SlideShare a Scribd company logo

Industrial_Cyber_Security

W
WillianMachadoFonsec

Standard IEC 62443, Series of standards that define procedures for implementing electronically secure Industrial Automation and Control Systems (IACS). *Equivalence to ISO 27001 and NIST Cybersecurity Framework.

Engineering
1 of 34
Download to read offline
So… How do we start?
Caught between regulation, requirements, and standards IEC 62443 ISO 27032 ISA 99 NIST ANSSI NERC CIP BDSG WIB NIS directive
IACS Cybersecurity Standards Cybersecurity Standards Deliver: ✓ Common Industry Language and Terminology ✓ Standardized Methodology ✓ Guidance on how to answer: What is my current risk? What would be a more acceptable level of risk for my organization? How do I get to that more acceptable level?
IEC 62443
IEC 62443 gives us the ability to communicate in an unambiguous way
Align with industry framework Compliance & standards Applies to those responsible for designing, manufacturing, implementing or managing industrial control systems: • End-users (i.e. asset owner) • System integrators • Security practitioners • ICS product/systems vendors ISA/IEC 62443: Series of standards that define procedures for implementing electronically secure Industrial Automation and Control Systems (IACS). *Equivalence to ISO 27001 and NIST Cybersecurity Framework
based on a holistic Defense in depth concept IEC 62443
A secure application depends on multiple layers of diverse protection and industrial security must be implemented as a system Defense-in-Depth Deploying Network Security ▪ Defense in Depth ▪ Shield targets behind multiple levels of diverse security countermeasures to reduce risk ▪ Openness ▪ Consideration for participation of a variety of vendors in our security solutions ▪ Flexibility ▪ Able to accommodate a customer’s needs, including policies & procedures ▪ Consistency ▪ Solutions that align with Government directives and Standards Bodies DURING BEFORE AFTER
Plant security Network security System integrity Defense in depth IEC 62443
provides system design guidelines IEC 62443
Addresses the entire life cycle IEC 62443
provides a complete Cyber Security Management System IEC 62443
The IEC62443/ISO27001 based method Identification and Business Impact Assessment Definition of Target Level Risk Assessment Development and Implementation of Protection Concept Definition of Scope Getting started
What’s at risk? ▪ Loss of Life ▪ Stolen Intellectual Property ▪ Production Loss ▪ Unscheduled Downtime ▪ Damaged Equipment ▪ Environmental Impact
Business rationale Risk identification classification and assessment Risk analysis Conformance Review, improve and maintain the CSMS Monitoring and improving the CSMS
Understanding Risk High-Level Security Risk Assessments 62443 3-2 What is your current level of risk? Impact Remote Unlikely Possible Likely Certain Trivial 1 2 3 4 5 Minor 2 4 6 8 10 Moderate 3 6 9 12 15 Major 4 8 12 16 20 Critical 5 10 18 20 25
“A good overview” More info: https://www.ncsc.gov.uk/collection/risk-management-collection/component-system-driven-approaches/understanding-component-driven-risk-management Risk methods and frameworks
NIST Cybersecurity Framework Detect Organization understands what the current state and risk is to systems, assets, and data Implement safeguards to ensure delivery of critical infrastructure services Implement appropriate activities to identify a cybersecurity event Implement activities to take action regarding a detected cybersecurity event Implement activities to maintain plans for resilience and to restore capabilities
The… Standard
1-1 Terminology, concepts and models 2-1 Security program requirements for IACS asset owners 4-1 Secure product development lifecycle requirements 3-1 Security technologies for IACS 1-2 Master glossary of terms and abbreviations 2-2 IACS security program ratings 4-2 Technical security requirements for IACS components 3-2 Security risk assessment and system design 1-3 System security compliance metrics 2-3 Patch management in the IACS environment 3-3 System security requirements and security levels 2-4 Security program requirements for IACS service providers General Policies and procedures System Compo- nents Definition and metrics Processes / procedures Functional requirements 1-4 IACS security lifecycle and use- cases The structure of IEC 62443?
Protection Level (PL) • Based on IEC 62443-2-4 and ISO27001 • Maturity Level 1 - 4 Security process Security functions • Based on IEC 62443-3-3 • Security Level 1 - 4 Protection Levels are the key criteria and cover security functionalities and processes
Protection Levels are the key criteria and cover security functionalities and processes Maturity Level 4 3 2 1 PL 2 PL 3 PL 4 PL 1 Security Level
Understanding Risk High-Level Security Risk Assessment What is your Target Security Level (SL-T)? Protect Against Intentional Unauthorized Access by Entities using Sophisticated Means with Extend Resources, IACS specific Skills & High Motivation Security Level 4 Protect Against Intentional Unauthorized Access by Entities Using Sophisticated Skills with Moderate Resources, IACS specific skills & Moderate Motivation Security Level 3 Protect Against Intentional Unauthorized Access by Entities Using Simple Means with Low Resources, Generic Skills, & Low Motivation Security Level 2 Protect Against Casual or Incidental Access by Unauthorized Entities Security Level 1
Consequences – Some randomly selected points PL 2 A distributed Firewalls concept has to be implemented Inventory and Network Management are mandatory Capability to automate the backup are mandatory … Even way more… Even more… PL 3 PL 4 PL 1 Use of VLAN, network hardening, managed switches and capability to backup are mandatory …
IEC 62443 Security measures It is unambiguous … PL 1 PL 2 PL 3 PL 4 Revolving doors with card reader and PIN; Video Surveillance and/or IRIS Scanner at door Revolving doors with card reader Doors with card reader Locked building/doors with keys Awareness training (e.g. Operator Aware. training) Network segmentation (e.g. VLAN) Security logging on all systems Backup / recovery system Mandatory rules on USB sticks (e.g. Whitelisting) … … Automated backup / recovery No Email, No WWW, etc. in Secure Cell … 2 PCs (Secure Cell/outside) … Remote access with cRSP or equivalent Monitoring of all human interactions Dual approval for critical actions Firewalls with Fail Close(e.g. Next Generation Firewall) Monitoring of all device activities Online security functionality verification … Persons responsible for security within own organization Continuous monitoring (e.g. SIEM) Backup verification Mandatory security education … Physical network segmentation or equivalent (e.g. SCALANCE S) Remote access restriction (e.g. need to connect principle) + Organize Security Secure Solution Design Secure Operations Secure Lifecycle management Secure Physical Access + + Page 25
Cybersecurity Essentials Equipment built with security in mind Network Design & Segmentation Asset Inventory Vulnerability Identification Patch Management Password Management Phishing Identification Training Disaster Recovery Upgrade Aging Infrastructure Limiting Privileges
IEC62443 ISO27001 NIST 800-30 Well known IT- security standard The OT-security standard Risk assessment framework A piece of a bigger picture The Functional Safety standard
IEC 62443 3-3 System security requirements and Security levels 3-2 Security risk assessment and system design 4-2 Technical security requirements for IACS products 4-1 Product development requirements Achieved SLs Target SLs Automation solution Capability SLs Product supplier System Integrator Asset Owner Recap- Contributions of the stakeholders Control System capabilities
IEC 62443-3-2 Generic Blueprint
IEC62443-3-2 Zones and Conduits Zone Enterprise Network Zone Plant Zone Control #1 Conduit Zone Control #2 PL3 PL2 PL1 Trusted/Untrusted
IEC62443-3-2 Examples Small Site OT is Air gaped
IEC62443-3-2 Examples Medium sized Site OT and IT are connected Via one Conduit..
IEC62443-3-2 Examples Large Site OT and IT are connected Via DMZ..
Spørgsmål?

Recommended

A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResiliencePriyanka Aash
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdfAhmedRKhan
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadarPencilData
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 

Recommended

A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResiliencePriyanka Aash
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdfAhmedRKhan
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadarPencilData
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsPeter Rawsthorne
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat ModelingDr. Anish Cheriyan (PhD)
 
Secure SDLC Framework
Secure SDLC FrameworkSecure SDLC Framework
Secure SDLC FrameworkRishi Kant
 
Scada security
Scada securityScada security
Scada securitysommerville-videos
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates VISTA InfoSec
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1Denise Tawwab
 
IBM Qradar
IBM QradarIBM Qradar
IBM QradarCoenraad Smith
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
EC-Council Certified Network Defender
EC-Council Certified Network DefenderEC-Council Certified Network Defender
EC-Council Certified Network DefenderITpreneurs
 

More Related Content

What's hot

An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsPeter Rawsthorne
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Secure SDLC Framework
Secure SDLC FrameworkSecure SDLC Framework
Secure SDLC FrameworkRishi Kant
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates VISTA InfoSec
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1Denise Tawwab
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 

What's hot (20)

An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architecture
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
 
Secure SDLC Framework
Secure SDLC FrameworkSecure SDLC Framework
Secure SDLC Framework
 
Scada security
Scada securityScada security
Scada security
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates Webinar - pci dss 4.0 updates
Webinar - pci dss 4.0 updates
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
 

Similar to Industrial_Cyber_Security

Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
EC-Council Certified Network Defender
EC-Council Certified Network DefenderEC-Council Certified Network Defender
EC-Council Certified Network DefenderITpreneurs
 
IEC62443.pptx
IEC62443.pptxIEC62443.pptx
IEC62443.pptx233076
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkNathan Wallace, PhD, PE
 
VIPIN_GUPTA_SECURITY_ANALYST
VIPIN_GUPTA_SECURITY_ANALYSTVIPIN_GUPTA_SECURITY_ANALYST
VIPIN_GUPTA_SECURITY_ANALYSTVIPIN KUMAR GUPTA
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemSchneider Electric
 
security_assessment_report_nidhi yadav.pptx
security_assessment_report_nidhi yadav.pptxsecurity_assessment_report_nidhi yadav.pptx
security_assessment_report_nidhi yadav.pptxAkttripathi
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Medical grade network_campus
Medical grade network_campusMedical grade network_campus
Medical grade network_campusJonathan Dender
 
Cyber security course in Kerala , Kochi
Cyber security course in Kerala , KochiCyber security course in Kerala , Kochi
Cyber security course in Kerala , Kochiamallblitz0
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 

Similar to Industrial_Cyber_Security (20)

Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
EC-Council Certified Network Defender
EC-Council Certified Network DefenderEC-Council Certified Network Defender
EC-Council Certified Network Defender
 
OT_Security.pptx
OT_Security.pptxOT_Security.pptx
OT_Security.pptx
 
IEC62443.pptx
IEC62443.pptxIEC62443.pptx
IEC62443.pptx
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 
VIPIN_GUPTA_SECURITY_ANALYST
VIPIN_GUPTA_SECURITY_ANALYSTVIPIN_GUPTA_SECURITY_ANALYST
VIPIN_GUPTA_SECURITY_ANALYST
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
security_assessment_report_nidhi yadav.pptx
security_assessment_report_nidhi yadav.pptxsecurity_assessment_report_nidhi yadav.pptx
security_assessment_report_nidhi yadav.pptx
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Medical grade network_campus
Medical grade network_campusMedical grade network_campus
Medical grade network_campus
 
Cyber security course in Kerala , Kochi
Cyber security course in Kerala , KochiCyber security course in Kerala , Kochi
Cyber security course in Kerala , Kochi
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyIndustrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphy
 

Recently uploaded

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 

Recently uploaded (20)

★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 

Industrial_Cyber_Security

  • 2. Caught between regulation, requirements, and standards IEC 62443 ISO 27032 ISA 99 NIST ANSSI NERC CIP BDSG WIB NIS directive
  • 3. IACS Cybersecurity Standards Cybersecurity Standards Deliver: ✓ Common Industry Language and Terminology ✓ Standardized Methodology ✓ Guidance on how to answer: What is my current risk? What would be a more acceptable level of risk for my organization? How do I get to that more acceptable level?
  • 5. IEC 62443 gives us the ability to communicate in an unambiguous way
  • 6. Align with industry framework Compliance & standards Applies to those responsible for designing, manufacturing, implementing or managing industrial control systems: • End-users (i.e. asset owner) • System integrators • Security practitioners • ICS product/systems vendors ISA/IEC 62443: Series of standards that define procedures for implementing electronically secure Industrial Automation and Control Systems (IACS). *Equivalence to ISO 27001 and NIST Cybersecurity Framework
  • 7. based on a holistic Defense in depth concept IEC 62443
  • 8. A secure application depends on multiple layers of diverse protection and industrial security must be implemented as a system Defense-in-Depth Deploying Network Security ▪ Defense in Depth ▪ Shield targets behind multiple levels of diverse security countermeasures to reduce risk ▪ Openness ▪ Consideration for participation of a variety of vendors in our security solutions ▪ Flexibility ▪ Able to accommodate a customer’s needs, including policies & procedures ▪ Consistency ▪ Solutions that align with Government directives and Standards Bodies DURING BEFORE AFTER
  • 9. Plant security Network security System integrity Defense in depth IEC 62443
  • 11. Addresses the entire life cycle IEC 62443
  • 12. provides a complete Cyber Security Management System IEC 62443
  • 13. The IEC62443/ISO27001 based method Identification and Business Impact Assessment Definition of Target Level Risk Assessment Development and Implementation of Protection Concept Definition of Scope Getting started
  • 14. What’s at risk? ▪ Loss of Life ▪ Stolen Intellectual Property ▪ Production Loss ▪ Unscheduled Downtime ▪ Damaged Equipment ▪ Environmental Impact
  • 15. Business rationale Risk identification classification and assessment Risk analysis Conformance Review, improve and maintain the CSMS Monitoring and improving the CSMS
  • 16. Understanding Risk High-Level Security Risk Assessments 62443 3-2 What is your current level of risk? Impact Remote Unlikely Possible Likely Certain Trivial 1 2 3 4 5 Minor 2 4 6 8 10 Moderate 3 6 9 12 15 Major 4 8 12 16 20 Critical 5 10 18 20 25
  • 17. “A good overview” More info: https://www.ncsc.gov.uk/collection/risk-management-collection/component-system-driven-approaches/understanding-component-driven-risk-management Risk methods and frameworks
  • 18. NIST Cybersecurity Framework Detect Organization understands what the current state and risk is to systems, assets, and data Implement safeguards to ensure delivery of critical infrastructure services Implement appropriate activities to identify a cybersecurity event Implement activities to take action regarding a detected cybersecurity event Implement activities to maintain plans for resilience and to restore capabilities
  • 20. 1-1 Terminology, concepts and models 2-1 Security program requirements for IACS asset owners 4-1 Secure product development lifecycle requirements 3-1 Security technologies for IACS 1-2 Master glossary of terms and abbreviations 2-2 IACS security program ratings 4-2 Technical security requirements for IACS components 3-2 Security risk assessment and system design 1-3 System security compliance metrics 2-3 Patch management in the IACS environment 3-3 System security requirements and security levels 2-4 Security program requirements for IACS service providers General Policies and procedures System Compo- nents Definition and metrics Processes / procedures Functional requirements 1-4 IACS security lifecycle and use- cases The structure of IEC 62443?
  • 21. Protection Level (PL) • Based on IEC 62443-2-4 and ISO27001 • Maturity Level 1 - 4 Security process Security functions • Based on IEC 62443-3-3 • Security Level 1 - 4 Protection Levels are the key criteria and cover security functionalities and processes
  • 22. Protection Levels are the key criteria and cover security functionalities and processes Maturity Level 4 3 2 1 PL 2 PL 3 PL 4 PL 1 Security Level
  • 23. Understanding Risk High-Level Security Risk Assessment What is your Target Security Level (SL-T)? Protect Against Intentional Unauthorized Access by Entities using Sophisticated Means with Extend Resources, IACS specific Skills & High Motivation Security Level 4 Protect Against Intentional Unauthorized Access by Entities Using Sophisticated Skills with Moderate Resources, IACS specific skills & Moderate Motivation Security Level 3 Protect Against Intentional Unauthorized Access by Entities Using Simple Means with Low Resources, Generic Skills, & Low Motivation Security Level 2 Protect Against Casual or Incidental Access by Unauthorized Entities Security Level 1
  • 24. Consequences – Some randomly selected points PL 2 A distributed Firewalls concept has to be implemented Inventory and Network Management are mandatory Capability to automate the backup are mandatory … Even way more… Even more… PL 3 PL 4 PL 1 Use of VLAN, network hardening, managed switches and capability to backup are mandatory …
  • 25. IEC 62443 Security measures It is unambiguous … PL 1 PL 2 PL 3 PL 4 Revolving doors with card reader and PIN; Video Surveillance and/or IRIS Scanner at door Revolving doors with card reader Doors with card reader Locked building/doors with keys Awareness training (e.g. Operator Aware. training) Network segmentation (e.g. VLAN) Security logging on all systems Backup / recovery system Mandatory rules on USB sticks (e.g. Whitelisting) … … Automated backup / recovery No Email, No WWW, etc. in Secure Cell … 2 PCs (Secure Cell/outside) … Remote access with cRSP or equivalent Monitoring of all human interactions Dual approval for critical actions Firewalls with Fail Close(e.g. Next Generation Firewall) Monitoring of all device activities Online security functionality verification … Persons responsible for security within own organization Continuous monitoring (e.g. SIEM) Backup verification Mandatory security education … Physical network segmentation or equivalent (e.g. SCALANCE S) Remote access restriction (e.g. need to connect principle) + Organize Security Secure Solution Design Secure Operations Secure Lifecycle management Secure Physical Access + + Page 25
  • 26. Cybersecurity Essentials Equipment built with security in mind Network Design & Segmentation Asset Inventory Vulnerability Identification Patch Management Password Management Phishing Identification Training Disaster Recovery Upgrade Aging Infrastructure Limiting Privileges
  • 27. IEC62443 ISO27001 NIST 800-30 Well known IT- security standard The OT-security standard Risk assessment framework A piece of a bigger picture The Functional Safety standard
  • 28. IEC 62443 3-3 System security requirements and Security levels 3-2 Security risk assessment and system design 4-2 Technical security requirements for IACS products 4-1 Product development requirements Achieved SLs Target SLs Automation solution Capability SLs Product supplier System Integrator Asset Owner Recap- Contributions of the stakeholders Control System capabilities
  • 30. IEC62443-3-2 Zones and Conduits Zone Enterprise Network Zone Plant Zone Control #1 Conduit Zone Control #2 PL3 PL2 PL1 Trusted/Untrusted
  • 32. IEC62443-3-2 Examples Medium sized Site OT and IT are connected Via one Conduit..
  • 33. IEC62443-3-2 Examples Large Site OT and IT are connected Via DMZ..