for more than 16 years.
  • 6. Announcements This is an audio broadcast-only WebEx, so we can’t hear you speaking. – If you want to give us a comment or question, please type it into the Q&A or Chat Field in the WebEx presentation interface. We will answer your questions at the end in the Q&A section of the broadcast.
  • 7. Announcements This is an audio broadcast-only WebEx, so we can’t hear you speaking. – If you want to give us a comment or question, please type it into the Q&A or Chat Field in the WebEx presentation interface. We will answer your questions at the end in the Q&A section of the broadcast. Fill out the InduSoft webinar survey that we will send you at the email address that you used to sign in, and get a free famous InduSoft webinar series Tee- Shirt!
  • 8. Services On Demand is Available Now! Engineering assistance is available when designing projects and implementing project security
  • 9. SCADA Cybersecurity eBooks InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Available at Smashwords.com and other major booksellers
  • 10. Available to you as “Name Your Price” InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Download at Smashwords.com to “Name Your Price”
  • 11. All eBook Proceeds Benefit the Eastern New Mexico University-Ruidoso Foundation
  • 12. Announcements How to get Product Update Announcements
  • 13. Announcements How to get Product Update Announcements
  • 16. Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft
  • 17. Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems
  • 18. Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems
  • 19. Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems Remediation and System Protection
  • 20. Webinar Agenda Introductions Our Cybersecurity Guidance eBooks and Engineering Services available from InduSoft Current events that are relevant to Control Systems Discussion of the current state of Cybersecurity for Control Systems Remediation and System Protection Fabio: Advanced InduSoft Web Studio configurations for Data Protection and Encryption
  • 21. Where do we start?
  • 22. Where do we start? There have been an unprecedented number of Cybersecurity incidents
  • 23. Where do we start? There have been an unprecedented number of Cybersecurity incidents There have been a lot of business-centered cyber- events, but we are interested in ICS and SCADA events
  • 24. Where do we start? There have been an unprecedented number of Cybersecurity incidents There have been a lot of business-centered cyber- events, but we are interested in ICS and SCADA events Therefore, the best place to start is the state of the industry and current knowledge of known cyber-events
  • 25. Stuxnet was the most infamous breach
  • 26. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason…
  • 27. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe.
  • 28. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion.
  • 29. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion. After a quick War Room analysis, it was quickly determined that the attack was specifically targeted
  • 31. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming could only have been done with a large, coordinated team of professional developers
  • 32. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge
  • 33. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs
  • 34. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive…
  • 35. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time …
  • 36. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center)
  • 37. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used…
  • 38. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs
  • 39. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs to control the centrifuge Variable Frequency Drives (or VFD’s) in a completely different way than originally intended and programmed 9) and to operate surreptitiously in order to prematurely wear out the equipment…
  • 40. Theorized Stuxnet Analyses and Findings 1) the sophistication of the programming of the malware-- some of which was uncovered by reverse- engineering, and could only have been done with a large, coordinated team of professional developers 2) the specificity and required intimate insider knowledge of the control systems, and their networks and configurations 3) the Zero Day exploits of the unpatched Siemens PLCs they were using, and the insider knowledge that they were unpatched 4) the differing vectors of infection and spread, which initially was likely a USB drive, then appeared to spread through network connectivity and printer ports to other computers using administrator credentials… 5) the fact that it stayed dormant and surreptitious for a long time before becoming active, apparently reporting to some home base ( C&C or, Command and Control Center) with findings at various intervals… 6) …and then apparently receiving updated instructions from a C&C (Command and Control center) before proceeding with machine infiltration and attack vectors 7) the apparent social engineering that had to have been used to gain such intimate access to the systems… 8) …which ultimately led to attacking and reprogramming the PLCs to control the centrifuge Variable Frequency Drives (or VFD’s) in a completely different way than originally intended and programmed 9) and to operate slowly and surreptitiously over weeks or months in order to prematurely wear out or severely damage the equipment, ultimately limiting and destroying the production lines …the conclusion was that Stuxnet was a deliberate, single, targeted attack by one or more Nation-States.
  • 41. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion. After a quick War Room analysis, it was quickly determined that the attack was specifically targeted Is Stuxnet, because of all these factors, a danger to your facility?
  • 42. Stuxnet was the most infamous breach A lot of noise has been made about Stuxnet, and for good reason… Stuxnet really scared a lot of Cybersecurity professionals and antivirus/anti-malware companies, along with ICS-CERT organizations around the globe. – it was heretofore unprecedented in its sophistication and differing methods of attack and intrusion After a quick War Room analysis, it was quickly determined that the attack was specifically targeted Is Stuxnet, because of all these factors, a danger to your facility? – yes and no
  • 43. So is Stuxnet a danger to your system?
  • 44. So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system
  • 45. So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild
  • 46. So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware
  • 47. So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware Additionally, the Zero Day exploits used in the Siemens PLC’s have been patched
  • 48. So is Stuxnet a danger to your system? Stuxnet, as it was used, could only work on the one targeted system Some bits of the Stuxnet code has been found in other types of malware in the wild Malware/antivirus companies have updated their databases to protect against Stuxnet-like code in other malware Additionally, the Zero Day exploits used in the Siemens PLC’s have been patched Stuxnet employed a very sophisticated Man-in-the- Middle scheme requiring PLC reprogramming
  • 49. So moving forward in time…
  • 50. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
  • 51. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
  • 52. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
  • 53. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers…
  • 54. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also in 2012, were Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home
  • 55. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also in 2012, were Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
  • 56. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
  • 57. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home So moving forward in time…
  • 58. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems
  • 59. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and Havex or RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems
  • 60. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage…
  • 61. So moving forward in time… 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System.
  • 62. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
  • 63. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
  • 64. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
  • 65. 2012: Shamoon malware infiltrates Aramco and damages data on more than 30,000 computers… Also, was Duku and Flame (sKyWIper) which utilized Stuxnet modules and did not need to report home Next in 2013 and 2014 were Dragonfly and RAT (Remote Access Trojans or Tools) malware that did target Industrial Control Systems During the various End-of-Year news sometime during December 2014 was an attack at a German steel mill, doing a substantial amount of physical damage… – The attack was a result of “Spearfishing” or sending emails containing a malware payload that gave access to the plant’s Industrial Control System. So moving forward in time…
  • 66. The Dell Annual Security Report (April 13, 2015)
  • 67. The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186
  • 68. The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186
  • 69. The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186 “Whereas the motive behind data-focused attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information.”, Dell said.
  • 70. The Dell Annual Security Report (April 13, 2015) Shows that in 2014, attacks more than doubled from the previous year to 675,186 “Whereas the motive behind data-focused attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information.”, Dell said. Buffer overflow vulnerabilities were the primary point of attack against SCADA systems, which control remote equipment and collect data on equipment performance, accounting for 25% of the attacks witnessed by Dell.
  • 71. Other interesting items in April and May
  • 72. Article Comments by Shawn McConnon “These emerging attacks are now being waged against a much wider variety of hardware, including mobile devices”, he explains.. – "There is no perimeter anymore," he says. – "There are many more touch-points in a company today," which, in turn, has made it easier for hackers penetrate networks.
  • 73. Article Comments by Shawn McConnon Hackers, especially nation-state actors, know that most organizations fail to adequately address risks posed to their networks by third parties, McConnon says. – "Businesses today outsource everything ... and it's very hard to ensure security when you're outsourcing."
  • 74. Article Comments by Shawn McConnon Hackers are increasingly targeting less- secure third parties to ultimately gain access to organizations' primary networks, McConnon explains. – "You can't prevent hacks. But you should focus on the information," he says. – "You've got to be able to look at your third-party risk and have somebody on your team who's looking at that risk regularly."
  • 75. Other interesting items in April and May
  • 76. Other interesting items in April and May
  • 77. Other interesting items in April and May
  • 78. Other interesting items in April and May
  • 79. Other interesting items in April and May
  • 80. Other interesting items in April and May
  • 81. Other interesting items in April and May
  • 82. Other interesting items in April and May
  • 83. And just in the past 3 weeks…
  • 84. And just in the past 3 weeks…
  • 85. And just in the past 3 weeks…
  • 86. And just in the past 3 weeks…
  • 87. And just in the past 3 weeks…
  • 88. And just in the past 3 weeks…
  • 89. And just in the past 3 weeks…
  • 90. And just in the past 3 weeks…
  • 91. And just in the past 3 weeks…
  • 92. And just in the past 3 weeks…
  • 93. And just in the past 3 weeks…
  • 94. And just in the past 3 weeks…
  • 95. And just in the past 3 weeks…
  • 96. What are the takeaways?
  • 97. What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year.
  • 98. What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. That criminals involved are everything from amateurs to Nation States with deep pockets and many resources
  • 99. What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving
  • 100. What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving People still use insufficient security to protect themselves and/or their systems
  • 101. What are the takeaways? That cybercrime is on the increase, with more than double the number of attacks since last year. The criminals involved are everything from amateurs to Nation States with deep pockets and many resources The trend is that SCADA and control system attacks will only increase using online tools that have been continually evolving People still use insufficient security to protect themselves and/or their systems – Everything from poor password enforcement to inadequate perimeter defense, relying on 3rd parties with no in-house checking or reviews
  • 102. What steps need to be taken?
  • 103. What steps need to be taken? First and foremost, understand your assets, and how they are configured together
  • 104. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory
  • 105. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states
  • 106. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets
  • 107. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc.
  • 108. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc. – Further classifications might include: production, business, administrative, analysis, infrastructure backbone, executive, etc.
  • 109. What steps need to be taken? First and foremost, understand your assets, and how they are configured together – This step initially requires a complete hardware and software inventory – Understanding their configuration will provide information about how they may be either secure or vulnerable within their current states Next, categorize and classify your assets – Asset categories might include: critical, essential, supporting role, etc. – Further classifications might include: production, business, administrative, analysis, infrastructure backbone, executive, etc. – Understanding these classifications will help when creating your Gap Analysis and Risk Assessment for the whole system: • http://www.belden.com/blog/industrialsecurity/Industrial-Networking- Easy-Security-Risk-Assessment.cfm
  • 110. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security
  • 111. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place
  • 112. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone
  • 113. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change
  • 114. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security
  • 115. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security – Ad hoc approaches to security finally disappear and an organized methodology to asset management will come into focus.
  • 116. What steps need to be taken? Once a Gap Analysis is complete, you will have an understanding of what is missing in terms of security – A Gap Analysis is crucial before an understanding of the elements that need to be addressed can take place – Each deficiency that is uncovered can be addressed with a Risk Assessment, which is a cost to address it vs the risk to leave it alone – As the cybersecurity landscape changes, each risk can be reviewed and recalculated as the protection costs or technologies change – This approach is called a Business Process Management (BPM) Approach to managing your assets and the system security – Ad hoc approaches to security finally disappear and an organized methodology to asset management will come into focus. – Note that it is not necessary to “do everything at once”, since implementing various security phases or changes can be expensive
  • 117. Analysis tools that can help you
  • 118. Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start
  • 119. Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it.
  • 120. Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible.
  • 121. Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible. Another tool that can be extremely useful is the ICS- CERT CSET Tool
  • 122. Analysis tools that can help you The NIST Cybersecurity Framework is a good place to start – Using the methodology described within the Framework documentation can help you get started, even though you may not end up using it. – The Framework was contributed to by a wide variety of industry professionals, to make it extremely flexible. Another tool that can be extremely useful is the ICS- CERT CSET Tool – This tool allows you to plug in any set of standards that you want to and it will start asking you questions based on those standards and the inventory/gap analysis that you performed • https://ics-cert.us-cert.gov/Downloading-and-Installing-CSET
  • 123. SCADA Cybersecurity eBooks InduSoft Security Guide NIST Cybersecurity Framework ISBN 978-1311-49042-1 ISBN 978-1310-30996-0 Available at Smashwords.com and other major booksellers
  • 124. The cybersecurity webinars detail the steps InduSoft’s Cybersecurity Webinars from January 28th and February 17th of 2015 discussing guidance and the eBooks will also help you in moving forward – http://www.indusoft.com/Marketing/Article/ArticleID/555/ArtMID/684 – http://www.indusoft.com/Marketing/Article/ArticleID/562/ArtMID/684 – Professor Miller discusses the new changes to the CSET Tool
  • 125. Due to your various system differences…
  • 126. Due to your various system differences… It is not possible to give specific guidance for the process, platform, or enterprise.
  • 127. Due to your various system differences… It is not possible to give specific guidance for the process, platform, or enterprise. Specific guidance for one type of system may be entirely inappropriate for a different configuration
  • 129. Control System Generalities include: Network Segregation
  • 130. Control System Generalities include: Network Segregation – Simple firewalls don’t work
  • 131. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all
  • 132. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian
  • 133. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm
  • 134. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls
  • 135. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate
  • 136. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System
  • 137. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening
  • 138. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items
  • 139. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces
  • 140. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls
  • 141. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management
  • 142. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges
  • 143. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place
  • 144. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed
  • 145. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups
  • 146. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server
  • 147. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server Performance Server
  • 148. Control System Generalities include: Network Segregation – Simple firewalls don’t work – VLANs don’t work • https://www.tofinosecurity.c om/blog/why-vlan-security- isnt-scada-security-all – DMZ needed for Historian – Firewalls should have Stateful Packet inspection • http://www.belden.com/blog/ industrialsecurity/Why- SCADA-Firewalls-Need-to- be-Stateful-Part-1-of-3.cfm Electronic Access Point Controls – Device Authentication may be appropriate – Control ingress and egress points of Control System System Hardening – Remove unused software and other items – Turn off unused services/ports to reduce attack surfaces Role Based Access Controls – Use Active Directory or LDAP for Centralized Management – Use of minimum needed privileges – Device Control such as USB controls in place Patching Server installed Centralized Backups Logging Server Performance Server -or- Centralized Management Server or System
  • 150. Q&A (use the Q&A or Chat fields to ask a question)
  • 152. HOW TO CONTACT INDUSOFT
  • 153. Email (US) info@indusoft.com (Brazil) info@indusoft.com.br (Germany) info@indusoft.com.de Support support@indusoft.com Web site (English) www.indusoft.com (Portuguese) www.indusoft.com.br (German) www.indusoft.com.de Phone (512) 349-0334 (US) +55-11-3293-9139 (Brazil) +49 (0) 6227-732510 (Germany) Toll-Free 877-INDUSOFT (877-463-8763) Fax (512) 349-0375 Germany USA Brazil Contact InduSoft Today