Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
The 10 Commandments of Protecting Your
Control Network and Assets
Ilan Shaya
CEO, ICS Security
• Many of SCADA critical components different from the one they have been
designed for.
• We will explore different archit...
5
A Typical ICS Architecture
Commandment #1: Identification
6
Conduct a risk analysis
Develop an uderstanding of all connections to the
SCADA network.
...
7
Identify Internal Connections
Commandment #1: Identification
8
Identify External Connections
9
Disconnect Unnecessary Connections to the
SCADA Network
Isolate the SCADA network from other
network connections to as g...
Perform Penetration tests
Perform Vulnerability assessment
Find all weaknesses.
implement security measures
10
2 Security ...
11
2 Perform Security Assessment of Remaining
Connections
Systems can be exposed to attack
through default network services
Remove or disable unused services
Perform risk assessmen...
Do not rely on proprietary protocols.
Demand security protection from the vendors
13
4 Propriety Protocols are Unsafe!
Demand product patches or upgrades from
the vendors.
14
5 Implement the Security Features Provided by Device and
System Ve...
15
5 Implement the Security Features Provided by
Device and System Vendors
Strong authentication
Disable inbound access
16
6 Establish Strong Controls Over Any Medium that
is used as a Backdoor int...
Establish an intrusion detection strategy
Create Incident response procedures
Audit daily system logs.
17
6 IDS Implementa...
Implement internal and external intrusion detection systems and
establish 24-hour-a-day incident monitoring.
18
Create technical audits of SCADA devices.
Analyze identified vulnerabilities.
Retest the system.
19
7 Auditing SCADA Devic...
Document an information
security architecture.
20
20
7 Documentation of Critical SCADA Functions
Conduct a physical security survey.
Identify and assess any source of information
Identify and eliminate single points of ...
Hardware and software.
Pay attention to hardware or software changes.
22
9 Establish Effective Configuration Management Pr...
Establish a disaster recovery.
Conduct System backups.
23
10 Establish System Backups and Disaster Recovery Plans
ICC 2020: The 10 Commandments of Protecting Your Control Network and Assets
ICC 2020: The 10 Commandments of Protecting Your Control Network and Assets
ICC 2020: The 10 Commandments of Protecting Your Control Network and Assets
Upcoming SlideShare
Loading in …5
×
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Download to read offline

ICC 2020: The 10 Commandments of Protecting Your Control Network and Assets

Download to read offline

When it comes to cyber defense for industrial control networks, there seems to be an overwhelming sea of information. Join ICS Security for this session on cyber defense, breaking down the challenges plant owners and system integrators face and the protective measures they can take. This session will also take a look at SPARTA (SCADA Protection And Real Time Alerts) and how it’s helping to prevent most cyber attacks.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

ICC 2020: The 10 Commandments of Protecting Your Control Network and Assets

  1. 1. The 10 Commandments of Protecting Your Control Network and Assets
  2. 2. Ilan Shaya CEO, ICS Security
  3. 3. • Many of SCADA critical components different from the one they have been designed for. • We will explore different architectures and provide suggestions for a secured ICS architecture. Introduction 4
  4. 4. 5 A Typical ICS Architecture
  5. 5. Commandment #1: Identification 6 Conduct a risk analysis Develop an uderstanding of all connections to the SCADA network. Identify and evaluate different types of connections. Identify all Connections to SCADA Networks
  6. 6. 7 Identify Internal Connections Commandment #1: Identification
  7. 7. 8 Identify External Connections
  8. 8. 9 Disconnect Unnecessary Connections to the SCADA Network Isolate the SCADA network from other network connections to as great a degree as possible Any connection to another network introduces security risks In case of high need to connect the CS network with the Enterprise network there is a need to use DMZ and Data warehousing
  9. 9. Perform Penetration tests Perform Vulnerability assessment Find all weaknesses. implement security measures 10 2 Security Assessment of Remaining Connections
  10. 10. 11 2 Perform Security Assessment of Remaining Connections
  11. 11. Systems can be exposed to attack through default network services Remove or disable unused services Perform risk assessment for any new service. 12 3 Hardening by SCADA System
  12. 12. Do not rely on proprietary protocols. Demand security protection from the vendors 13 4 Propriety Protocols are Unsafe!
  13. 13. Demand product patches or upgrades from the vendors. 14 5 Implement the Security Features Provided by Device and System Vendors
  14. 14. 15 5 Implement the Security Features Provided by Device and System Vendors
  15. 15. Strong authentication Disable inbound access 16 6 Establish Strong Controls Over Any Medium that is used as a Backdoor into the SCADA Network 16
  16. 16. Establish an intrusion detection strategy Create Incident response procedures Audit daily system logs. 17 6 IDS Implementation 17
  17. 17. Implement internal and external intrusion detection systems and establish 24-hour-a-day incident monitoring. 18
  18. 18. Create technical audits of SCADA devices. Analyze identified vulnerabilities. Retest the system. 19 7 Auditing SCADA Devices and Networks
  19. 19. Document an information security architecture. 20 20 7 Documentation of Critical SCADA Functions
  20. 20. Conduct a physical security survey. Identify and assess any source of information Identify and eliminate single points of failure Do not allow “live” network access points at remote, unguarded sites simply for convenience 21 8 Security Assessment of Physical and Remote Sites Connected to SCADA Network
  21. 21. Hardware and software. Pay attention to hardware or software changes. 22 9 Establish Effective Configuration Management Processes
  22. 22. Establish a disaster recovery. Conduct System backups. 23 10 Establish System Backups and Disaster Recovery Plans

When it comes to cyber defense for industrial control networks, there seems to be an overwhelming sea of information. Join ICS Security for this session on cyber defense, breaking down the challenges plant owners and system integrators face and the protective measures they can take. This session will also take a look at SPARTA (SCADA Protection And Real Time Alerts) and how it’s helping to prevent most cyber attacks.

Views

Total views

107

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

24

Shares

0

Comments

0

Likes

0

×