Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Security resilience - what's in a number? The real threat to industrial controls systems today


Published on

With so many statistics when it comes to cyber security, which ones matter the most? Are one set more important than another? This presentation was delivered during Hannover Messe 2016.

Published in: Technology
  • Be the first to comment

Cyber Security resilience - what's in a number? The real threat to industrial controls systems today

  1. 1. Cyber resilience – What’s in a number? The real threat to industrial control systems today Confidential Property of Schneider Electric Jay Abdallah | CISSP, CISM, CISA Director – EMEA Cyber Security Services
  2. 2. Page 2Confidential Property of Schneider Electric | 1 The current threat landscape 2 Statistics 3 Schneider Electric’s commitment to security 4 Train-ride surprise – the importance of security awareness Agenda
  3. 3. The current threat landscape Page 3Confidential Property of Schneider Electric |
  4. 4. Page 4Confidential Property of Schneider Electric | The danger of malware 390,000 new infections per day Jan 2016 0 20 000 000 40 000 000 60 000 000 80 000 000 100 000 000 120 000 000 140 000 000 160 000 000 2012 2013 2014 2015 2016*
  5. 5. Page 5Confidential Property of Schneider Electric | Recent industrial cyber incidents German steel millUkraine power gridUSA water dam
  6. 6. Statistics Page 6Confidential Property of Schneider Electric |
  7. 7. Page 7Confidential Property of Schneider Electric | Attacks targeted towards German industrial systems • 1 in every 7 registered security attacks in Q4, 2015, came from Germany • Germany ranked #2 globally in critical infrastructure targets • Critical infrastructure infections from Germany have doubled every year since 2012 • 78% of malicious software installation attempts from Germany in 2015 were successful
  8. 8. Page 8Confidential Property of Schneider Electric | German cyber attack sequence Source: TFOT 2015 56,3% Cyber crime 20% Hacktivism 16,1% Cyber espionage 7,6% Cyber war
  9. 9. Page 9Confidential Property of Schneider Electric | • With so many statistics, which ones matter the most? Are one set more important than another? • How reliable is our source TFOT? Data reliability • The previous slides about Germany contained false statistics from a fake source • Did you notice?
  10. 10. Page 10Confidential Property of Schneider Electric | How do we identify and manage our biggest vulnerabilities? Where is the weak link?
  11. 11. Schneider Electric’s commitment to security Page 11Confidential Property of Schneider Electric |
  12. 12. More than just IT security Critical infrastructure systems require high reliability and uptime: • Need 99.999% or greater uptime • Critical performance • Fast reaction time Page 12Confidential Property of Schneider Electric | Confidentiality Integrity Availability Availability Integrity Confidentiality IT security OT security OTPRIORITIES CONTROL SYSTEMS SECURITY / OT IT SECURITY PHYSICAL SECURITY
  13. 13. Page 13Confidential Property of Schneider Electric | Cyber security at Schneider Electric Defense in depth POLICIES, PROCEDURES & AWARENESS PERIMETER INTERNAL NETWORK HOST APPLICATION DATA PHYSICAL SECURITY
  14. 14. Page 14Confidential Property of Schneider Electric | Cyber security at Schneider Electric Specialized industrial security services – our offers • Cyber security training • Cyber security control design & implementation • Cyber security consulting • Cyber security maintenance services
  15. 15. Train ride surprise – the importance of security awareness London, United Kingdom Page 15Confidential Property of Schneider Electric |
  16. 16. Page 17Confidential Property of Schneider Electric | Train ride surprise • On a phone call, with no line disturbance • Perfectly clear, normal conversation: • “Enjoy the train ride along the English countryside” • “Are you coming home tonight?” • “Be sure to order a nice hot cup of tea” • “I’m sure it’s much colder there than it is here” • Begins acting strangely after five minutes – seems incoherent. • When I ask the her what she is doing, she doesn’t answer and instead says one of the above statements randomly • Answers yes or no questions flawlessly • Responds to other questions with one of the above random statements
  17. 17. Page 20Confidential Property of Schneider Electric | What happened? • Technical malfunction causing me to hear recorded sayings? • What about coherent responses? • Why is my conversation being recorded? • Scrambler device? • Not sophisticated enough for real-time responses • 212 area code is in Manhattan, New York. When called, I get a strange error. • Recorded sentences used as fillers or common talk to encourage me to lead the discussion (and possibly say something incriminating) • Stealth listening • Similar to behavior of advanced malware, spyware, and Trojans
  18. 18. Page 21Confidential Property of Schneider Electric | Who is behind this? • MI6 (UK) • Unknown body It is likely, however, we do not and will not ever know who is really behind most cyber attacks. • CIA and NSA (USA) • FSB (Russia)
  19. 19. Page 22Confidential Property of Schneider Electric | Moral of the story • Appreciation of privacy and confidentiality • Importance of security awareness • Always be alert, Big Brother is always listening • It is unsettling the first time it happens to you … • … but it is likely not to be the first time, it’s just the first time you have noticed
  20. 20. Page 23Confidential Property of Schneider Electric |