SlideShare a Scribd company logo

Cybersecurity Summit AHR20 Detect KMC

Cimetrics Inc
Cimetrics Inc

NIST Cybersecurity Framework. Detect. Dave Bohlmann - KMC Controls

Technology
1 of 7
Download to read offline
New Deal 2020 Dave Bohlmann - KMC Controls DETECT
Detect: Three Main Functions Per the Framework: ● Detect Anomalies and Events (in a timely fashion) ● Continuous Monitoring (threats are always there) ● Maintain Processes and Procedures (exploits are always changing) These need to be done at different levels: ● Different types of attacks and detection methods are needed at different levels ● Requires cross-functional Team approach Defense in Depth
Detect: What to Detect? Similarities with IT/OT Systems: ● Malware installed or being executed ● Multiple failed attempts to login ● Unusual traffic patterns or user activity ● Attempts to cross segmented network boundaries Differences for OT Systems: ● Attacks use much less data ● Attacks use small commands to do big (and BAD) things Need To Know How The System Specifications and Requirements
Detect: Continuous Monitoring Automated Tools: ● Keep everything up to date ● Insure configuration is correct ● Use the right tool for the right job Automanual Tools: ● Audit log inspection ● Verification of Process Results Security Detection Also Helps to Verify Operations
Detect: Maintaining Security ● On-Going Commissioning ● Additions & Changes to the System Require Security Reviews ● Continual Training
Detect: Questions ● Experience involving IT & OT together? ● Experience with other types of attacks/exploits? ● Experience with on-going commissioning or analytics? ● What logged items are helpful? ● Aware of Automated Tools?

Recommended

Cybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCimetrics Inc
 
Cybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCimetrics Inc
 
ClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRMike Peter
 
Cybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCimetrics Inc
 
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellDistributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellNapier University
 
PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016Erika Powell-Burson, MSIA, CISSP, CISA
 
Security in Mobile Computing
Security in Mobile ComputingSecurity in Mobile Computing
Security in Mobile ComputingMeghaSingla7
 
PCI presentation
PCI presentationPCI presentation
PCI presentationMahmoud Salaheldin
 

Recommended

Cybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCybersecurity Summit AHR20 Recover Tridium
Cybersecurity Summit AHR20 Recover TridiumCimetrics Inc
 
Cybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCybersecurity Summit AHR20 Protect Cimetrics
Cybersecurity Summit AHR20 Protect CimetricsCimetrics Inc
 
ClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRClicQA Security Testing Services GDPR
ClicQA Security Testing Services GDPRMike Peter
 
Cybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCybersecurity Summit 2020 Slide Deck
Cybersecurity Summit 2020 Slide DeckCimetrics Inc
 
Distributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellDistributed Ledger PKI Risk Management Framework, Rob Campbell
Distributed Ledger PKI Risk Management Framework, Rob CampbellNapier University
 
PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016PCI Compliance NOT for Dummies epb 30MAR2016
PCI Compliance NOT for Dummies epb 30MAR2016Erika Powell-Burson, MSIA, CISSP, CISA
 
Security in Mobile Computing
Security in Mobile ComputingSecurity in Mobile Computing
Security in Mobile ComputingMeghaSingla7
 
PCI presentation
PCI presentationPCI presentation
PCI presentationMahmoud Salaheldin
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application LayerMLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionMLG College of Learning, Inc
 
Itir oct0714-network security-en
Itir oct0714-network security-enItir oct0714-network security-en
Itir oct0714-network security-enKBIZEAU
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk ManagmentMLG College of Learning, Inc
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171Corserva
 
Contract Security Officer Services
Contract Security Officer ServicesContract Security Officer Services
Contract Security Officer ServicesAnthony Noblett CISSP, CISA, CGEIT, CRISC, CCSK
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving EncryptionBruno Motta Rego
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceSchellman & Company
 
Information Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkInformation Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkBlaz Ivanc
 
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Leonardo
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionVivek Maurya
 
Ch01
Ch01Ch01
Ch01Alitta Aisyawati
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 
DNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology StakeholdersJohn Gilligan
 
Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network Sentry Global Technologies, LLC
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Securityprimeteacher32
 
Network management ppt
Network management pptNetwork management ppt
Network management pptDheerajPachauri
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
ST UNIT-1.pptx
ST UNIT-1.pptxST UNIT-1.pptx
ST UNIT-1.pptxGhanaVishnu
 

More Related Content

What's hot

Itir oct0714-network security-en
Itir oct0714-network security-enItir oct0714-network security-en
Itir oct0714-network security-enKBIZEAU
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171Corserva
 
2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving EncryptionBruno Motta Rego
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceSchellman & Company
 
Information Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkInformation Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkBlaz Ivanc
 
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Leonardo
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionVivek Maurya
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 
DNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology StakeholdersJohn Gilligan
 

What's hot (20)

Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion Detection
 
Itir oct0714-network security-en
Itir oct0714-network security-enItir oct0714-network security-en
Itir oct0714-network security-en
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk Managment
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171
 
Contract Security Officer Services
Contract Security Officer ServicesContract Security Officer Services
Contract Security Officer Services
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption2016 mindthesec Format-Preserving Encryption
2016 mindthesec Format-Preserving Encryption
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
 
Information Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability NetworkInformation Security Aspects of the Public Safety Data Interoperability Network
Information Security Aspects of the Public Safety Data Interoperability Network
 
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
 
Ch01
Ch01Ch01
Ch01
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
DNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized SecurityDNSFilter Webinar: Decentralized Security
DNSFilter Webinar: Decentralized Security
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
 
Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Security
 
Network management ppt
Network management pptNetwork management ppt
Network management ppt
 

Similar to Cybersecurity Summit AHR20 Detect KMC

IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
Software reliability & quality
Software reliability & qualitySoftware reliability & quality
Software reliability & qualityNur Islam
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkatasunil patro
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment PresentationEMAC Consulting Group
 
Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5tafinley
 
Software testing and introduction to quality
Software testing and introduction to qualitySoftware testing and introduction to quality
Software testing and introduction to qualityDhanashriAmbre
 
Quality Analyst Training - Gain America
Quality Analyst Training - Gain AmericaQuality Analyst Training - Gain America
Quality Analyst Training - Gain AmericaGainAmerica
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12jemtallon
 
SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24RishiSingh252284
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Object oriented sad 6
Object oriented sad 6Object oriented sad 6
Object oriented sad 6Bisrat Girma
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationObika Gellineau
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Effects of IT on internal controls
Effects of IT on internal controlsEffects of IT on internal controls
Effects of IT on internal controlsLou Foja
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET Journal
 

Similar to Cybersecurity Summit AHR20 Detect KMC (20)

IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and Auditing
 
ST UNIT-1.pptx
ST UNIT-1.pptxST UNIT-1.pptx
ST UNIT-1.pptx
 
Software reliability & quality
Software reliability & qualitySoftware reliability & quality
Software reliability & quality
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkata
 
Cv 1
Cv 1Cv 1
Cv 1
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
 
Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5Endpoint Security Shifting Paradigms 5
Endpoint Security Shifting Paradigms 5
 
Software testing and introduction to quality
Software testing and introduction to qualitySoftware testing and introduction to quality
Software testing and introduction to quality
 
Quality Analyst Training - Gain America
Quality Analyst Training - Gain AmericaQuality Analyst Training - Gain America
Quality Analyst Training - Gain America
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12
 
SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24SQA PPT by students of tybsc.it 2023--24
SQA PPT by students of tybsc.it 2023--24
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
 
Object oriented sad 6
Object oriented sad 6Object oriented sad 6
Object oriented sad 6
 
Caa ts
Caa tsCaa ts
Caa ts
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
 
Day1
Day1Day1
Day1
 
Effects of IT on internal controls
Effects of IT on internal controlsEffects of IT on internal controls
Effects of IT on internal controls
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural Analytics
 

More from Cimetrics Inc

BrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptxBrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptxCimetrics Inc
 
Cybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet InternationalCybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet InternationalCimetrics Inc
 
Cybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify TotemCybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify TotemCimetrics Inc
 
Cybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework CimetricsCybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework CimetricsCimetrics Inc
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doCimetrics Inc
 
Analytika educational and research facility case study
Analytika educational and research facility case study Analytika educational and research facility case study
Analytika educational and research facility case study Cimetrics Inc
 
Jefferson University Currents
Jefferson University CurrentsJefferson University Currents
Jefferson University CurrentsCimetrics Inc
 
BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP Cimetrics Inc
 
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...Cimetrics Inc
 
Bringing transparency to buildings.
Bringing transparency to buildings.Bringing transparency to buildings.
Bringing transparency to buildings.Cimetrics Inc
 
IoT Affects BACnet How?
IoT Affects BACnet How?IoT Affects BACnet How?
IoT Affects BACnet How?Cimetrics Inc
 
5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the Cloud5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the CloudCimetrics Inc
 
BACnet/IP good field implementation practices
BACnet/IP good field implementation practicesBACnet/IP good field implementation practices
BACnet/IP good field implementation practicesCimetrics Inc
 
BACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons LearnedBACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons LearnedCimetrics Inc
 
New England BACnet Users Meeting
New England BACnet Users MeetingNew England BACnet Users Meeting
New England BACnet Users MeetingCimetrics Inc
 
Building a BACnet Product
Building a BACnet ProductBuilding a BACnet Product
Building a BACnet ProductCimetrics Inc
 
Analytika - Research University case study
Analytika - Research University case studyAnalytika - Research University case study
Analytika - Research University case studyCimetrics Inc
 

More from Cimetrics Inc (18)

BrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptxBrodcastMinimizingTrafficBACnet.pptx
BrodcastMinimizingTrafficBACnet.pptx
 
Cybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet InternationalCybersecurity Summit AHR20 Take Action BACnet International
Cybersecurity Summit AHR20 Take Action BACnet International
 
Cybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify TotemCybersecurity Summit AHR20 Identify Totem
Cybersecurity Summit AHR20 Identify Totem
 
Cybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework CimetricsCybersecurity Summit AHR20 NIST framework Cimetrics
Cybersecurity Summit AHR20 NIST framework Cimetrics
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
 
BACnet and Metering
BACnet and MeteringBACnet and Metering
BACnet and Metering
 
Analytika educational and research facility case study
Analytika educational and research facility case study Analytika educational and research facility case study
Analytika educational and research facility case study
 
Jefferson University Currents
Jefferson University CurrentsJefferson University Currents
Jefferson University Currents
 
BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP BACnet/SC: A Secure Alternative to BACnet/IP
BACnet/SC: A Secure Alternative to BACnet/IP
 
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
BE A BTU HUNTER: How Big Data Analytics Can Achieve Energy and OM Savings Whi...
 
Bringing transparency to buildings.
Bringing transparency to buildings.Bringing transparency to buildings.
Bringing transparency to buildings.
 
IoT Affects BACnet How?
IoT Affects BACnet How?IoT Affects BACnet How?
IoT Affects BACnet How?
 
5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the Cloud5 Benefits of BACnet Data In the Cloud
5 Benefits of BACnet Data In the Cloud
 
BACnet/IP good field implementation practices
BACnet/IP good field implementation practicesBACnet/IP good field implementation practices
BACnet/IP good field implementation practices
 
BACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons LearnedBACnet at Cornell: 20+ Years of Lessons Learned
BACnet at Cornell: 20+ Years of Lessons Learned
 
New England BACnet Users Meeting
New England BACnet Users MeetingNew England BACnet Users Meeting
New England BACnet Users Meeting
 
Building a BACnet Product
Building a BACnet ProductBuilding a BACnet Product
Building a BACnet Product
 
Analytika - Research University case study
Analytika - Research University case studyAnalytika - Research University case study
Analytika - Research University case study
 

Recently uploaded

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 

Recently uploaded (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 

Cybersecurity Summit AHR20 Detect KMC

  • 1.
  • 2. New Deal 2020 Dave Bohlmann - KMC Controls DETECT
  • 3. Detect: Three Main Functions Per the Framework: ● Detect Anomalies and Events (in a timely fashion) ● Continuous Monitoring (threats are always there) ● Maintain Processes and Procedures (exploits are always changing) These need to be done at different levels: ● Different types of attacks and detection methods are needed at different levels ● Requires cross-functional Team approach Defense in Depth
  • 4. Detect: What to Detect? Similarities with IT/OT Systems: ● Malware installed or being executed ● Multiple failed attempts to login ● Unusual traffic patterns or user activity ● Attempts to cross segmented network boundaries Differences for OT Systems: ● Attacks use much less data ● Attacks use small commands to do big (and BAD) things Need To Know How The System Specifications and Requirements
  • 5. Detect: Continuous Monitoring Automated Tools: ● Keep everything up to date ● Insure configuration is correct ● Use the right tool for the right job Automanual Tools: ● Audit log inspection ● Verification of Process Results Security Detection Also Helps to Verify Operations
  • 6. Detect: Maintaining Security ● On-Going Commissioning ● Additions & Changes to the System Require Security Reviews ● Continual Training
  • 7. Detect: Questions ● Experience involving IT & OT together? ● Experience with other types of attacks/exploits? ● Experience with on-going commissioning or analytics? ● What logged items are helpful? ● Aware of Automated Tools?