Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend Against Cyberattacks

316 views

Published on

Today’s security landscape continues to change as cyberattacks increase and cyber criminals become more relentless, identifying and exploiting any weakness. While security breaches are devastating for any organization, an attack on critical infrastructure systems such as energy, water and utility entities would be catastrophic. New regulations will be implemented in the UK this year, known as the NIS Directive, that will require critical infrastructure organizations to implement security best practices – including those around privileged user and identity management. Join Bomgar for an insightful webinar on how to shore up your security posture to protect critical infrastructure systems, and ultimately meet the industry regulations.

Published in: Software
  • You have to choose carefully. ⇒ www.HelpWriting.net ⇐ offers a professional writing service. I highly recommend them. The papers are delivered on time and customers are their first priority. This is their website: ⇒ www.HelpWriting.net ⇐
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Get the best essay, research papers or dissertations. from HelpWriting.net A team of professional authors with huge experience will give u a result that will overcome your expectations.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • I think this is such an incredible product: Profit Maximiser will make you money. Profit Maximiser will save you time. In a nutshell: Really is as simple as that. Give it a go and feel safe in the fact that there's a 30-day money back guarantee included if for any reason you don't get on with it. £1 trial for 14 days followed by a £96 + VAT. Cancel anytime. learn more... ♣♣♣ http://t.cn/A6hPRLE0
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Hello! Get Your Professional Job-Winning Resume Here - Check our website! https://vk.cc/818RFv
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend Against Cyberattacks

  1. 1. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 1 Don’t Be Left in the Dark: Secure Critical Infrastructure Systems to Defend Against Cyberattacks Stephen Schouten l April 17, 2018
  2. 2. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 2 @Bomgar #bomgarwebinar #securingICS
  3. 3. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 3 • Security landscape • The need for a focus on security • Meeting Industry Regulations: NIS and NERC • Tools and solutions for gaining control of ICS • Q&A • Additional Resources Agenda
  4. 4. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 4 • Poorly secured/weak or default passwords are easy to compromise • Credentials and passwords are the “keys to the kingdom” that cyber criminals want • Remote access solutions continue to be used as attack pathways in security breaches Security Landscape #bomgarwebinar #securingICS
  5. 5. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 5 Stolen credentials lead the way 2018 Data Breach Investigations Report, Verizon
  6. 6. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 6 • 62 % of respondents think it’s possible or definite they’ve suffered a breach through insider action • 66% of respondents think it’s possible or definite they have suffered a breach through third- party access 2018 Privileged Access Threat Report https://www.bomgar.com/resources/whitepapers/privileged-access-threat-report
  7. 7. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 7 • Old outdated systems are easy to compromise • Lack of security features • Easy to guess credentials • Vital to running ‘everyday life’ entities such as water and electrical systems Why Industrial Control Systems Are So Attractive To Hackers #bomgarwebinar #securingICS
  8. 8. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 8 Ukraine Power Grid Attack • Attackers used stolen operator credentials to launch a synchronized attack against operating systems • The perpetrators gained access to energy distribution company systems more than six months before the Dec. 23, 2015 outage that temporarily left about 225,000 customers without power. #bomgarwebinar #securingICS
  9. 9. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 9 Industry Standards NERC CIP | NIS Directive
  10. 10. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 10 Industry Standards • NERC CIP • North American Electric Reliability Corporation’s Critical Infrastructure Protection • Set or requirements designed to secure electronic perimeters and protect critical cyber assets • Currently enforced • NIS Directive • Networks and Information Systems • Goes into effect May 9, 2018 • Improve security of network and information systems across the UK, with a particular focus on essential services – which, if disrupted – could potentially cause significant damage to the economy, society and welfare of individuals
  11. 11. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 11 NIS Directive
  12. 12. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 12 NIS Directive: Managing Security Risk • Governance • Risk Management • Asset Management • Supply Chain
  13. 13. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 13 NIS Directive: Protecting against cyberattacks • Service protection polices and processes • Identity and access control • Data security • System security • Resilient networks and systems • Staff awareness and training
  14. 14. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 14 NIS Directive: Detecting cyber security events • Security monitoring • Proactive security event discovery
  15. 15. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 15 NIS Directive: Minimizing the impact of cyber security incidents • Response and recovery planning • Lessons Learned
  16. 16. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 16 4 Questions to ask about your industrial control systems security #bomgarwebinar #securingICS
  17. 17. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 17 Do I know who is accessing my systems & when? • Properly managing access for privileged insiders/employees • Properly managing access for vendors/third-party contractors • Fourth-party (your vendor’s vendors) • Enforcing least privilege #bomgarwebinar #securingICS
  18. 18. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 18 Do I know where all of my privileged accounts are? • Identifying all systems and privileged accounts is important, because every privileged account is a potential source of risk • Auto Discovery works on a continuous basis where changes are detected as they happen and can trigger automatic enrollment • Gives admins the ability to see what they didn’t see before #bomgarwebinar #securingICS
  19. 19. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 19 Do I have people in place to manage and maintain ICS security? • Internal communication towards security risks • Prioritize security • Deploying solutions with a security focus #bomgarwebinar #securingICS
  20. 20. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 20 Do I have true cybersecurity polices in place for the control systems? • Continuing security education for all employees • Phishing • Malware • Social Engineering #bomgarwebinar #securingICS
  21. 21. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 21
  22. 22. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 22 Bomgar Remote Support SUPPORT MORE More devices, more platforms, more people, more locations. Provide instant remote support to end-users on or off your network using Windows, Mac, iOS, Android and more. PROVIDE SUPERIOR SERVICE Improve service levels and customer satisfaction with seamless, high-quality remote support for every end-user. SECURE YOUR BUSINESS Securing in remote access tools is crucial in protecting your network from threats and meeting compliance regulations.
  23. 23. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 23 Bomgar Privileged Access PROTECT THE ACCESS Enable role-based access to specific systems and define session parameters, such as access timeframes, required approvals, and permitted functions. MANAGE ACTIVITY Actively manage the ongoing operational use of network devices and hardware on the network. ANALYZE & AUDIT DATA Understand what privileged users are actually doing within the network and audit for misuse, while meeting audit trail requirements.
  24. 24. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 24 Lieberman Rapid Enterprise Defense (RED) Suite SEAMLESSLY INJECT CREDENTIALS When integrated with Bomgar Privileged Access of Remote Support, users can directly inject credentials into end servers and systems without exposing plain text passwords. ROTATE & DISCOVER AT SCALE Rotate privileged identities at scale- up to thousands per minute- and easily randomize local account passwords while continuously detecting systems, devices and accounts as they come on and off the network. MANAGE SERVICE ACCOUNTS Automatically discover service accounts and their dependencies- both clustered and individual services- to achieve optimal system uptime.
  25. 25. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 25 • 2018 Privileged Access Threat Report • Bomgar Privileged Access and the NIS Directive (whitepaper) • Secure Access and NERC CIP (whitepaper) • Northumbrian Water Group (case study) • Bomgar Compliance Matrix • Four Pitfalls of Privilege Additional Resources
  26. 26. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 26

×