SlideShare a Scribd company logo

Finmeccanica's cyber security experience at Ansaldo STS

Leonardo
Leonardo

Finmeccanica is Italy's largest manufacturer in the high technology sector and Ansaldo STS's largest shareholder. The document discusses cyber security strategies for railway signaling systems, distinguishing between vital systems that ensure safety and non-vital systems subject to cyber risks. It promotes a mature approach to cyber security including discovery and assessment, redesign to address gaps, and intelligence/analytics. Best practices include incident management, monitoring, and governance. Specific strategies proposed include enhancing monitoring through correlation, adding virtual patching and firewall logging, near real-time asset control, and lightweight security information and event management.

TechnologyBusiness
1 of 15
Download to read offline
About us: Finmeccanica CP EXPO Workshop - «Risks and Security Management in Logistics and Transports» Cyber Security in Railways Systems, Ansaldo STS experience – Part 2: Cyber Security Strategy and Design Relator: Joint work with: Daniele Debertol, PhD. Ermete Meda, InfoSec Manager Finmeccanica is Italy’s leading manufacturer in the high technology sector. Genova, 29 October 2013 Finmeccanica is the largest shareholder in Ansaldo STS with a 40% stake. 1
Signaling Systems: Safety-to-Security relationships “Vital Systems” • RBC (Radio Block Center) • Interlocking Environment Proprietary Infrastructure that ensures Railway Safety is not subject to computer attack Vital Systems “Non-Vital Systems” • Centralized Traffic Control Systems (e.g. TMS), Automation Systems Environment • Commercial ICT Infrastructure undergoing Cyber Security Risks (Operational Continuity, Financial losses, Reputational damage) Non-Vital Systems Non-Vital Systems 2
… and between vital and non-vital layers Needs Protection… External Systems Non-vital layer Train Management System (TMS) Interlocking RBC Interlocking Vital layer ERTMS Euroradio T2 T1 Balise RBC: Radio-Block Center 3
Evolution and Characteristics of Railway Signaling Systems Technology Platforms In the Past Today Proprietary HW/SW Isolated Systems Dedicated Applications Structured Information Commercial low cost HW/SW TCP/IP Protocol Interconnected Systems Heterogeneous Services (E-mail, Info-web, VoIP, CCTV, …) Structured and unstructured Information Operating Environment Today Distributed ICT infrastructure spread over long distances, and unattended systems Connections between safety critical and non-safety critical layers External systems connected to signaling infrastructure Human factor (operators, maintainers and… passengers) 4
Cyber Space calling, Cyber Security knocking Cyber Security: protection of Cyber Space. But what is Cyber Space? Yesterday: many different environments, side-by-side Today: one single, big environment Consequences: Dynamic Threat Landscape in unique Cyber Domain Strategic & Tactical Cyber War Military Terrorism Politics Espionage Intellectual Property Organized Crime $ Vandalism & Hacktivism Ego, Curiosity Stuxnet, Operation Aurora, Botnets Zeus, Flame, Mandiant APT1 Report, AET attacks, Botnets, Phishing email DDoS attacks, Wikileaks, Anonymous 5
Mature Cyber Security Process 1 Discovery & Assessment • • • 2 HW/SW Review & Redesign • • • 3 Identify key risks Identify key assets Identify gaps Countermeasure rationalization Security Infrastructure Assessment Fill technology gaps Intelligence & Analytics • • • Monitoring & Management Improvement Big Data Security Analytics Real-time Intelligence feeds 3 Phase Approach 6
ICT Security Activities and Governance: Best Practices Incident Management Event Identification Countermeasures Effort 7
ICT Security Activities and Governance: real life Reactive countermeasures Reaction WTF is Detection … and guess what? … and Monitoring… Monitoring… Prevention going on??? (not excluding Forensics) Proactive countermeasures 8
Cyber Security: taking advantage of IT Building on top of Information Technology infrastructures, means that you get both its weaknesses, true, but its strenghts as well… … putting it the other way round: if a system is not secure by design – and they are not –, it will leave plenty of traces for you to follow! Leaving trace-routes behind 9
Strategy: enhance monitoring and correlate Content Filtering Virtual Patching AAA Firewalling IDS/IPS So many eyes… giving a very broad view (say, at 365°degrees… to stay safe)… OK… ° But where to look for? And for what? And who? 10
Perimeter Defence - Firewall shortcoming Signalling Plant_2 Signalling Plant_1 Signalling Plant_N ….. Firewall Module Firewall Module Firewall Module WAN Policy Installation Logs Traffic Firewall Module Management Console External Systems expected results from logs Solution: adding IPS/IDS and Log Correlation 11
Content Filtering: the do’s and the dont’s Operating system is static, meaning that you can’t change it too often (good…), but that you won’t be able to patch (at all) either, which is NO GOOD! Dirty Traffic Virtual Patcher Clean Traffic Clean Traffic Threats Treatment Analysis: find critical vulnerabilities directly exposed to possible attacks Remediation: identify (& block) specific packets for the above vulnerabilities Solution: adding Virtual Patching 12
Near Realtime Asset Control • not a performance- or availability-driven tool, though it may help • based on static asset database loaded offline at project time Repeat as needed • perform differential discovery onsite for database tuning • acknowledge variations that should be allowed • what is left, deal with: either a missing sheep, or a mismatched one, or… go, bark, there’s a wolf! Clean Traffic Clean Traffic GUI Monitoring subnet WAN Know your flock, and beware of wolves! Barkin’, at the very least 13
The russian peasant of SIEMs at work: fast and light Events Console Message Correlation Minimize False Positives Realtime response (no archiving) Novelty detection for scheme-in-the-chaos Correlation Engine Log Files Sensor_1 Sensor_2 … Sensor_n Log Correlation 14
The 11th hour (a.m.?) Do we simply wait for vulnerabilities to become actual threats or Can we advance from here, and provide for new services? Cyber Security = Defense line 15

Recommended

Monitoring the Data Center
Monitoring the Data CenterMonitoring the Data Center
Monitoring the Data CenterLancope, Inc.
 
Select idps
Select idpsSelect idps
Select idpsInfo-Tech Research Group
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman VelebaJan Fried
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions Dragos, Inc.
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 

Recommended

Monitoring the Data Center
Monitoring the Data CenterMonitoring the Data Center
Monitoring the Data CenterLancope, Inc.
 
Select idps
Select idpsSelect idps
Select idpsInfo-Tech Research Group
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman VelebaJan Fried
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions Dragos, Inc.
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 
Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersDragos, Inc.
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSMLG College of Learning, Inc
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsAnton Chuvakin
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Dr Robert D. Childs
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNorth Texas Chapter of the ISSA
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Alert Logic
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Rsa report v14
Rsa report v14Rsa report v14
Rsa report v14Nicholas Tan
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint ProtectionTrustmarque
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damentalSatria Ady Pradana
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 
S4x20 Forescout Presentation
S4x20 Forescout Presentation S4x20 Forescout Presentation
S4x20 Forescout Presentation Brian Proctor - GICSP, CISSP, CRISC
 
Activity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in FlandersActivity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in FlandersFlanders Investment & Trade
 
Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...Leonardo
 

More Related Content

What's hot

Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersDragos, Inc.
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsAnton Chuvakin
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNorth Texas Chapter of the ISSA
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Alert Logic
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint ProtectionTrustmarque
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...North Texas Chapter of the ISSA
 

What's hot (20)

Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS Defenders
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Rsa report v14
Rsa report v14Rsa report v14
Rsa report v14
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint Protection
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
 
S4x20 Forescout Presentation
S4x20 Forescout Presentation S4x20 Forescout Presentation
S4x20 Forescout Presentation
 

Viewers also liked

Activity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in FlandersActivity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in FlandersFlanders Investment & Trade
 
Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...Leonardo
 
Finmeccanica 3Q/9M 2014 Results Presentation
Finmeccanica 3Q/9M 2014 Results Presentation Finmeccanica 3Q/9M 2014 Results Presentation
Finmeccanica 3Q/9M 2014 Results Presentation Leonardo
 
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIES
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIESSelex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIES
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIESLeonardo
 
Finmeccanica Charter of Values
Finmeccanica Charter of ValuesFinmeccanica Charter of Values
Finmeccanica Charter of ValuesLeonardo
 
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011Leonardo
 
Finmeccanica 2014 First Half Results Presentation - update
Finmeccanica 2014 First Half Results Presentation - updateFinmeccanica 2014 First Half Results Presentation - update
Finmeccanica 2014 First Half Results Presentation - updateLeonardo
 
The Galileo Programme
The Galileo ProgrammeThe Galileo Programme
The Galileo ProgrammeLeonardo
 
Leonardo Corporate Brochure 14 06 2016
Leonardo Corporate Brochure 14 06 2016Leonardo Corporate Brochure 14 06 2016
Leonardo Corporate Brochure 14 06 2016Leonardo
 
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Francesco Flammini
 

Viewers also liked (10)

Activity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in FlandersActivity Guide Logistics: Business Scenarios for Logistics in Flanders
Activity Guide Logistics: Business Scenarios for Logistics in Flanders
 
Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...Finmeccanica: The Board of Directors approves the interim management report t...
Finmeccanica: The Board of Directors approves the interim management report t...
 
Finmeccanica 3Q/9M 2014 Results Presentation
Finmeccanica 3Q/9M 2014 Results Presentation Finmeccanica 3Q/9M 2014 Results Presentation
Finmeccanica 3Q/9M 2014 Results Presentation
 
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIES
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIESSelex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIES
Selex ES at CTExpo 2013- CYBER SECURITY APPLICATIONS FOR SMART COMMUNITIES
 
Finmeccanica Charter of Values
Finmeccanica Charter of ValuesFinmeccanica Charter of Values
Finmeccanica Charter of Values
 
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011
Finmeccanica: l’Assemblea degli Azionisti approva il bilancio 2011
 
Finmeccanica 2014 First Half Results Presentation - update
Finmeccanica 2014 First Half Results Presentation - updateFinmeccanica 2014 First Half Results Presentation - update
Finmeccanica 2014 First Half Results Presentation - update
 
The Galileo Programme
The Galileo ProgrammeThe Galileo Programme
The Galileo Programme
 
Leonardo Corporate Brochure 14 06 2016
Leonardo Corporate Brochure 14 06 2016Leonardo Corporate Brochure 14 06 2016
Leonardo Corporate Brochure 14 06 2016
 
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
 

Similar to Finmeccanica's cyber security experience at Ansaldo STS

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Laura Arrigo
 
Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortFrancis Yang
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!Priyanka Aash
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big DataRaffael Marty
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptxchWaqasZahid
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876Momita Sharma
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionEoin Keary
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake finalMinh Le
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiStonesoft
 

Similar to Finmeccanica's cyber security experience at Ansaldo STS (20)

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on Snort
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
Cyber Security in Power Systems
Cyber Security in Power SystemsCyber Security in Power Systems
Cyber Security in Power Systems
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptx
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
 

More from Leonardo

Leonardo - Technologies for a Safer Future.pdf
Leonardo - Technologies for a Safer Future.pdfLeonardo - Technologies for a Safer Future.pdf
Leonardo - Technologies for a Safer Future.pdfLeonardo
 
The Leonardo FY 2023 Preliminary Results Presentation
The Leonardo FY 2023 Preliminary Results PresentationThe Leonardo FY 2023 Preliminary Results Presentation
The Leonardo FY 2023 Preliminary Results PresentationLeonardo
 
Leonardo 3Q/9M Results Presentation
Leonardo 3Q/9M Results PresentationLeonardo 3Q/9M Results Presentation
Leonardo 3Q/9M Results PresentationLeonardo
 
Leonardo 1H 2023 Results
Leonardo 1H 2023 ResultsLeonardo 1H 2023 Results
Leonardo 1H 2023 ResultsLeonardo
 
Leonardo 1Q 2023 Results
Leonardo 1Q 2023 ResultsLeonardo 1Q 2023 Results
Leonardo 1Q 2023 ResultsLeonardo
 
Leonardo FY 2022 Results
Leonardo FY 2022 ResultsLeonardo FY 2022 Results
Leonardo FY 2022 ResultsLeonardo
 
Leonardo 3Q/9M 2022 Results
Leonardo 3Q/9M 2022 ResultsLeonardo 3Q/9M 2022 Results
Leonardo 3Q/9M 2022 ResultsLeonardo
 
Leonardo 2Q/1H2022 Results Presentation
Leonardo 2Q/1H2022 Results PresentationLeonardo 2Q/1H2022 Results Presentation
Leonardo 2Q/1H2022 Results PresentationLeonardo
 
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and UpdatesLeonardo
 
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...Leonardo
 
Leonardo 1Q 2022 Results
Leonardo 1Q 2022 ResultsLeonardo 1Q 2022 Results
Leonardo 1Q 2022 ResultsLeonardo
 
Leonardo FY2021 Results
Leonardo FY2021 ResultsLeonardo FY2021 Results
Leonardo FY2021 ResultsLeonardo
 
European Rotors - Certification by Simulation
European Rotors - Certification by SimulationEuropean Rotors - Certification by Simulation
European Rotors - Certification by SimulationLeonardo
 
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...European Rotors - Mission Management System’s Capabilities for Law Enforcemen...
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...Leonardo
 
European Rotors - Rotorcraft and VTOL Symposium
European Rotors - Rotorcraft and VTOL SymposiumEuropean Rotors - Rotorcraft and VTOL Symposium
European Rotors - Rotorcraft and VTOL SymposiumLeonardo
 
European Rotors - Contributing to the Swiss Innovation Day
European Rotors - Contributing to the Swiss Innovation Day European Rotors - Contributing to the Swiss Innovation Day
European Rotors - Contributing to the Swiss Innovation Day Leonardo
 
European Rotors - Helioffshore panel on Sustainable Aviation Fuel
European Rotors - Helioffshore panel on Sustainable Aviation FuelEuropean Rotors - Helioffshore panel on Sustainable Aviation Fuel
European Rotors - Helioffshore panel on Sustainable Aviation FuelLeonardo
 
European Rotors - PBN and GNSS for Rotorcraft Operations
European Rotors - PBN and GNSS for Rotorcraft OperationsEuropean Rotors - PBN and GNSS for Rotorcraft Operations
European Rotors - PBN and GNSS for Rotorcraft OperationsLeonardo
 
European Rotors - AW609 for HEMS Market
European Rotors - AW609 for HEMS MarketEuropean Rotors - AW609 for HEMS Market
European Rotors - AW609 for HEMS MarketLeonardo
 
Leonardo 3Q/9M 2021 Results
Leonardo 3Q/9M 2021 ResultsLeonardo 3Q/9M 2021 Results
Leonardo 3Q/9M 2021 ResultsLeonardo
 

More from Leonardo (20)

Leonardo - Technologies for a Safer Future.pdf
Leonardo - Technologies for a Safer Future.pdfLeonardo - Technologies for a Safer Future.pdf
Leonardo - Technologies for a Safer Future.pdf
 
The Leonardo FY 2023 Preliminary Results Presentation
The Leonardo FY 2023 Preliminary Results PresentationThe Leonardo FY 2023 Preliminary Results Presentation
The Leonardo FY 2023 Preliminary Results Presentation
 
Leonardo 3Q/9M Results Presentation
Leonardo 3Q/9M Results PresentationLeonardo 3Q/9M Results Presentation
Leonardo 3Q/9M Results Presentation
 
Leonardo 1H 2023 Results
Leonardo 1H 2023 ResultsLeonardo 1H 2023 Results
Leonardo 1H 2023 Results
 
Leonardo 1Q 2023 Results
Leonardo 1Q 2023 ResultsLeonardo 1Q 2023 Results
Leonardo 1Q 2023 Results
 
Leonardo FY 2022 Results
Leonardo FY 2022 ResultsLeonardo FY 2022 Results
Leonardo FY 2022 Results
 
Leonardo 3Q/9M 2022 Results
Leonardo 3Q/9M 2022 ResultsLeonardo 3Q/9M 2022 Results
Leonardo 3Q/9M 2022 Results
 
Leonardo 2Q/1H2022 Results Presentation
Leonardo 2Q/1H2022 Results PresentationLeonardo 2Q/1H2022 Results Presentation
Leonardo 2Q/1H2022 Results Presentation
 
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates
1st Leonardo Helicopters SAR Workshop - AW139 SAR Overview and Updates
 
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...
1st Leonardo Helicopters SAR Workshop - Training Services & Solutions for SAR...
 
Leonardo 1Q 2022 Results
Leonardo 1Q 2022 ResultsLeonardo 1Q 2022 Results
Leonardo 1Q 2022 Results
 
Leonardo FY2021 Results
Leonardo FY2021 ResultsLeonardo FY2021 Results
Leonardo FY2021 Results
 
European Rotors - Certification by Simulation
European Rotors - Certification by SimulationEuropean Rotors - Certification by Simulation
European Rotors - Certification by Simulation
 
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...European Rotors - Mission Management System’s Capabilities for Law Enforcemen...
European Rotors - Mission Management System’s Capabilities for Law Enforcemen...
 
European Rotors - Rotorcraft and VTOL Symposium
European Rotors - Rotorcraft and VTOL SymposiumEuropean Rotors - Rotorcraft and VTOL Symposium
European Rotors - Rotorcraft and VTOL Symposium
 
European Rotors - Contributing to the Swiss Innovation Day
European Rotors - Contributing to the Swiss Innovation Day European Rotors - Contributing to the Swiss Innovation Day
European Rotors - Contributing to the Swiss Innovation Day
 
European Rotors - Helioffshore panel on Sustainable Aviation Fuel
European Rotors - Helioffshore panel on Sustainable Aviation FuelEuropean Rotors - Helioffshore panel on Sustainable Aviation Fuel
European Rotors - Helioffshore panel on Sustainable Aviation Fuel
 
European Rotors - PBN and GNSS for Rotorcraft Operations
European Rotors - PBN and GNSS for Rotorcraft OperationsEuropean Rotors - PBN and GNSS for Rotorcraft Operations
European Rotors - PBN and GNSS for Rotorcraft Operations
 
European Rotors - AW609 for HEMS Market
European Rotors - AW609 for HEMS MarketEuropean Rotors - AW609 for HEMS Market
European Rotors - AW609 for HEMS Market
 
Leonardo 3Q/9M 2021 Results
Leonardo 3Q/9M 2021 ResultsLeonardo 3Q/9M 2021 Results
Leonardo 3Q/9M 2021 Results
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Finmeccanica's cyber security experience at Ansaldo STS

  • 1. About us: Finmeccanica CP EXPO Workshop - «Risks and Security Management in Logistics and Transports» Cyber Security in Railways Systems, Ansaldo STS experience – Part 2: Cyber Security Strategy and Design Relator: Joint work with: Daniele Debertol, PhD. Ermete Meda, InfoSec Manager Finmeccanica is Italy’s leading manufacturer in the high technology sector. Genova, 29 October 2013 Finmeccanica is the largest shareholder in Ansaldo STS with a 40% stake. 1
  • 2. Signaling Systems: Safety-to-Security relationships “Vital Systems” • RBC (Radio Block Center) • Interlocking Environment Proprietary Infrastructure that ensures Railway Safety is not subject to computer attack Vital Systems “Non-Vital Systems” • Centralized Traffic Control Systems (e.g. TMS), Automation Systems Environment • Commercial ICT Infrastructure undergoing Cyber Security Risks (Operational Continuity, Financial losses, Reputational damage) Non-Vital Systems Non-Vital Systems 2
  • 3. … and between vital and non-vital layers Needs Protection… External Systems Non-vital layer Train Management System (TMS) Interlocking RBC Interlocking Vital layer ERTMS Euroradio T2 T1 Balise RBC: Radio-Block Center 3
  • 4. Evolution and Characteristics of Railway Signaling Systems Technology Platforms In the Past Today Proprietary HW/SW Isolated Systems Dedicated Applications Structured Information Commercial low cost HW/SW TCP/IP Protocol Interconnected Systems Heterogeneous Services (E-mail, Info-web, VoIP, CCTV, …) Structured and unstructured Information Operating Environment Today Distributed ICT infrastructure spread over long distances, and unattended systems Connections between safety critical and non-safety critical layers External systems connected to signaling infrastructure Human factor (operators, maintainers and… passengers) 4
  • 5. Cyber Space calling, Cyber Security knocking Cyber Security: protection of Cyber Space. But what is Cyber Space? Yesterday: many different environments, side-by-side Today: one single, big environment Consequences: Dynamic Threat Landscape in unique Cyber Domain Strategic & Tactical Cyber War Military Terrorism Politics Espionage Intellectual Property Organized Crime $ Vandalism & Hacktivism Ego, Curiosity Stuxnet, Operation Aurora, Botnets Zeus, Flame, Mandiant APT1 Report, AET attacks, Botnets, Phishing email DDoS attacks, Wikileaks, Anonymous 5
  • 6. Mature Cyber Security Process 1 Discovery & Assessment • • • 2 HW/SW Review & Redesign • • • 3 Identify key risks Identify key assets Identify gaps Countermeasure rationalization Security Infrastructure Assessment Fill technology gaps Intelligence & Analytics • • • Monitoring & Management Improvement Big Data Security Analytics Real-time Intelligence feeds 3 Phase Approach 6
  • 7. ICT Security Activities and Governance: Best Practices Incident Management Event Identification Countermeasures Effort 7
  • 8. ICT Security Activities and Governance: real life Reactive countermeasures Reaction WTF is Detection … and guess what? … and Monitoring… Monitoring… Prevention going on??? (not excluding Forensics) Proactive countermeasures 8
  • 9. Cyber Security: taking advantage of IT Building on top of Information Technology infrastructures, means that you get both its weaknesses, true, but its strenghts as well… … putting it the other way round: if a system is not secure by design – and they are not –, it will leave plenty of traces for you to follow! Leaving trace-routes behind 9
  • 10. Strategy: enhance monitoring and correlate Content Filtering Virtual Patching AAA Firewalling IDS/IPS So many eyes… giving a very broad view (say, at 365°degrees… to stay safe)… OK… ° But where to look for? And for what? And who? 10
  • 11. Perimeter Defence - Firewall shortcoming Signalling Plant_2 Signalling Plant_1 Signalling Plant_N ….. Firewall Module Firewall Module Firewall Module WAN Policy Installation Logs Traffic Firewall Module Management Console External Systems expected results from logs Solution: adding IPS/IDS and Log Correlation 11
  • 12. Content Filtering: the do’s and the dont’s Operating system is static, meaning that you can’t change it too often (good…), but that you won’t be able to patch (at all) either, which is NO GOOD! Dirty Traffic Virtual Patcher Clean Traffic Clean Traffic Threats Treatment Analysis: find critical vulnerabilities directly exposed to possible attacks Remediation: identify (& block) specific packets for the above vulnerabilities Solution: adding Virtual Patching 12
  • 13. Near Realtime Asset Control • not a performance- or availability-driven tool, though it may help • based on static asset database loaded offline at project time Repeat as needed • perform differential discovery onsite for database tuning • acknowledge variations that should be allowed • what is left, deal with: either a missing sheep, or a mismatched one, or… go, bark, there’s a wolf! Clean Traffic Clean Traffic GUI Monitoring subnet WAN Know your flock, and beware of wolves! Barkin’, at the very least 13
  • 14. The russian peasant of SIEMs at work: fast and light Events Console Message Correlation Minimize False Positives Realtime response (no archiving) Novelty detection for scheme-in-the-chaos Correlation Engine Log Files Sensor_1 Sensor_2 … Sensor_n Log Correlation 14
  • 15. The 11th hour (a.m.?) Do we simply wait for vulnerabilities to become actual threats or Can we advance from here, and provide for new services? Cyber Security = Defense line 15