SlideShare a Scribd company logo

Cyber Security in Manufacturing

CentraComm
CentraComm

The document discusses Internet of Things (IoT) and cybersecurity challenges in manufacturing. It provides an overview of the evolving threat landscape, including common hacking techniques like spearphishing and malware. The presentation emphasizes the importance of cyber hygiene practices for manufacturers such as updating software, using strong unique passwords, training employees on security basics, and not browsing as an administrator. It promotes attending an upcoming cybersecurity forum to learn more on topics that will help protect manufacturing organizations from emerging threats.

1 of 84
Download to read offline
Internet of Things & Cybersecurity In Manufacturing Northwest State Community College Manufacturing Consortium Thursday, April 28, 2016 1
Education AA – Tiffin University BA – Ohio Northern University MA – Bowling Green State University MA – George Washington University Experience Principal Founder, President & Chairman - CentraComm CEO - Aardvark Inc. Lynn R. Child 2
Education AA, BA, BS, MBA – University of Findlay DIA – University of Fairfax (In Progress) Security Professional Certificate – National Defense University & University of Fairfax Certified Information Security Professional Certified Six Sigma Blackbelt Developed and taught first Information Security class in 1999 Co-designed Information Assurance Major at the University of Findlay Network & Security Architect – Fortune 1000 Global Manufacturer Experience Loren W. Wagner Certifications 3
Agenda • History • Today’s Environment • Hacker’s Exploits • Security Overview In Manufacturing • Challenges and Changing Expectations • The Threat Landscape • Cyber Hygiene: 8 Tips To Follow • Invitation to the 15th Annual IA Forum 4
History 5
Evolution of Society’s Use of Technology 6
7
Today’s Environment 8
Technology is making our homes safer 9
Technology is making work smarter 10
Technology is changing society 11
Technology is connecting the world 12
Connectivity will overhaul businesses 13
GE CEO Jeff Immelt on Industrial Internet •In a best-case scenario, "predictive" analytics translates into better products, better sales, happier customers, better service agreements, and better company profits. •General Electric is rolling out a suite of Industrial Internet tools for locomotive haulers to improve efficiency. By GE's calculation, even a 1% gain could translate into $2.8 billion in savings annually. 14
Connectivity will overhaul businesses 15 Connectivity will integrate business units & businesses
Rank Country Devices online Relative size 1 South Korea 37.9 2 Denmark 32.7 3 Switzerland 29.0 4 United States 24.9 5 Netherlands 24.7 6 Germany 22.4 7 Sweden 21.9 8 Spain 19.9 9 France 17.6 10 Portugal 16.2 11 Belgium 15.6 12 United Kingdom 13.0 13 Canada 11.6 14 Italy 10.2 15 Brazil 9.2 16 Japan 8.2 17 Australia 7.9 18 Mexico 6.8 19 Poland 6.3 20 China 6.2 21 Colombia 6.1 22 Russia 4.9 23 Turkey 2.3 24 India 0.6 16 Connected Society: *Organisation_for_Economic_Co-operation_and_Development Over 75 Billion Connected Devices by 2020! List of countries by IoT devices online per 100 inhabitants as published by the OECD* in 2015.
Hacker’s Exploits 17
MIT coins the term “Hackers” related to people who were typing up the phone lines. 1983 The movie War Games is released and depicts a young hacker nearly starting WWIII by accessing a military supercomputer. 18 1963
1995 The web takes off and famous hacker Kevin Mitnick steals 20,000 credit card numbers leading to a fear of e-commerce. Later caught by the FBI by utilizing a “White Hacker”. 2006 Julian Assange becomes the new face of hacking. 19
2011 CIA, PBS, Gmail, the U.S. Senate all are hacked. Anonymous rises up as a underground hacktivist community. Year was coined “The Year of the Hack.” 20
21 2013 And then there was Edward Snowden…the computer analyst whistleblower who provided the Guardian with top-secret NSA documents leading to revelations about US surveillance on phone and internet communications.
2014 A record 1 billion records were compromised. Becomes the new “Year of the Breach.” Sony Entertainment Pictures Hacked. 22
2015 Insurer Anthem – 80 Million Customer Records Exposed 23
2016 Identity Theft Resource Center (ITRC) indicates that there has been a total of 155 data breaches recorded through March 15. More than 4.3 million records have been exposed since the beginning of the year. 24
Security Overview In Manufacturing 25
Cybersecurity for Advanced Manufacturing • A broad cross section of contributors: • National Institute of Standards & Technology • Cisco • Lockheed Martin • Rockwell Automation • Virginia Tech • Boeing • International Society of Automation • Department of Defense • The Langer Group • Exxon Mobile 26 National Defense Industrial Association’s Manufacturing Division and Cyber Division
Cybersecurity for Advanced Manufacturing •Key findings: •The threat is real and manufacturing companies are targets • Factory floor systems are a weak link in safeguarding technical information • Small Business manufacturers are not well equipped to manage the risks 27
The Threat is Real and Manufacturing Companies are Targets • Motivations may be: •Espionage •Financial gain •Disruption •In an effort to compromise data •Confidentiality •Integrity •Availability 28 CIA Triad
The Threat is Real… •Confidentiality: Theft of technical data, including critical national security information and valuable commercial intellectual property. •Integrity: Alteration of data, thereby altering processes and products. •Availability: Impairment or denial of process control, thereby damaging or shutting down operations. 29
30
What’s Changed - Past • ICS are long-lived lived investments • 15+ year life cycle • Discrete operating systems and network protocols • Air gap • Autonomous & proprietary • Little tolerance for down time • Real-time operation • Critical safety implications • System availability precedence over confidentiality • Speed, functionality, reliability and safety • Weak privilege management/access controls 31
IT-OT Architectural Considerations 32
IT-OT Architectural Considerations 33 Danger!
What’s Changed - Present • Competitive pressures driving the integration and analysis of “big data” • Converging information systems, engineering information systems and manufacturing systems across the supply chain. • Organizations need to respond quickly to market changes • Executives need timely and accurate information • Production control systems – ICS – must feed this information to the decision makers as soon as possible • A distinct trend toward integration of IT and OT systems 34
IT-OT Architectural Considerations 35
IT-OT Architectural Considerations 36
What Has Changed - Future • Integration of IT and OT • Additional complexity • Internet of Things • Industrial Internet of Things • Greater emphasis on ICS security practices • Support for NIST Framework • Cyber Security Framework for Critical Infrastructure Protection • Developing into a de facto standard? 37
IT-OT Architectural Considerations 38
IT-OT Architectural Considerations 39
Smart Manufacturing IoT Stack 40 Security Layer Security Layer
Challenges & Changing Expectations 41
Top Technology Challenges • Top 5 Concerns* • Emerging technologies & infrastructure changes • Transformation, innovation, disruption • IT security & privacy/cyber security • Resource/staffing/skills challenges • Infrastructure management • Cloud computing/virtualization *ISACA & Protivity 5th Annual IT Audit Benchmarking Survey with 1230 global participants 42
Regulatory Environment •Security and Exchange Commission • Risk Alert issued by the Office of Compliance Inspections and Examinations September 2015. The alert was a result of investigations of financial institutions but lays out what the expectations would be when investigating a data breach. •Federal Trade Commission • "It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information” - FTC Chairwoman Edith Ramirez 43
Advisors & Consultants •National Association of Corporate Directors • Cited benefits of a common cyber risk management language, so that more efficient and precise discussions can be held up, down, and across a company's management structure, with auditors, and with supply chain partners. •PricewaterhouseCoopers (PwC) • Corporate officers and boards may have a fiduciary obligation to comply with the guidelines (NIST CSF) and demonstrate due are 44
Legal Environment • A U.S. appeals court • Said the Federal Trade Commission has authority to regulate corporate cyber security, and may pursue a lawsuit accusing hotel operator Wyndham Worldwide Corp of failing to properly safeguard consumers' information. • Bloomberg BNA • Cybersecurity today is not merely the responsibility of a company’s IT group. As with any critical function within an organization, governance over and management of cybersecurity is an essential “best practice.” Good governance not only helps companies make appropriate strategic cybersecurity decisions, but studies have shown it reduces the cost of a cyberattack. 45
Insurance • Rationalizing Risk • Insurance companies and other industry leaders are pushing hard to make the NIST CFS more pervasive. Companies like AIG, Apple, and Visa are already onboard. • The NIST CSF opens the door for the insurance industry to capture, measure, and share risk metrics, which could go a long way toward policy underwriting and consistent premiums. 46 NIST CSF = National Institute of Standards & Technology Cyber Security Framework
Business Partners Expectations • “The breach at Target Corp. that exposed credit card and PII data on more than 70MM consumers began with a malware- laced phishing attack sent to a third party vendor” KrebsOnSecurity • “PCI 3.0, HIPAA Omnibus, OCC, CFPB, FFIEC and the Federal Reserve have changed the way organizations in many industries need to think about IT & data supply chain risk management” • "If not managed effectively, the use of service providers may expose financial institutions to regulatory action, financial loss, litigation, and loss of reputation.“ Federal Reserve 47
The Threat Landscape 48
Security Vulnerabilities Recent studies show: • As many as 85% of targeted attacks are preventable • That 83.6% of vulnerabilities in ‘All’ products, and 84.6% of vulnerabilities in products in the Top 50 portfolio have a patch available on the day of disclosure • In 2014, 76.9% of the vulnerabilities affecting the Top 50 applications affected non-Microsoft applications, such as • Third-party programs, including Oracle Corp.'s Java and Adobe Systems Inc.'s Flash and Reader applications 49
Be Aware of the Most Prevalent Tactics to “Hack” Information Spearfishing: An e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. …conducted by perpetrators out for financial gain, trade secrets or military information. Example of Social Engineering. 50
Spearphishing Example: Business Email Compromise Scam (BEC) or CEO Scam •FBI states that there were over 17,000 reports from victims all over the world from October of 2013 to February of this year, accounting for over $2.3 billion in losses for affected companies. 51
Example of Business Email Compromise (CEO Scam) 52
53
Be Aware of Other Prevalent Forms of Hacks Malware •Malicious software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet or gains access to private computer systems. Includes viruses, worms, Trojan horses, etc. 54
Some Common and Prevalent Malware Includes: •SpyWare – secretly gathers information about a person or organization. Can take partial or full control of computer without knowledge of user. •AdWare – automatically renders advertisements in order to generate revenue for its author. Pop- ups are an example. •RamsonWare – restricts access to your computer system and demands a ransom be paid to the creator of the malware in order for the restriction to be removed. Forms include: encrypted files, lock system/display message to pay… 55
RansomWare: Example of Cryptolocker Locked Screen
Ransomware Proliferation 57
. 58
Malware/Spyware/RansomWare What To Do • Do Not Click upon any Links within an SMS Message or Email Message • Do Not Download any Software from an Email Link • Do Not Click upon any Links or Forwards within Social Media • Go to the Authorized Marketplace for 3rd-party Applications and Downloads • Pay Particular Attention to Popular Game Applications – Hotbed for Hackers • Do Research with Trusted Names, i.e., Gartner, Information Week, TechTarget, etc.
Cyber Hygiene: 8 Tips to Follow 60
Tip #1: Think Before You Click •As stated previously, beware of links and downloads within: •Email •Web •Text Message •Social Media •Other 61
Tip #2: Go to Authorized Marketplace for Downloads 62 • Marketplaces include: • Apple • Droid • Google • AWS • Azure • Other
Tip #3: Update/Patch Software Upon All Devices •Device updates/patches are new instructions your computer can use to communicate with devices that are attached, like printers, sound systems, or cameras. Often device patches are written to fix known problems, add new functionality, increase the performance of the attached device, or fix security holes •Examples: Adobe Reader, Java Script, Microsoft Operating System, Anti-Virus, etc.
Tip #4: Practice Password Management • Password manager software is used by individuals to organize and encrypt many personal passwords. This is also referred to as a password wallet. • Rule of thumb: Use “Strong Passwords” • Upper case letters • Lower case letters • Number • Symbol • Longer Passwords are Safer • Change Regularly Examples Get2NoUWell# TriKnot2Cry@Work Ate4hotDogs! Tks4$2Eat
Tip #5: Change Default Passwords 65 Systems and Software generate general passwords that allow companies to enter a system or software with the requirement that these passwords should be changed upon receipt. Often, companies do not actually take the time to do this. Major concern as hackers know these basic passwords and can easily exploit these systems and/or software.
Tip #6: Create Dedicated Email Accounts •Establish “Specialized Accounts” that You Use For: •Online purchases •Responding to inquiries •Taking surveys •Personal use •Business use •Other
Tip #7: Consider End-User Security Training 67 •In-House Training •Consulting •Online Training •Hybrid Training
Tip #8: Don’t Surf With Administrator Accounts •Use a normal user account to log onto your computer •Administrator rights allow privileged access, which allows malware to install programs or make unauthorized changes to your computer 68
8 Security Tips for Manufacturing & You Go to Authorized Marketplace for Downloads Update/Patch Software Upon your Devices Practice Password Management Change Default Passwords Create Separate Email Accounts 69
Security Tips for Your Associates & You Consider End-User Security Training Don’t Surf With Administrator Accounts Think Before You Click If It Feels Wrong, It Probably Is! 70
A Challenge to Your Manufacturing Associates & You Prepare your Manufacturing Associates for the Reality of a Connected Society: - Read and Research Continuously - Utilize Case Studies - Utilize Table Top Exercises - Seek Out Industry Speakers - Attend Relevant Events and Webinars - Be Willing to Watch, Learn, & Listen from Each Other! 71
Thank you! And, we hope to see you at… 72
• 2016 TIC Business Survey Results • End-User Security Training • Social Engineering Pitfalls • Social Media Do’s & Don’ts • System Settings: Going Back to Basics • Cloud Security/Mobile BYOD – Microsoft: Office 365, Azure, & Security • Student Company & Internship Interaction • Interactive Q & A Throughout the Day 2016 Information Assurance Forum Topics 73
Registration Opens August 1 www.IAForum.net $35 Chamber Members | $45 Non-Chamber Members | $10 Students Breakfast and Lunch Provided Wednesday October 26th 8:45 am – 5:00 pm Winebrenner Auditorium, Winebrenner Seminary The University of Findlay Campus 950 North Main Street, Findlay, OH 45840 74
Presentation References & Other Resources  Connected Society/Internet of Things: https://en.wikipedia.org/wiki/Internet _of_Things  The Horizon Report-2015 Higher Education (Emerging Technologies): http://www.ictliteracy.info/rf.pdf/Horizon-report-2015.pdf  Over 75 Billion Devices Connected by 2020: http://www.businessinsider.com/75-billion-devices-will-be-connected-to- the-internet-by-2020-2013-10  World’s Biggest Data Breaches: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data- breaches-hacks/  Jeep Car Gets Hacked: http://www.wired.com/2015/07/hackers-remotely- kill-jeep-highway  Spearfishing: http://searchsecurity.techtarget.com/definition/spear-phishing 75
 MalWare: http://whatis.techtarget.com/glossary/Malware  GrrCon Security Summit & Hacker Conference: http://grrcon.com  IAForum.net: http://IAForum.net  Why the Internet of Things is Big Business: http://harvardmagazine.com/2015/07/why-the-internet-of-things-is-big- business  NIST Cybersecurity Framework: http://www.nist.gov/cyberframework/  Online Trust Alliance: https://otalliance.org/initiatives/internet-things  End-User Security Training: http://www.KnowBe4.com  Societal Impact of a Connected Life Over the Next 5 Years: http://www.gsma.com/connectedliving/wp- content/uploads/2013/02/GSMA-Connected-Life-PwC_Feb-2013.pdf  Behind GE's Vision For The Industrial Internet Of Things: http://www.fastcompany.com/3031272/can-jeff-immelt-really-make-the- world-1-better 76 Presentation References & Other Resources
 Top IT Trends in 2015: http://www.entrepreneur.com.ph/technology/top- it-trends-for-businesses-in-2015-and-how-to-prepare-for-those?ref=tag  IoT in Manufacturing: http://4dm7pi3anfms2bn7sk7u16h1.wpengine.netdna-cdn.com/wp- content/uploads/2015/02/Internet-Of-Things-Manufacturing.jpg  RIPE - Robust Industrial Control Systems Planning and Evaluation: http://www.langner.com/en/wp-content/uploads/2014/10/A-RIPE- Implementation-of-the-NIST-CSF.pdf  CYBERSECURITY FOR ADVANCED MANUFACTURING: http://www.ise.vt.edu/ResearchFacilities/Centers/CenterPages/CPSSMFG/f iles/cyber_security_AM.pdf  The Internet of Things Will Make Manufacturing Smarter: http://www.industryweek.com/manufacturing-smarter?page=2 77 Presentation References & Other Resources
 Cybersecurity and Privacy in 2015: http://www.bna.com/ cybersecurity-privacy-2015-m17179934502/  The State of Cyber Insurance: http://www.networkworld.com/article/3005213/security/the-state-of-cyber- insurance.html  Improving Third Party Risk Management with Cyber Threat Intelligence: http://www.isaca.org/chapters11/Western-New- York/Events/Documents/2015-April/CT02-3RD-Party-Cybersecurity- NMenz.pdf  FBI reminds companies to watch out for business email compromise scams: https://www.consumeraffairs.com/news/  fbi-reminds-companies-to-watch-out-for-business-email-compromise-scams- 040816.html 78 Presentation References & Other Resources
Thank you for the Honor & Privilege of Sharing Information Regarding “IoT & Manufacturing” Lynn R. Child, President & Chairman, CentraComm www.CentraComm.net Direct: 419-421-1284 | Lchild@CentraComm.net Loren W. Wagner, Information Assurance Professional Adjunct Senior Lecturer, University of FIndlay Cell: 419-722-2990 | Wagner@Findlay.edu Find this presentation at: http://www.slideshare.net/CentraComm/ 79
Risks to Home, Business, & Careers 80
Security hacks could expose our homes 81
Security hacks could disrupt our businesses 82
Security hacks could end your business career 83 Add Sony CEO Fired (Apparently not – article on Feb, 2016 still refers to same CEO)
84

Recommended

Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Ekonomikas ministrija
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy Workshop
Life Cycle Engineering
 
AI and the Impact on Cybersecurity
AI and the Impact on CybersecurityAI and the Impact on Cybersecurity
AI and the Impact on Cybersecurity
Graham Mann
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITY
Priyanshu Ratnakar
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
McKonly & Asbury, LLP
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilience
accenture
 

Recommended

Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Ekonomikas ministrija
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy Workshop
Life Cycle Engineering
 
AI and the Impact on Cybersecurity
AI and the Impact on CybersecurityAI and the Impact on Cybersecurity
AI and the Impact on Cybersecurity
Graham Mann
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITY
Priyanshu Ratnakar
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
McKonly & Asbury, LLP
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilience
accenture
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
PECB
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
Eryk Budi Pratama
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
Kris Kimmerle
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
Priyanka Aash
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
Dam Frank
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
Resilient Systems
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
Benoit Callebaut
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
Deepak Kumar (D3)
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
ParishSummer
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
Computer integrated manufacturing
Computer integrated manufacturingComputer integrated manufacturing
Computer integrated manufacturing
Ashish Desai
 

More Related Content

What's hot

The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
PECB
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
Eryk Budi Pratama
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
Kris Kimmerle
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
Priyanka Aash
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
Dam Frank
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
Resilient Systems
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
Benoit Callebaut
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
Deepak Kumar (D3)
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
ParishSummer
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 

What's hot (20)

The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 

Viewers also liked

Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
Computer integrated manufacturing
Computer integrated manufacturingComputer integrated manufacturing
Computer integrated manufacturing
Ashish Desai
 
Sicurezza informatica per le professioni legali
Sicurezza informatica per le professioni legaliSicurezza informatica per le professioni legali
Sicurezza informatica per le professioni legali
Raffaella Brighi
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01RoutecoMarketing
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011)
PwC France
 
Four Necessities for Your Change Management Journey (Infographic)
Four Necessities for Your Change Management Journey (Infographic)Four Necessities for Your Change Management Journey (Infographic)
Four Necessities for Your Change Management Journey (Infographic)
Chief Optimist
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Schneider Electric
 
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of thingsEricsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
Maurice Dawson
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016
Andrey Apuhtin
 
Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle
David Sweigert
 
7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost
Chris Out
 
Hacker House August Proposal
Hacker House August ProposalHacker House August Proposal
Hacker House August Proposal
Innotech Network™
 
Cyber Security Lessons from the NSA
Cyber Security Lessons from the NSACyber Security Lessons from the NSA
Cyber Security Lessons from the NSA
CipherCloud
 
NIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database AnalysisNIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database Analysis
James W. De Rienzo
 
Mergers & Acquisitions It Implications
Mergers & Acquisitions It ImplicationsMergers & Acquisitions It Implications
Mergers & Acquisitions It Implications
llangin
 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical Devices
Suresh Mandava
 
Digital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteDigital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation Institute
ControlEng
 
Cyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control SystemsCyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control Systems
David Spinks
 

Viewers also liked (20)

Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16
 
Computer integrated manufacturing
Computer integrated manufacturingComputer integrated manufacturing
Computer integrated manufacturing
 
Sicurezza informatica per le professioni legali
Sicurezza informatica per le professioni legaliSicurezza informatica per le professioni legali
Sicurezza informatica per le professioni legali
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011)
 
Four Necessities for Your Change Management Journey (Infographic)
Four Necessities for Your Change Management Journey (Infographic)Four Necessities for Your Change Management Journey (Infographic)
Four Necessities for Your Change Management Journey (Infographic)
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
 
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of thingsEricsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of things
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016
 
Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle
 
7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost
 
Hacker House August Proposal
Hacker House August ProposalHacker House August Proposal
Hacker House August Proposal
 
Cyber Security Lessons from the NSA
Cyber Security Lessons from the NSACyber Security Lessons from the NSA
Cyber Security Lessons from the NSA
 
NIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database AnalysisNIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database Analysis
 
Mergers & Acquisitions It Implications
Mergers & Acquisitions It ImplicationsMergers & Acquisitions It Implications
Mergers & Acquisitions It Implications
 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical Devices
 
Digital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteDigital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation Institute
 
Cyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control SystemsCyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control Systems
 

Similar to Cyber Security in Manufacturing

CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
OCTF Industry Engagement
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
Skoda Minotti
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdfCYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
VikashSinghBaghel1
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
Judith Beckhard Cardoso
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
Julius Clark, CISSP, CISA
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligence
NISIInstituut
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
Cyril Soeri
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
Don Grauel
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
Ahmed Banafa
 
Symantec 2011 State of Security Survey Global Findings
Symantec 2011 State of Security Survey Global FindingsSymantec 2011 State of Security Survey Global Findings
Symantec 2011 State of Security Survey Global Findings
Symantec
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
IndSightsResearchSG
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
OSIsoft, LLC
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
Ulf Mattsson
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security
Ben Rothke
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
Cameron Forbes Over
 

Similar to Cyber Security in Manufacturing (20)

CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdfCYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligence
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Symantec 2011 State of Security Survey Global Findings
Symantec 2011 State of Security Survey Global FindingsSymantec 2011 State of Security Survey Global Findings
Symantec 2011 State of Security Survey Global Findings
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 

Recently uploaded

How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 

Recently uploaded (20)

How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 

Cyber Security in Manufacturing

  • 1. Internet of Things & Cybersecurity In Manufacturing Northwest State Community College Manufacturing Consortium Thursday, April 28, 2016 1
  • 2. Education AA – Tiffin University BA – Ohio Northern University MA – Bowling Green State University MA – George Washington University Experience Principal Founder, President & Chairman - CentraComm CEO - Aardvark Inc. Lynn R. Child 2
  • 3. Education AA, BA, BS, MBA – University of Findlay DIA – University of Fairfax (In Progress) Security Professional Certificate – National Defense University & University of Fairfax Certified Information Security Professional Certified Six Sigma Blackbelt Developed and taught first Information Security class in 1999 Co-designed Information Assurance Major at the University of Findlay Network & Security Architect – Fortune 1000 Global Manufacturer Experience Loren W. Wagner Certifications 3
  • 4. Agenda • History • Today’s Environment • Hacker’s Exploits • Security Overview In Manufacturing • Challenges and Changing Expectations • The Threat Landscape • Cyber Hygiene: 8 Tips To Follow • Invitation to the 15th Annual IA Forum 4
  • 6. Evolution of Society’s Use of Technology 6
  • 7. 7
  • 9. Technology is making our homes safer 9
  • 10. Technology is making work smarter 10
  • 12. Technology is connecting the world 12
  • 13. Connectivity will overhaul businesses 13
  • 14. GE CEO Jeff Immelt on Industrial Internet •In a best-case scenario, "predictive" analytics translates into better products, better sales, happier customers, better service agreements, and better company profits. •General Electric is rolling out a suite of Industrial Internet tools for locomotive haulers to improve efficiency. By GE's calculation, even a 1% gain could translate into $2.8 billion in savings annually. 14
  • 15. Connectivity will overhaul businesses 15 Connectivity will integrate business units & businesses
  • 16. Rank Country Devices online Relative size 1 South Korea 37.9 2 Denmark 32.7 3 Switzerland 29.0 4 United States 24.9 5 Netherlands 24.7 6 Germany 22.4 7 Sweden 21.9 8 Spain 19.9 9 France 17.6 10 Portugal 16.2 11 Belgium 15.6 12 United Kingdom 13.0 13 Canada 11.6 14 Italy 10.2 15 Brazil 9.2 16 Japan 8.2 17 Australia 7.9 18 Mexico 6.8 19 Poland 6.3 20 China 6.2 21 Colombia 6.1 22 Russia 4.9 23 Turkey 2.3 24 India 0.6 16 Connected Society: *Organisation_for_Economic_Co-operation_and_Development Over 75 Billion Connected Devices by 2020! List of countries by IoT devices online per 100 inhabitants as published by the OECD* in 2015.
  • 18. MIT coins the term “Hackers” related to people who were typing up the phone lines. 1983 The movie War Games is released and depicts a young hacker nearly starting WWIII by accessing a military supercomputer. 18 1963
  • 19. 1995 The web takes off and famous hacker Kevin Mitnick steals 20,000 credit card numbers leading to a fear of e-commerce. Later caught by the FBI by utilizing a “White Hacker”. 2006 Julian Assange becomes the new face of hacking. 19
  • 20. 2011 CIA, PBS, Gmail, the U.S. Senate all are hacked. Anonymous rises up as a underground hacktivist community. Year was coined “The Year of the Hack.” 20
  • 21. 21 2013 And then there was Edward Snowden…the computer analyst whistleblower who provided the Guardian with top-secret NSA documents leading to revelations about US surveillance on phone and internet communications.
  • 22. 2014 A record 1 billion records were compromised. Becomes the new “Year of the Breach.” Sony Entertainment Pictures Hacked. 22
  • 23. 2015 Insurer Anthem – 80 Million Customer Records Exposed 23
  • 24. 2016 Identity Theft Resource Center (ITRC) indicates that there has been a total of 155 data breaches recorded through March 15. More than 4.3 million records have been exposed since the beginning of the year. 24
  • 25. Security Overview In Manufacturing 25
  • 26. Cybersecurity for Advanced Manufacturing • A broad cross section of contributors: • National Institute of Standards & Technology • Cisco • Lockheed Martin • Rockwell Automation • Virginia Tech • Boeing • International Society of Automation • Department of Defense • The Langer Group • Exxon Mobile 26 National Defense Industrial Association’s Manufacturing Division and Cyber Division
  • 27. Cybersecurity for Advanced Manufacturing •Key findings: •The threat is real and manufacturing companies are targets • Factory floor systems are a weak link in safeguarding technical information • Small Business manufacturers are not well equipped to manage the risks 27
  • 28. The Threat is Real and Manufacturing Companies are Targets • Motivations may be: •Espionage •Financial gain •Disruption •In an effort to compromise data •Confidentiality •Integrity •Availability 28 CIA Triad
  • 29. The Threat is Real… •Confidentiality: Theft of technical data, including critical national security information and valuable commercial intellectual property. •Integrity: Alteration of data, thereby altering processes and products. •Availability: Impairment or denial of process control, thereby damaging or shutting down operations. 29
  • 30. 30
  • 31. What’s Changed - Past • ICS are long-lived lived investments • 15+ year life cycle • Discrete operating systems and network protocols • Air gap • Autonomous & proprietary • Little tolerance for down time • Real-time operation • Critical safety implications • System availability precedence over confidentiality • Speed, functionality, reliability and safety • Weak privilege management/access controls 31
  • 34. What’s Changed - Present • Competitive pressures driving the integration and analysis of “big data” • Converging information systems, engineering information systems and manufacturing systems across the supply chain. • Organizations need to respond quickly to market changes • Executives need timely and accurate information • Production control systems – ICS – must feed this information to the decision makers as soon as possible • A distinct trend toward integration of IT and OT systems 34
  • 37. What Has Changed - Future • Integration of IT and OT • Additional complexity • Internet of Things • Industrial Internet of Things • Greater emphasis on ICS security practices • Support for NIST Framework • Cyber Security Framework for Critical Infrastructure Protection • Developing into a de facto standard? 37
  • 40. Smart Manufacturing IoT Stack 40 Security Layer Security Layer
  • 41. Challenges & Changing Expectations 41
  • 42. Top Technology Challenges • Top 5 Concerns* • Emerging technologies & infrastructure changes • Transformation, innovation, disruption • IT security & privacy/cyber security • Resource/staffing/skills challenges • Infrastructure management • Cloud computing/virtualization *ISACA & Protivity 5th Annual IT Audit Benchmarking Survey with 1230 global participants 42
  • 43. Regulatory Environment •Security and Exchange Commission • Risk Alert issued by the Office of Compliance Inspections and Examinations September 2015. The alert was a result of investigations of financial institutions but lays out what the expectations would be when investigating a data breach. •Federal Trade Commission • "It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information” - FTC Chairwoman Edith Ramirez 43
  • 44. Advisors & Consultants •National Association of Corporate Directors • Cited benefits of a common cyber risk management language, so that more efficient and precise discussions can be held up, down, and across a company's management structure, with auditors, and with supply chain partners. •PricewaterhouseCoopers (PwC) • Corporate officers and boards may have a fiduciary obligation to comply with the guidelines (NIST CSF) and demonstrate due are 44
  • 45. Legal Environment • A U.S. appeals court • Said the Federal Trade Commission has authority to regulate corporate cyber security, and may pursue a lawsuit accusing hotel operator Wyndham Worldwide Corp of failing to properly safeguard consumers' information. • Bloomberg BNA • Cybersecurity today is not merely the responsibility of a company’s IT group. As with any critical function within an organization, governance over and management of cybersecurity is an essential “best practice.” Good governance not only helps companies make appropriate strategic cybersecurity decisions, but studies have shown it reduces the cost of a cyberattack. 45
  • 46. Insurance • Rationalizing Risk • Insurance companies and other industry leaders are pushing hard to make the NIST CFS more pervasive. Companies like AIG, Apple, and Visa are already onboard. • The NIST CSF opens the door for the insurance industry to capture, measure, and share risk metrics, which could go a long way toward policy underwriting and consistent premiums. 46 NIST CSF = National Institute of Standards & Technology Cyber Security Framework
  • 47. Business Partners Expectations • “The breach at Target Corp. that exposed credit card and PII data on more than 70MM consumers began with a malware- laced phishing attack sent to a third party vendor” KrebsOnSecurity • “PCI 3.0, HIPAA Omnibus, OCC, CFPB, FFIEC and the Federal Reserve have changed the way organizations in many industries need to think about IT & data supply chain risk management” • "If not managed effectively, the use of service providers may expose financial institutions to regulatory action, financial loss, litigation, and loss of reputation.“ Federal Reserve 47
  • 49. Security Vulnerabilities Recent studies show: • As many as 85% of targeted attacks are preventable • That 83.6% of vulnerabilities in ‘All’ products, and 84.6% of vulnerabilities in products in the Top 50 portfolio have a patch available on the day of disclosure • In 2014, 76.9% of the vulnerabilities affecting the Top 50 applications affected non-Microsoft applications, such as • Third-party programs, including Oracle Corp.'s Java and Adobe Systems Inc.'s Flash and Reader applications 49
  • 50. Be Aware of the Most Prevalent Tactics to “Hack” Information Spearfishing: An e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. …conducted by perpetrators out for financial gain, trade secrets or military information. Example of Social Engineering. 50
  • 51. Spearphishing Example: Business Email Compromise Scam (BEC) or CEO Scam •FBI states that there were over 17,000 reports from victims all over the world from October of 2013 to February of this year, accounting for over $2.3 billion in losses for affected companies. 51
  • 52. Example of Business Email Compromise (CEO Scam) 52
  • 53. 53
  • 54. Be Aware of Other Prevalent Forms of Hacks Malware •Malicious software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet or gains access to private computer systems. Includes viruses, worms, Trojan horses, etc. 54
  • 55. Some Common and Prevalent Malware Includes: •SpyWare – secretly gathers information about a person or organization. Can take partial or full control of computer without knowledge of user. •AdWare – automatically renders advertisements in order to generate revenue for its author. Pop- ups are an example. •RamsonWare – restricts access to your computer system and demands a ransom be paid to the creator of the malware in order for the restriction to be removed. Forms include: encrypted files, lock system/display message to pay… 55
  • 56. RansomWare: Example of Cryptolocker Locked Screen
  • 58. . 58
  • 59. Malware/Spyware/RansomWare What To Do • Do Not Click upon any Links within an SMS Message or Email Message • Do Not Download any Software from an Email Link • Do Not Click upon any Links or Forwards within Social Media • Go to the Authorized Marketplace for 3rd-party Applications and Downloads • Pay Particular Attention to Popular Game Applications – Hotbed for Hackers • Do Research with Trusted Names, i.e., Gartner, Information Week, TechTarget, etc.
  • 60. Cyber Hygiene: 8 Tips to Follow 60
  • 61. Tip #1: Think Before You Click •As stated previously, beware of links and downloads within: •Email •Web •Text Message •Social Media •Other 61
  • 62. Tip #2: Go to Authorized Marketplace for Downloads 62 • Marketplaces include: • Apple • Droid • Google • AWS • Azure • Other
  • 63. Tip #3: Update/Patch Software Upon All Devices •Device updates/patches are new instructions your computer can use to communicate with devices that are attached, like printers, sound systems, or cameras. Often device patches are written to fix known problems, add new functionality, increase the performance of the attached device, or fix security holes •Examples: Adobe Reader, Java Script, Microsoft Operating System, Anti-Virus, etc.
  • 64. Tip #4: Practice Password Management • Password manager software is used by individuals to organize and encrypt many personal passwords. This is also referred to as a password wallet. • Rule of thumb: Use “Strong Passwords” • Upper case letters • Lower case letters • Number • Symbol • Longer Passwords are Safer • Change Regularly Examples Get2NoUWell# TriKnot2Cry@Work Ate4hotDogs! Tks4$2Eat
  • 65. Tip #5: Change Default Passwords 65 Systems and Software generate general passwords that allow companies to enter a system or software with the requirement that these passwords should be changed upon receipt. Often, companies do not actually take the time to do this. Major concern as hackers know these basic passwords and can easily exploit these systems and/or software.
  • 66. Tip #6: Create Dedicated Email Accounts •Establish “Specialized Accounts” that You Use For: •Online purchases •Responding to inquiries •Taking surveys •Personal use •Business use •Other
  • 67. Tip #7: Consider End-User Security Training 67 •In-House Training •Consulting •Online Training •Hybrid Training
  • 68. Tip #8: Don’t Surf With Administrator Accounts •Use a normal user account to log onto your computer •Administrator rights allow privileged access, which allows malware to install programs or make unauthorized changes to your computer 68
  • 69. 8 Security Tips for Manufacturing & You Go to Authorized Marketplace for Downloads Update/Patch Software Upon your Devices Practice Password Management Change Default Passwords Create Separate Email Accounts 69
  • 70. Security Tips for Your Associates & You Consider End-User Security Training Don’t Surf With Administrator Accounts Think Before You Click If It Feels Wrong, It Probably Is! 70
  • 71. A Challenge to Your Manufacturing Associates & You Prepare your Manufacturing Associates for the Reality of a Connected Society: - Read and Research Continuously - Utilize Case Studies - Utilize Table Top Exercises - Seek Out Industry Speakers - Attend Relevant Events and Webinars - Be Willing to Watch, Learn, & Listen from Each Other! 71
  • 72. Thank you! And, we hope to see you at… 72
  • 73. • 2016 TIC Business Survey Results • End-User Security Training • Social Engineering Pitfalls • Social Media Do’s & Don’ts • System Settings: Going Back to Basics • Cloud Security/Mobile BYOD – Microsoft: Office 365, Azure, & Security • Student Company & Internship Interaction • Interactive Q & A Throughout the Day 2016 Information Assurance Forum Topics 73
  • 74. Registration Opens August 1 www.IAForum.net $35 Chamber Members | $45 Non-Chamber Members | $10 Students Breakfast and Lunch Provided Wednesday October 26th 8:45 am – 5:00 pm Winebrenner Auditorium, Winebrenner Seminary The University of Findlay Campus 950 North Main Street, Findlay, OH 45840 74
  • 75. Presentation References & Other Resources  Connected Society/Internet of Things: https://en.wikipedia.org/wiki/Internet _of_Things  The Horizon Report-2015 Higher Education (Emerging Technologies): http://www.ictliteracy.info/rf.pdf/Horizon-report-2015.pdf  Over 75 Billion Devices Connected by 2020: http://www.businessinsider.com/75-billion-devices-will-be-connected-to- the-internet-by-2020-2013-10  World’s Biggest Data Breaches: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data- breaches-hacks/  Jeep Car Gets Hacked: http://www.wired.com/2015/07/hackers-remotely- kill-jeep-highway  Spearfishing: http://searchsecurity.techtarget.com/definition/spear-phishing 75
  • 76.  MalWare: http://whatis.techtarget.com/glossary/Malware  GrrCon Security Summit & Hacker Conference: http://grrcon.com  IAForum.net: http://IAForum.net  Why the Internet of Things is Big Business: http://harvardmagazine.com/2015/07/why-the-internet-of-things-is-big- business  NIST Cybersecurity Framework: http://www.nist.gov/cyberframework/  Online Trust Alliance: https://otalliance.org/initiatives/internet-things  End-User Security Training: http://www.KnowBe4.com  Societal Impact of a Connected Life Over the Next 5 Years: http://www.gsma.com/connectedliving/wp- content/uploads/2013/02/GSMA-Connected-Life-PwC_Feb-2013.pdf  Behind GE's Vision For The Industrial Internet Of Things: http://www.fastcompany.com/3031272/can-jeff-immelt-really-make-the- world-1-better 76 Presentation References & Other Resources
  • 77.  Top IT Trends in 2015: http://www.entrepreneur.com.ph/technology/top- it-trends-for-businesses-in-2015-and-how-to-prepare-for-those?ref=tag  IoT in Manufacturing: http://4dm7pi3anfms2bn7sk7u16h1.wpengine.netdna-cdn.com/wp- content/uploads/2015/02/Internet-Of-Things-Manufacturing.jpg  RIPE - Robust Industrial Control Systems Planning and Evaluation: http://www.langner.com/en/wp-content/uploads/2014/10/A-RIPE- Implementation-of-the-NIST-CSF.pdf  CYBERSECURITY FOR ADVANCED MANUFACTURING: http://www.ise.vt.edu/ResearchFacilities/Centers/CenterPages/CPSSMFG/f iles/cyber_security_AM.pdf  The Internet of Things Will Make Manufacturing Smarter: http://www.industryweek.com/manufacturing-smarter?page=2 77 Presentation References & Other Resources
  • 78.  Cybersecurity and Privacy in 2015: http://www.bna.com/ cybersecurity-privacy-2015-m17179934502/  The State of Cyber Insurance: http://www.networkworld.com/article/3005213/security/the-state-of-cyber- insurance.html  Improving Third Party Risk Management with Cyber Threat Intelligence: http://www.isaca.org/chapters11/Western-New- York/Events/Documents/2015-April/CT02-3RD-Party-Cybersecurity- NMenz.pdf  FBI reminds companies to watch out for business email compromise scams: https://www.consumeraffairs.com/news/  fbi-reminds-companies-to-watch-out-for-business-email-compromise-scams- 040816.html 78 Presentation References & Other Resources
  • 79. Thank you for the Honor & Privilege of Sharing Information Regarding “IoT & Manufacturing” Lynn R. Child, President & Chairman, CentraComm www.CentraComm.net Direct: 419-421-1284 | Lchild@CentraComm.net Loren W. Wagner, Information Assurance Professional Adjunct Senior Lecturer, University of FIndlay Cell: 419-722-2990 | Wagner@Findlay.edu Find this presentation at: http://www.slideshare.net/CentraComm/ 79
  • 80. Risks to Home, Business, & Careers 80
  • 81. Security hacks could expose our homes 81
  • 82. Security hacks could disrupt our businesses 82
  • 83. Security hacks could end your business career 83 Add Sony CEO Fired (Apparently not – article on Feb, 2016 still refers to same CEO)
  • 84. 84