SlideShare a Scribd company logo

Cybersecurity Summit AHR20 Detect KMC

Cimetrics Inc
Cimetrics Inc

NIST Cybersecurity Framework. Detect. Dave Bohlmann - KMC Controls

Technology
1 of 7
Download to read offline
New Deal 2020 Dave Bohlmann - KMC Controls DETECT
Detect: Three Main Functions Per the Framework: ● Detect Anomalies and Events (in a timely fashion) ● Continuous Monitoring (threats are always there) ● Maintain Processes and Procedures (exploits are always changing) These need to be done at different levels: ● Different types of attacks and detection methods are needed at different levels ● Requires cross-functional Team approach Defense in Depth
Detect: What to Detect? Similarities with IT/OT Systems: ● Malware installed or being executed ● Multiple failed attempts to login ● Unusual traffic patterns or user activity ● Attempts to cross segmented network boundaries Differences for OT Systems: ● Attacks use much less data ● Attacks use small commands to do big (and BAD) things Need To Know How The System Specifications and Requirements
Detect: Continuous Monitoring Automated Tools: ● Keep everything up to date ● Insure configuration is correct ● Use the right tool for the right job Automanual Tools: ● Audit log inspection ● Verification of Process Results Security Detection Also Helps to Verify Operations
Detect: Maintaining Security ● On-Going Commissioning ● Additions & Changes to the System Require Security Reviews ● Continual Training
Detect: Questions ● Experience involving IT & OT together? ● Experience with other types of attacks/exploits? ● Experience with on-going commissioning or analytics? ● What logged items are helpful? ● Aware of Automated Tools?

Recommended

Cybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover Tridium
Cimetrics Inc
 
Cybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect Cimetrics
Cimetrics Inc
 
ClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPR
Mike Peter
 
Cybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide Deck
Cimetrics Inc
 
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellDistributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Napier University
 
PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016
Erika Powell-Burson, MSIA, CISSP, CISA
 
Security in Mobile Computing
Security in Mobile ComputingSecurity in Mobile Computing
Security in Mobile Computing
MeghaSingla7
 
PCI presentation
PCI presentationPCI presentation
PCI presentation
Mahmoud Salaheldin
 

Recommended

Cybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover Tridium
Cimetrics Inc
 
Cybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect Cimetrics
Cimetrics Inc
 
ClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPR
Mike Peter
 
Cybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide Deck
Cimetrics Inc
 
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellDistributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Napier University
 
PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016
Erika Powell-Burson, MSIA, CISSP, CISA
 
Security in Mobile Computing
Security in Mobile ComputingSecurity in Mobile Computing
Security in Mobile Computing
MeghaSingla7
 
PCI presentation
PCI presentationPCI presentation
PCI presentation
Mahmoud Salaheldin
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
MLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
MLG College of Learning, Inc
 
Itir oct0714-network security-en
Itir oct0714-network security-enItir oct0714-network security-en
Itir oct0714-network security-en
KBIZEAU
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
MLG College of Learning, Inc
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171
Corserva
 
Contract Security Officer Services
Contract Security Officer ServicesContract Security Officer Services
Contract Security Officer Services
Anthony Noblett CISSP, CISA, CGEIT, CRISC, CCSK
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
MLG College of Learning, Inc
 
2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption
Bruno Motta Rego
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
MLG College of Learning, Inc
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
Schellman & Company
 
Information Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkInformation Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability Network
Blaz Ivanc
 
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Leonardo
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
Vivek Maurya
 
Ch01
Ch01Ch01
Ch01
Alitta Aisyawati
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 
DNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized Security
DNSFilter
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
John Gilligan
 
Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network
Sentry Global Technologies, LLC
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Security
primeteacher32
 
Network management ppt
Network management pptNetwork management ppt
Network management ppt
DheerajPachauri
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and Auditing
Amith Reddy
 
ST UNIT-1.pptx
ST UNIT-1.pptxST UNIT-1.pptx
ST UNIT-1.pptx
GhanaVishnu
 

More Related Content

What's hot

Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Leonardo
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 

What's hot (20)

Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
 
Itir oct0714-network security-en
Itir oct0714-network security-enItir oct0714-network security-en
Itir oct0714-network security-en
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171
 
Contract Security Officer Services
Contract Security Officer ServicesContract Security Officer Services
Contract Security Officer Services
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
 
Information Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkInformation Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability Network
 
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
 
Ch01
Ch01Ch01
Ch01
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
DNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized Security
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
 
Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Security
 
Network management ppt
Network management pptNetwork management ppt
Network management ppt
 

Similar to Cybersecurity Summit AHR20 Detect KMC

Software reliability & quality
Software reliability & qualitySoftware reliability & quality
Software reliability & quality
Nur Islam
 
Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5
tafinley
 
Quality Analyst Training - Gain America
Quality Analyst Training - Gain AmericaQuality Analyst Training - Gain America
Quality Analyst Training - Gain America
GainAmerica
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12
jemtallon
 

Similar to Cybersecurity Summit AHR20 Detect KMC (20)

IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and Auditing
 
ST UNIT-1.pptx
ST UNIT-1.pptxST UNIT-1.pptx
ST UNIT-1.pptx
 
Software reliability & quality
Software reliability & qualitySoftware reliability & quality
Software reliability & quality
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkata
 
Cv 1
Cv 1Cv 1
Cv 1
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
 
Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5
 
Software testing and introduction to quality
Software testing and introduction to qualitySoftware testing and introduction to quality
Software testing and introduction to quality
 
Quality Analyst Training - Gain America
Quality Analyst Training - Gain AmericaQuality Analyst Training - Gain America
Quality Analyst Training - Gain America
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12
 
SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
 
Object oriented sad 6
Object oriented sad 6Object oriented sad 6
Object oriented sad 6
 
Caa ts
Caa tsCaa ts
Caa ts
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
 
Day1
Day1Day1
Day1
 
Effects of IT on internal controls
Effects of IT on internal controlsEffects of IT on internal controls
Effects of IT on internal controls
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural Analytics
 

More from Cimetrics Inc

More from Cimetrics Inc (18)

BrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptxBrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptx
 
Cybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet InternationalCybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet International
 
Cybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify TotemCybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify Totem
 
Cybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework CimetricsCybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework Cimetrics
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
 
BACnet and Metering
BACnet and MeteringBACnet and Metering
BACnet and Metering
 
Analytika educational and research facility case study
Analytika educational and research facility case study Analytika educational and research facility case study
Analytika educational and research facility case study
 
Jefferson University Currents
Jefferson University CurrentsJefferson University Currents
Jefferson University Currents
 
BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP
 
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
 
Bringing transparency to buildings.
Bringing transparency to buildings.Bringing transparency to buildings.
Bringing transparency to buildings.
 
IoT Affects BACnet How?
IoT Affects BACnet How?IoT Affects BACnet How?
IoT Affects BACnet How?
 
5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the Cloud5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the Cloud
 
BACnet/IP good field implementation practices
BACnet/IP good field implementation practicesBACnet/IP good field implementation practices
BACnet/IP good field implementation practices
 
BACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons LearnedBACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons Learned
 
New England BACnet Users Meeting
New England BACnet Users MeetingNew England BACnet Users Meeting
New England BACnet Users Meeting
 
Building a BACnet Product
Building a BACnet ProductBuilding a BACnet Product
Building a BACnet Product
 
Analytika - Research University case study
Analytika - Research University case studyAnalytika - Research University case study
Analytika - Research University case study
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Recently uploaded (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Cybersecurity Summit AHR20 Detect KMC

  • 1.
  • 2. New Deal 2020 Dave Bohlmann - KMC Controls DETECT
  • 3. Detect: Three Main Functions Per the Framework: ● Detect Anomalies and Events (in a timely fashion) ● Continuous Monitoring (threats are always there) ● Maintain Processes and Procedures (exploits are always changing) These need to be done at different levels: ● Different types of attacks and detection methods are needed at different levels ● Requires cross-functional Team approach Defense in Depth
  • 4. Detect: What to Detect? Similarities with IT/OT Systems: ● Malware installed or being executed ● Multiple failed attempts to login ● Unusual traffic patterns or user activity ● Attempts to cross segmented network boundaries Differences for OT Systems: ● Attacks use much less data ● Attacks use small commands to do big (and BAD) things Need To Know How The System Specifications and Requirements
  • 5. Detect: Continuous Monitoring Automated Tools: ● Keep everything up to date ● Insure configuration is correct ● Use the right tool for the right job Automanual Tools: ● Audit log inspection ● Verification of Process Results Security Detection Also Helps to Verify Operations
  • 6. Detect: Maintaining Security ● On-Going Commissioning ● Additions & Changes to the System Require Security Reviews ● Continual Training
  • 7. Detect: Questions ● Experience involving IT & OT together? ● Experience with other types of attacks/exploits? ● Experience with on-going commissioning or analytics? ● What logged items are helpful? ● Aware of Automated Tools?