Aare reintam estonia_ciip_activites

•

0 likes•462 views

This document outlines practical critical infrastructure and information protection (CIIP) activities in Estonia. It discusses building a CIIP community through regular meetings and training, conducting security assessments of vital service providers to evaluate their security levels, and developing legislation and guidelines to regulate CIIP. The goal is to protect 43 vital services, including electricity, data communications, water, and air navigation, from cyber incidents that could interrupt these services and impact the economy.

Technology Business

www.ria.ee
FOR OFFICIAL USE ONLY
Estonian
Overview of practical CIIP
activities in EE
Aare Reintam
ISKE area manager
CIIP unit

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Outline of my talk
• What is the aim of protecting CII?
• Community building
• Activities - security assessments and port
scanning
• Legislation, regulations, ICS/SCADA guidelines

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
When talking about CII protection
• We mean vital services that depend on IT
systems
• Electricity supply (production, transmission,
distribution)
• Data communications
• Water supply and sewerage
• Air navigation service
• …
• 43 vital services in total

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
CII Incidents and impact on economy
• Some examples from this year CII incidents in Europe
Sector Time Impact Reason
Energy Sept 2013 2,5 hours the hole
county electricity
distribution was
interrupted
Software error
Railway
transport
March
2013
3 hours long
Interruption of train
service between two
main cities in Europe
Optical cable breakage.
Trains leading dispatcher
was unable to carry out
work and had to stop the
traffic
Air
transport
August
2013
3 hours interruption in
X city air travel service.
No planes could land.
Flight control software
error.

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Community building
• CIIP lead (expert / mid-management level)
• SCADA workgroup
• CII protection council
• Annual CIIP conference
• CERT-EE lead (expert level)
• Government system administrators
• ISP & hosting abuse handlers
• CERT + CIIP joint events
• 0ct0b3rf3st
• EISA management lead:
• Quarterly reports to high government officials
• Seminars for management

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
How to keep communities
running?
• Regular meetings on interesting topics
• Share information
• State sponsored training, seminars,
conferences etc.
• 5 day advanced SCADA security
• Netflow, IDS, logging
• Managing small office networks (SOHO)
• …
• Social events

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Security assessment projects
• Find out what is the “real” security level of
vital service provider
• Based on attack scenarios
• Verifying them with penetration testing
• State sponsored
• We are using 3rd party consultants

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Sample security assessment task
list
• Information gathering from public sources
• Corporate LAN security assessment
(Windows domain, servers, workstations, Wi-
Fi etc.)
• Network perimeter testing (from corporate
<-> SCADA <-> control network)
• Assessment of SCADA servers, operator
workstation etc.
• Remote access to networks (VPN)
• Physical security

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Finding CII equipment from the
Internet
• Locating possibly vulnerable devices before
the “bad guys”
• Notifying the owner and explaining the risk
• Using shodanhq.com and other tools

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
Legislation & guidelines
• We are giving input to Ministry of justice to
amend appropriate legislation.
• Security measure regulation is established:
• Security responsibilities have to be in place when
providing vital services
• Implement security standard (ISO 27001, our
own local standard “ISKE” or industry specific)
• ICS/SCADA security guidelines
• 25 security controls

www.ria.ee
FOR OFFICIAL USE ONLY
FOR OFFICIAL USE ONLY
To sum up
• Incidents happen on daily basis
• Only legislation is not enough
• There has to be balanced responsibility
between state and service providers
• People are important

Thank You!
www.ria.ee
Aare Reintam
Aare.reintam@ria.ee

This document discusses the impact of information and communication technologies (ICT) on various aspects of society. It describes how ICT is used for home entertainment through devices like televisions, music players, and gaming consoles. It also discusses how ICT enables online auctions, booking travel and events, accessing government and educational services, and is used for teaching and learning in schools. The document notes both benefits and potential issues of ICT use, such as increased access for disabled individuals but also a risk of a growing digital divide between those who can and cannot access online resources. It also mentions risks of computer fraud and antisocial uses of ICT like spreading viruses.

Experience and perspective_of_security_installation

Om Kumar

This document discusses the experience and perspective of Edward Donelan on security installation opportunities. It provides statistics on the security industry such as CCTV and access control becoming the top sources of revenue. It also notes that homeland security efforts have substantially impacted large industrial security installations. The "sweet spot" for security contractors is $1-4.9 million in annual revenues with average gross profit margins of 40.3% on CCTV installations. Remote video and networked video are in high demand.

Context-aware Automotive Intrusion Detection using Reference Models

Armin Wasicek

Cyber-Physical attacks impact the physical domain by manipulating the cyber domain and vice versa. Checking only cyber properties like CAN message frequency might miss important attack vectors like manipulations of the control system. Examples are chip-tuning and power-boxing. IDS needs to target attack on the physical part. We solve this by comparing actual behavior of the CPS to a data-driven reference model, thus, enabling misbehavior detection.

IoT and the Impact on Roadside IP Networking

Alcatel-Lucent Enterprise

The future ahead is paved with technology - technology to advance the safety and efficiency of travelers on the highways and IoT is a big part of this future. This presentations offers strategic advice on how to deal with the onslaught of IoT for those managing ITS networks Alcatel-Lucent Enterprise helps connect transportation subsystems with technology that works for all users of public transportation, public roads, and services.

From potatoes to beer, IoT is everywhere by Dr. Srđan Krčo

Bosnia Agile

Cyber Security in Smart Buildings

GAURAV. H .TANDON

Smart buildings use automated systems and sensors to control operations like HVAC, lighting, and security. However, connecting these systems also introduces cybersecurity vulnerabilities. As buildings add more internet-connected devices, they provide more entry points for hackers to potentially access sensitive building systems and data. Cyber criminals are increasingly targeting smart buildings due to their growth and interconnected nature, which could allow access to security cameras, elevators, and other building operations if networks are breached.

Industrial Automation Control Systems Cybersecurity Certification. Chapter II

Javier Tallón

The document summarizes a proposal for an EU Industrial Automation and Control Systems (IACS) Components Cybersecurity Certification Scheme (ICCS). It introduces Georgios Theodoridis from the EC and Jose Ruiz from jtsec who are involved in developing the ICCS. It then outlines the ICCS, including its goals of increasing EU cybersecurity and the internal market through a harmonized certification approach. The ICCS would define common certification criteria and assurance levels for IACS components and recommend how to implement the scheme in line with the EU Cybersecurity Act.

CIMS is a system for remotely monitoring civilian infrastructure like bridges, buildings, and roads. It collects data from sensors at remote sites and transmits it securely to servers where it is stored and made accessible online. The system allows nearly continuous monitoring of infrastructure with minimal site visits required after initial installation. Users can access data and images collected by the system through a web portal.

Setting up network in an office

Md. Tashnim

CyberSecurity Best Practices for the IIoT

Creekside Marketing Group, LLC

In today’s connected world, cyber security is a topic that nobody can afford to ignore. In recent years the number and frequency of attacks on industrial devices and other critical infrastructure has risen dramatically. Recent news stories about hackers shutting down critical infrastructure have left many companies wondering if they are vulnerable to similar attacks. In this webinar we will discuss the most common security threats and unique challenges in securing industrial networks. We will introduce the current standards and share some useful resources and best practices for addressing industrial cyber security. Key Takeaways: 1. Gain perspective regarding common security threats facing industrial networks. 2. Learn about the relevant standards governing industrial cyber security. 3. Increase understanding of some best practices for securing industrial networks.

IoT in ITS: Network Impacts

Alcatel-Lucent Enterprise

CIR Conferences - Arrowhead

Justin Hayward

This document discusses engineering IoT automation for smart grids. It summarizes the presentation by Professor Jerker Delsing on the topic. Some key points include: - Current production automation systems are rigid and inflexible, while digitization requires dynamic and flexible systems of systems. - The Arrowhead framework aims to simplify engineering of IoT/SoS automation by handling lower layer complexity and enabling autonomous interoperability. This can significantly reduce engineering time. - Security is a major challenge given past attacks on industrial control systems, but open source tools and the Arrowhead framework may help address this issue. - There is still a gap in tools for engineering large-scale cyber-physical systems of systems, but the

Arpan pal u-world

Arpan Pal

This document discusses using ubiquitous devices like mobile phones and set top boxes as gateways for internet-of-things applications. It describes a road monitoring application that uses sensors in mobile phones to detect potholes and bumps. It also outlines a home monitoring solution that uses a set top box as a gateway to monitor energy and water usage through smart meters and detect issues like water leaks through sensors. The document concludes by discussing intelligent user interfaces and using the most common devices like phones, TVs and computers as interfaces.

Presentation IndiciaTech.nl - Preventing is Protecting

Antonio Chan

The document outlines threats to IT landscapes and solutions for endpoint security. It discusses key areas that can be threatened like cloud, WAN, LAN and endpoints. Common threats include zero-day exploits and advanced persistent threats. The document recommends solutions like network segregation, application whitelisting, boundary defense, monitoring and logging, and patch/lifecycle management. It provides details on endpoint protection techniques and research areas like monitoring and data security.

2019 punter data voor slimme systemen dvc 17okt-pdf

DVCSI

Dr. Ir. Teade Punter gave a presentation on using data for smart systems such as mobile robots and sensor networks. Smart systems sense their environment, make autonomous decisions, and control their environment. Examples include traffic control systems, greenhouse sensor grids, and digital factories. Smart systems use and produce data, and there are 5 guidelines for working with data: apply open interfaces to access data, clean and combine data to improve it, predict with data to enhance performance, secure data to protect systems, and apply data to develop new adaptable systems like a digital twin model of a warehouse with AGVs.

Innovation Summit 2015 - 5 - AirVantage

Thibault Cantegrel

This document discusses the benefits of using IoT platforms when prototyping and developing IoT applications. It outlines key features platforms provide like standards, development kits, tutorials, and assistance getting products to market. The document also examines what components are needed in an IoT platform, including data acquisition, storage, analytics, security, connectivity management and more. It notes industry projections that the number of connected devices will grow significantly in coming years.

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Track 5 session 1 - st dev con 2016 - need for security for iot

ST_World

- The document discusses the need for security in IoT devices as the number of connected devices grows exponentially to over 30 billion by 2020. - It outlines the various types of connected devices and assets that need protection including personal information, products, infrastructure and more. - The main threats to IoT systems are discussed as access to services and networks, device access, data theft and counterfeiting. Specific attacks like hacking exposed data and exploiting vulnerabilities are also covered. - The presentation recommends using cryptography, authentication, secure boot processes and other countermeasures to protect assets by mitigating vulnerabilities and reducing threats and risk. It emphasizes the importance of a layered security approach and managing risk for different asset values.

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Connecting the Digital Campus - Building Tomorrow's Universities

Alcatel-Lucent Enterprise

Agus bambang .a (x tkj-2) menginstall 2 os [windows 7 dan ubuntu]

pr0jectk

Final production piece v2

PJG123

What's hot

Civilian Infrastructure Monitoring System Generic

Agincourt Business Services

Setting up network in an office

Md. Tashnim

CyberSecurity Best Practices for the IIoT

Creekside Marketing Group, LLC

IoT in ITS: Network Impacts

Alcatel-Lucent Enterprise

CIR Conferences - Arrowhead

Justin Hayward

Arpan pal u-world

Arpan Pal

Presentation IndiciaTech.nl - Preventing is Protecting

Antonio Chan

2019 punter data voor slimme systemen dvc 17okt-pdf

DVCSI

Innovation Summit 2015 - 5 - AirVantage

Thibault Cantegrel

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

Track 5 session 1 - st dev con 2016 - need for security for iot

ST_World

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

International Journal of Network Security & Its Applications (IJNSA)

IJNSA Journal

Call for Papers - International Journal of Network Security & Its Application...

IJNSA Journal

Connecting the Digital Campus - Building Tomorrow's Universities

Alcatel-Lucent Enterprise

What's hot (20)

Civilian Infrastructure Monitoring System Generic

Setting up network in an office

CyberSecurity Best Practices for the IIoT

IoT in ITS: Network Impacts

CIR Conferences - Arrowhead

Arpan pal u-world

Presentation IndiciaTech.nl - Preventing is Protecting

2019 punter data voor slimme systemen dvc 17okt-pdf

Innovation Summit 2015 - 5 - AirVantage

International Journal of Network Security & Its Applications (IJNSA)

Track 5 session 1 - st dev con 2016 - need for security for iot

Call for Papers - International Journal of Network Security & Its Application...

International Journal of Network Security & Its Applications (IJNSA)

Call for Papers - International Journal of Network Security & Its Application...

Connecting the Digital Campus - Building Tomorrow's Universities

Viewers also liked

Agus bambang .a (x tkj-2) menginstall 2 os [windows 7 dan ubuntu]

pr0jectk

Final production piece v2

PJG123

9 ways to improve your sales team

InsynQ-inc

Defining an audience copy

PJG123

This document discusses different methods for defining and researching audiences for media products. It covers quantitative research which uses numerical data to analyze who purchases products and qualitative research which uses open-ended questions to understand opinions, values and demographics. Some key audience definition factors discussed include socio-economic status, psychographics, geodemographics, age, gender, whether a target audience is niche or mainstream. The advantages and disadvantages of each research method are also summarized.

02408b

Francisco Pinheiro

Video Wagnerwagneragp

01824d

Francisco Pinheiro

1) Há dúvidas sobre a transferência da área de produção do Proderj para o Serpro devido a gastos de R$ 230 mil para adaptação do espaço e R$ 720 mil já gastos anteriormente, totalizando quase R$ 1 milhão. 2) Enquanto isso, faltam leitos e profissionais de saúde para combater uma epidemia de dengue no Rio de Janeiro. 3) A ASCPDERJ solicitou nova reunião com o presidente do Proderj para debater 6 pontos, incluindo a mudança para

WSO2Con US 2013 - Connected Business - making it happen

WSO2

The document discusses the drive towards connected business and making it happen. It describes motivations like Moore's law for data, the growth of app stores and APIs, and the rise of the internet of things. The key aspects of connected business are connecting internal systems and partners to create a platform for internal and external innovation, and virtualizing data, functions and processes with cloud-based approaches. Milestone planning with independent, time- or function-based milestones is recommended to pursue the vision in a structured way.

Smart room home automation

lynn li

WSO2Con US 2013 - APIs Everywhere

WSO2

The document discusses how APIs have revolutionized businesses and apps. It notes that while many enterprises have exposed APIs and seen value, typical SOA deployments focus on implementation rather than API consumption. The document advocates for an API-centric approach where services are designed as APIs from the start with capabilities for discovery, documentation, security etc. It outlines WSO2's API management platform and vision to bring API management capabilities across their products and embed them in other platforms to support exposing all services as APIs.

Julia Didenko - Donetsk Institute of Information

GazetaWyborcza

The document summarizes the founding and goals of the NGO "Donetsk institute of information" and the DonbasPublicTV (DPTV) initiative. The NGO was founded in 2009 by journalists and volunteers to provide objective information on the political, economic, and social situation in the Donetsk region without censorship. DPTV was launched in March 2014 as an independent public TV online by Donbas journalists to inform civilians in eastern Ukraine where access to media is hindered by conflict. DPTV aims to promote open and independent media in the region through TV programs, video projects, and a journalist network across Donbass cities.

Andrew Haggard - #PutinAtWar

GazetaWyborcza

How We Use GitHub

NYC DevShop

NODEjs Lesson13dmodeldiy

The thrilling potential of sixth sense technology

3dmodeldiy

Киберпреступность отступает?

S.E. CTS CERT-GOV-MD

Symantec (2)S.E. CTS CERT-GOV-MD

Prezentare compartiment securitatea (2)

S.E. CTS CERT-GOV-MD

Paweł Ławiński - Jedna opowieść, cztery różne platformy

GazetaWyborcza

Moldova cyber security 02.10.2013 rr

S.E. CTS CERT-GOV-MD

The document discusses the challenges small nations face in building cyber security. It notes that understanding the new cyber reality, allocating limited resources across different government agencies and ministries, and managing the complexity of cyber threats are some of the main challenges. The document also provides a breakdown of ICT positions across different Estonian ministries and agencies to illustrate the resource constraints small nations face.

Viewers also liked (20)

Agus bambang .a (x tkj-2) menginstall 2 os [windows 7 dan ubuntu]

Final production piece v2

9 ways to improve your sales team

Defining an audience copy

02408b

Video Wagner

01824d

WSO2Con US 2013 - Connected Business - making it happen

Smart room home automation

WSO2Con US 2013 - APIs Everywhere

Julia Didenko - Donetsk Institute of Information

Andrew Haggard - #PutinAtWar

How We Use GitHub

NODEjs Lesson1

The thrilling potential of sixth sense technology

Киберпреступность отступает?

Symantec (2)

Prezentare compartiment securitatea (2)

Paweł Ławiński - Jedna opowieść, cztery różne platformy

Moldova cyber security 02.10.2013 rr

Similar to Aare reintam estonia_ciip_activites

Automotive Cyber-Security Insights learned from IT and ICS/SCADA

Gilad Bandel

The thesis presented here is that we can look back at three (not so) very different computing and network environments, study and analyze their histories and deduct what is expected to come in an unrelated field. Specifically, we shall review the analogies between the IT (Information Technologies) networks, OT (Operational Technologies) – ICS (Industrial Control System)/SCADA (Supervisory Control and Data Acquisition) and the automotive cyber–security protection solutions trying to anticipate the future of the automotive cyber–security market based on similarities from the IT and ICS/SCADA behavior. The claim is that history will repeat itself and we can safely investigate the distant past of the IT world, the more recent ICS/SCADA field, review the status of the automotive cyber-security and anticipate the future of things to come in this field. Furthermore, the trends predicted here will be probably valid for additional emerging fields such as other transportation fields (railways, maritime and aviation), IoT (Internet of Things) IIoT (Industrial Internet of Things), smart cities, building management systems, etc. The lecture will try to assist automotive cyber security decision makers to direct their efforts in the most effective and efficient fashion, evade mistakes that can be avoided. Audience will be provided with the technological and perspective from several points of view, comparing the IT, ICS/SCADA and automotive industries, trying to guide the automotive cyber-security direction for best course of action based on past history, current situation and future prediction.

European Critical Internet Infrastructure: past, present and future challenges

European Union Agency for Network and Information Security (ENISA)

Connectivité temps réel et bi-directionnelle pour solutions IOT

Solace

The document discusses Solace and how it provides real-time bidirectional connectivity for IoT solutions. It outlines Solace's event mesh architecture, which provides uniform connectivity across IoT, edge, cloud and enterprise applications. This allows for massive scalability, security, and routing of data and commands between devices and applications. Use cases discussed include connected cars, smart cities, industrial IoT, and cloud-to-cloud scenarios.

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)

TI Safe

The document discusses modern cybersecurity and operational visibility for industrial control networks. It outlines some of the challenges in protecting industrial control networks, including that systems were previously isolated, use proprietary protocols, and cybersecurity was less rigorous. It emphasizes that operational visibility is critical for cybersecurity as you cannot protect what you cannot see. The document then discusses using Nozomi Networks' solutions to gain visibility into networks and assets, detect malware attacks, and provide hybrid threat detection approaches for industrial control systems. Case studies are presented on network visualization and monitoring, asset discovery and inventory, and hybrid ICS threat detection.

CS5032 Lecture 20: Dependable infrastructure 2

John Rooksby

The document discusses critical infrastructure and control systems. It focuses on SCADA systems which are commonly used to monitor and control infrastructure. The document outlines concerns about the security and dependability of SCADA systems as they increasingly rely on standard IT technologies. It then discusses the internet as digital infrastructure and notes concerns about the resilience of the internet, citing studies that found the internet could experience failures without proper protections and understanding of its components. The document recommends better understanding failures, further resilience research, promoting good practices, and greater policymaker engagement.

ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2

Kyle Lai

The document summarizes China's new Cybersecurity Law and its potential impact on global businesses. It provides definitions of key terms in the law and outlines some of the law's main provisions, such as data localization requirements for critical information infrastructure operators and penalties for cyber attacks on Chinese infrastructure from foreign groups. The law establishes China's sovereignty over networks located within its borders and aims to strengthen protections for network operations, information, and critical infrastructure.

Integration of Technology & Compliance Presented by John Heintz, CPS Energy

TheAnfieldGroup

This document provides an overview and history of CPS Energy, a municipally owned energy utility in San Antonio, Texas. It discusses CPS Energy's assets and operations, including its generation facilities, transmission and distribution infrastructure, and customer base. The document also summarizes the Enterprise IT Security organization's efforts to improve security practices using the Forrester Information Security Maturity Model. It identifies key security challenges and the goal of moving practices towards a more optimized level of maturity. Additional sections cover compliance activities for control systems and the future of securing these environments.

Integration of Technology & Compliance Presented by John Heintz, CPS Energy

stacybre

This document provides an overview and history of CPS Energy, a municipally owned energy utility in San Antonio, Texas. It discusses CPS Energy's assets and operations, including its generation facilities, transmission and distribution infrastructure, and customer base. The document also summarizes the Enterprise IT Security organization's efforts to improve security practices using the Forrester Information Security Maturity Model. It identifies key security challenges and the goal of moving practices towards a more optimized level of maturity. Additional sections discuss managing NERC compliance for control systems and creating a management dashboard to improve support and prioritization of compliance activities.

Driving Efficiency with Splunk Cloud at Gatwick Airport

Splunk

Gatwick Airport, the busiest single runway airport in the world, needed to ensure a high degree of efficiency for a record-breaking 925 daily flights and 38 million annual passengers. This presentation covers how they: - Combine historical fact with "in the moment" data and events to predict success or failure, enabling the operation to prevent issues before they occur - Support other organisations (e.g., airlines and ground handlers) with dashboards to improve their performance - Moved from "how did we do?" to "how are we doing?" and are on the edge of answering "How will we do?” - Plan to expand the use of Splunk Cloud in the future: tracking travel disruption, predicting passenger flow and getting real-time feedback via social media monitoring Also, learn why a cloud solution gives Gatwick Airport the agility and scalability to achieve what they need.

Get Mainframe Visibility to Enhance SIEM Efforts in Splunk

Precisely

The keys to effective security information and event management (SIEM) for IT environments include early detection, rapid response, and collaboration between all the platforms in your IT infrastructure. Yet many organizations struggle to effectively integrate their mainframe security needs with the rest of their IT environments. With Syncsort Ironstream®, Splunk users can easily monitor and effectively resolve security issues on the mainframe by opening real-time operational data in Splunk Enterprise Security. We’ll take you through common security and compliance challenges organizations face and how Ironstream® can work with Splunk to eliminate those security blind spots. View this webinar on-demand for a discussion about common security and compliance challenges organizations face and how Syncsort Ironstream® can work with Splunk to eliminate those security blind spots. Key topics include: • Proactive reporting to identify and solve problems before they happen • Providing appropriate visibility to ensure management support • Best practices for report types and presentation style

Minimizing Information Transparency

Usman Arshad

This document discusses various techniques to minimize transparency in information flow across computer networks. It begins by explaining how digital information is transmitted using the TCP/IP and OSI models. It then discusses tools like packet sniffers that can intercept network traffic. Various attacks that exploit transparency at different layers are described. Virtual private networks (VPNs) are presented as a method to secure information flow at the network layer through encryption. The document demonstrates traffic analysis with and without a VPN and discusses other strategies like Tor onion services and HTTPS. It concludes by addressing frequently asked questions about VPN services.

Legal and ethical aspects

CAS

This document discusses legal and ethical aspects of computer security. It covers topics like cybercrime and types of computer crimes. It also discusses challenges in cybercrime law enforcement and profiles of cybercriminals and victims. Intellectual property issues related to software, algorithms, databases and digital content are examined. The document also covers privacy issues and common criteria for privacy classification. Finally, it discusses professional responsibilities and codes of conduct in computing.

Connected roadways external launch feb26 revised_final.ptx

brigel529

The document discusses Cisco's Connected Roadways solution, which uses Internet of Everything technologies to improve transportation safety, mobility, and efficiency through vehicle-to-vehicle and vehicle-to-infrastructure communication. The solution architecture connects disparate intelligent transportation systems into a converged network and enables applications like transit signal prioritization, traffic management, and emergency response. Cisco partners with transportation solution providers to create an integrated ecosystem and provide services to help customers deploy and manage connected roadway systems.

Unit 1 IoT Fundamentals.pdf

ZoyaAli844417

This document outlines a course on IoT - Sensors and Devices. The course aims to expose students to fundamental concepts of microcontrollers and interfacing to help implement IoT in real-time. The course contains 6 units that cover IoT fundamentals, analyzing microcontroller usage, using sensors and actuators for requirements, communication protocols, cloud services, and conducting experiments safely and effectively. The course description provides more details on establishing a strong foundation for IoT implementation.

Cyber Security for SCADA and Networks - Sean McMillan

TWCA

Cybersecurity risks affect many systems including SCADA, networks, billing systems, and more. Major incidents include Stuxnet in 2010, Petya in 2017, and Blackenergy in 2015. Threats come from foreign adversaries, criminals, terrorists, and lone hackers. Over half of companies reported cyber incidents in 2017. Risks include unauthorized access, theft, equipment damage, and more. Guidance on cybersecurity comes from organizations like ICS-CERT, NIST, and ANSI. The NIST Cybersecurity Framework and ANSI/ISA 62443 provide approaches to identify risks and protect systems through detection, response, and recovery measures. Cybersecurity requires ongoing assessment, protection, and preparation given widespread

High speed electric sky pods for passenger and cargo presentation by link vue

Mahesh Chandra Manav

India is Witness and adopting High Speed, Comfort with Safety Surface and SKY High Transportation Like Bullet Train ,Hyper Loop(Capsule Type) POD Taxi Ground and Sky Elevated this will help us to reduce Time for Journey . Technology and Science ,Innovation and Successful Trail and Safety Certification all to gather many time High Investor who are in capable to take Risk in the Business. India Still no a Rich and capable to do Such risky investment always looking for international Partner . We have recent 4 Year Experience for Project on paper Hyper Loop ,and POD TAXI which is not shown any development . Plz Find Picture of SKY High SPEED POD Passenger Taxi Trail Run for 2.4 KM also planning for Cargo . Link Vue System Continues in process to gather latest technology updating and Share to our valued Customers. You can Invite us for Following for Design , Engineering , Selection of Genuine and Right Components which meet Technical and Economical ,Supply along with Installation Support. Electrical Safety Earthing ,Lightning ,Surge Protection , Industrial Plug Socket , Building Electrical Internal Wiring Free Joint Connectors, Socket for Power ,Data and Communication. Networking LAN, Fiber and Wireless Building Automation ,Data Logger , Protocol Convertor CCTV ,Fire Alarm ,Access Controls, Security Systems ,PIDS Solar PV Power Plant , High Energy Battery Storage Systems, Electric Vehicle Charging Infra. You can send Inquiry ,Web meeting manav.chandra@linkvuesystem.com M-9811247237 Mahesh Chandra Manav HOD Link Vue System Pvt Ltd India/Australia

How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...

Priyanka Aash

Breaches are at all time high. In this webinar learn the do's and don't of handling breach disclosure. Best practices of how to set up a bounty program . How to respond to responsible disclosures? Do's and Don'ts and learning from the industry. Key Points To Be Discussed: -How to build a vulnerability disclosure program? -What are various types of vulnerability disclosures programs? -When and when NOT to have a bug bounty program? -Do's and Don'ts for handling a breach disclosure

Module-1.pptx

ssuserb7947f

The document discusses Internet of Things (IoT) fundamentals including what IoT is, its genesis, how it relates to digitization, examples of IoT data analysis, and the impact of IoT. It then covers specific IoT applications and uses cases such as connected roadways, factories, buildings, and living creatures. It also discusses challenges with IoT such as network architecture, security, data management, and the convergence of IT and OT networks.

Critical Infrastructure and Security

Can Demirel

The document discusses security issues related to critical infrastructure and industrial control systems. It notes that attacks on critical infrastructure in the US have increased 17 times in the last 3 years, costing $113 billion. It then lists the various sectors that make up critical infrastructure and provides an overview of common industrial control systems like SCADA, PLCs, and protocols. The document outlines security risks to these systems and recommends security best practices like authentication, encryption, and auditing. It also lists some common tools used to analyze industrial control system security.

DEVNET-1145 How APIs are Driving City Digitization

Cisco DevNet

Smart-city solutions connected over an intelligent network platform are the foundation for city digitization. Cisco now offers application program interface (API) tools for developers to create applications for smart cities that frame and focus big-data streams, delivering relevant and timely content to improve city operations and enhance daily life. See how select visionary cities are already working with Cisco to leverage Smart+Connected Communities solutions and how an enormous opportunity now exists to develop applications that transform the data into useful information for city leaders, businesses, citizens and visitors as well as for use in other city processes. Cities are attracting new businesses and entrepreneurs and generating an economic boom in application development to meet urban service requirements of every stripe in cities today and broadly drive city digitization.

Similar to Aare reintam estonia_ciip_activites (20)

Automotive Cyber-Security Insights learned from IT and ICS/SCADA

European Critical Internet Infrastructure: past, present and future challenges

Connectivité temps réel et bi-directionnelle pour solutions IOT

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)

CS5032 Lecture 20: Dependable infrastructure 2

ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2

Integration of Technology & Compliance Presented by John Heintz, CPS Energy

Driving Efficiency with Splunk Cloud at Gatwick Airport

Get Mainframe Visibility to Enhance SIEM Efforts in Splunk

Minimizing Information Transparency

Legal and ethical aspects

Connected roadways external launch feb26 revised_final.ptx

Unit 1 IoT Fundamentals.pdf

Cyber Security for SCADA and Networks - Sean McMillan

High speed electric sky pods for passenger and cargo presentation by link vue

How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...

Module-1.pptx

Critical Infrastructure and Security

DEVNET-1145 How APIs are Driving City Digitization

More from S.E. CTS CERT-GOV-MD

System of security controls

S.E. CTS CERT-GOV-MD

Symantec (3)S.E. CTS CERT-GOV-MD

Solvit identity is the new perimeter

S.E. CTS CERT-GOV-MD

The document discusses identity and access management strategies for defending against advanced persistent threats (APTs). It outlines how APTs typically progress through four phases - reconnaissance, initial entry, escalation of privileges, and continuous exploitation. It then proposes a "defense-in-depth" approach using identity and access management capabilities to make initial penetration difficult, reduce privilege escalation, limit damage from compromised accounts, and aid in early detection and forensic investigation. Specific capabilities discussed include identity governance, least privilege access, shared account management, session recording, server hardening, and advanced authentication.

Criminalitatea cibernetică – provocare pentru aplicarea legii

S.E. CTS CERT-GOV-MD

SIS PREZENTARE CTS

S.E. CTS CERT-GOV-MD

Cyber security from military point of view

S.E. CTS CERT-GOV-MD

1) Cyber security is an important issue from a military perspective as modern militaries rely on information technology systems for many functions beyond just command and control, including logistics, research, and personnel records. 2) Cyber attacks can have kinetic consequences by disrupting infrastructure and causing property damage or loss of life, as seen in attacks on Estonia and Georgia. 3) Modern cyber weapons are developed using a combination of human hackers and software tools, analogous to how traditional weapons combine soldiers and technology like rifles.

CLOUD COMPUTING Security Risks or Opportunities

S.E. CTS CERT-GOV-MD

This document discusses cloud computing, specifically focusing on security risks and opportunities. It begins by outlining some of the benefits of cloud computing, such as reduced IT costs, no upfront investment, pay-as-you-go pricing, easy implementation, constant uptime, and improved performance and security. However, it also acknowledges potential risks like security issues, loss of control, and job cuts. The document emphasizes the importance of evaluating the specific cloud service provider, including their history, certifications, data center facilities, security measures, automation/self-service capabilities, service level agreements, and technical support. Overall, it argues that moving to the cloud can reduce costs but one must thoroughly vet the provider to understand the real security risks

Operarea md cert în reţea naţională de

S.E. CTS CERT-GOV-MD

GESTIONAREA RISCURILOR DE SECURITATE A INFORMAȚIEI

S.E. CTS CERT-GOV-MD

Penetration testing & Ethical Hacking

S.E. CTS CERT-GOV-MD

This document discusses penetration testing and ethical hacking. It provides an overview of penetration testing methodology and the services offered by Endava, including regular vulnerability scans, penetration tests, PCI assessments, security trainings, audits, and intrusion monitoring solutions. The presenter, Maxim Catanoi, is an IT security consultant at Endava with over 9 years of experience and multiple security certifications.

Cisco Secure X

S.E. CTS CERT-GOV-MD

CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses

S.E. CTS CERT-GOV-MD

The document discusses cyber security in the Moldovan government. It introduces the Cyber Security Center CERT-GOV-MD, which was created in 2010 to handle cyber incidents in Moldovan public administration systems. CERT-GOV-MD aims to provide a single point of contact, assist authorities and citizens with incidents, and coordinate responses. The document also notes challenges like lack of strategy and legal framework, as well as solutions CERT-GOV-MD provides like alerts, best practices, and incident handling.

Building Security Operation Center

S.E. CTS CERT-GOV-MD

The document discusses building a security operations center (SOC) and provides information on why an organization would build a SOC, how to establish the necessary skills and processes, and technology solutions like HP ArcSight that can be used. It describes how HP consultants have experience building SOCs for major companies and can help customers establish an effective SOC to monitor for security events, ensure compliance, and protect the organization. It provides details on how to structure a SOC, including defining roles and processes, implementing a security information and event management (SIEM) system, and establishing performance metrics to improve over time.

Symantec

S.E. CTS CERT-GOV-MD

More from S.E. CTS CERT-GOV-MD (14)

System of security controls

Symantec (3)

Solvit identity is the new perimeter

Criminalitatea cibernetică – provocare pentru aplicarea legii

SIS PREZENTARE CTS

Cyber security from military point of view

CLOUD COMPUTING Security Risks or Opportunities

Operarea md cert în reţea naţională de

GESTIONAREA RISCURILOR DE SECURITATE A INFORMAȚIEI

Penetration testing & Ethical Hacking

Cisco Secure X

CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses

Building Security Operation Center

Symantec

Recently uploaded

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...

Edge AI and Vision Alliance

For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/ Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit. The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers. Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.

WeTestAthens: Postman's AI & Automation Techniques

Postman

Columbus Data & Analytics Wednesdays - June 2024

Jason Packer

5th LF Energy Power Grid Model Meet-up Slides

DanBrown980551

5th Power Grid Model Meet-up It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology. Power Grid Model The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services. Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability. Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization. What to expect For the upcoming meetup we are organizing, we have an exciting lineup of activities planned: -Insightful presentations covering two practical applications of the Power Grid Model. -An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024. -An interactive brainstorming session to discuss and propose new feature requests. -An opportunity to connect with fellow Power Grid Model enthusiasts and users.

Building Production Ready Search Pipelines with Spark and Milvus

Zilliz

Introduction of Cybersecurity with OSS at Code Europe 2024

Hiroshi SHIBATA

I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems. The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS. Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application. I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe

Precisely

Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market. Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.

Serial Arm Control in Real Time Presentation

tolgahangng

Main news related to the CCS TSI 2023 (2023/1695)

Jakub Marek

An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers. The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 . The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .

Digital Marketing Trends in 2024 | Guide for Staying Ahead

Wask

https://www.wask.co/ebooks/digital-marketing-trends-in-2024 Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.

Nordic Marketo Engage User Group_June 13_ 2024.pptx

MichaelKnudsen27

Best 20 SEO Techniques To Improve Website Visibility In SERP

Pixlogix Infotech

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

saastr

Trusted Execution Environment for Decentralized Process Mining

LucaBarbaro3

System Design Case Study: Building a Scalable E-Commerce Platform - Hiike

Hiike

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Safe Software

Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency. During the hour, we’ll take you through: Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board. Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes. Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI. We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI. This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!

Taking AI to the Next Level in Manufacturing.pdf

ssuserfac0301

Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as: 1. How quickly AI is being implemented in manufacturing. 2. Which barriers stand in the way of AI adoption. 3. How data quality and governance form the backbone of AI. 4. Organizational processes and structures that may inhibit effective AI adoption. 6. Ideas and approaches to help build your organization's AI strategy.

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Alex Pruden

Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security. Paper Link: https://eprint.iacr.org/2024/257

JavaLand 2024: Application Development Green Masterplan

Miro Wengner

Recently uploaded (20)

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...

WeTestAthens: Postman's AI & Automation Techniques

Columbus Data & Analytics Wednesdays - June 2024

5th LF Energy Power Grid Model Meet-up Slides

Building Production Ready Search Pipelines with Spark and Milvus

Introduction of Cybersecurity with OSS at Code Europe 2024

HCL Notes and Domino License Cost Reduction in the World of DLAU

Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe

Serial Arm Control in Real Time Presentation

Main news related to the CCS TSI 2023 (2023/1695)

Digital Marketing Trends in 2024 | Guide for Staying Ahead

Nordic Marketo Engage User Group_June 13_ 2024.pptx

Best 20 SEO Techniques To Improve Website Visibility In SERP

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

Trusted Execution Environment for Decentralized Process Mining

System Design Case Study: Building a Scalable E-Commerce Platform - Hiike

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Taking AI to the Next Level in Manufacturing.pdf

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

JavaLand 2024: Application Development Green Masterplan

Aare reintam estonia_ciip_activites

1. www.ria.ee FOR OFFICIAL USE ONLY Estonian Overview of practical CIIP activities in EE Aare Reintam ISKE area manager CIIP unit

2. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Outline of my talk • What is the aim of protecting CII? • Community building • Activities - security assessments and port scanning • Legislation, regulations, ICS/SCADA guidelines

3. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY When talking about CII protection • We mean vital services that depend on IT systems • Electricity supply (production, transmission, distribution) • Data communications • Water supply and sewerage • Air navigation service • … • 43 vital services in total

4. www.ria.ee

5. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY CII Incidents and impact on economy • Some examples from this year CII incidents in Europe Sector Time Impact Reason Energy Sept 2013 2,5 hours the hole county electricity distribution was interrupted Software error Railway transport March 2013 3 hours long Interruption of train service between two main cities in Europe Optical cable breakage. Trains leading dispatcher was unable to carry out work and had to stop the traffic Air transport August 2013 3 hours interruption in X city air travel service. No planes could land. Flight control software error.

6. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Community building • CIIP lead (expert / mid-management level) • SCADA workgroup • CII protection council • Annual CIIP conference • CERT-EE lead (expert level) • Government system administrators • ISP & hosting abuse handlers • CERT + CIIP joint events • 0ct0b3rf3st • EISA management lead: • Quarterly reports to high government officials • Seminars for management

7. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY How to keep communities running? • Regular meetings on interesting topics • Share information • State sponsored training, seminars, conferences etc. • 5 day advanced SCADA security • Netflow, IDS, logging • Managing small office networks (SOHO) • … • Social events

8. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Security assessment projects • Find out what is the “real” security level of vital service provider • Based on attack scenarios • Verifying them with penetration testing • State sponsored • We are using 3rd party consultants

9. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Sample security assessment task list • Information gathering from public sources • Corporate LAN security assessment (Windows domain, servers, workstations, Wi- Fi etc.) • Network perimeter testing (from corporate <-> SCADA <-> control network) • Assessment of SCADA servers, operator workstation etc. • Remote access to networks (VPN) • Physical security

10. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Finding CII equipment from the Internet • Locating possibly vulnerable devices before the “bad guys” • Notifying the owner and explaining the risk • Using shodanhq.com and other tools

11. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Legislation & guidelines • We are giving input to Ministry of justice to amend appropriate legislation. • Security measure regulation is established: • Security responsibilities have to be in place when providing vital services • Implement security standard (ISO 27001, our own local standard “ISKE” or industry specific) • ICS/SCADA security guidelines • 25 security controls

12. www.ria.ee FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY To sum up • Incidents happen on daily basis • Only legislation is not enough • There has to be balanced responsibility between state and service providers • People are important

13. Thank You! www.ria.ee Aare Reintam Aare.reintam@ria.ee

Aare reintam estonia_ciip_activites

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Aare reintam estonia_ciip_activites

Similar to Aare reintam estonia_ciip_activites (20)

More from S.E. CTS CERT-GOV-MD

More from S.E. CTS CERT-GOV-MD (14)

Recently uploaded

Recently uploaded (20)

Aare reintam estonia_ciip_activites