SlideShare a Scribd company logo

Industrial Security.pdf

A
AhmedRKhan

The document discusses IEC 62443, an international standard for industrial automation and control system (IACS) cybersecurity. It provides an overview of key aspects of the standard, including its structure, risk assessment process, protection levels, security requirements, and life cycle approach. The standard is intended to help organizations establish cybersecurity programs for IACS that are risk-based and cover the entire life cycle from planning to decommissioning.

Technology
1 of 39
Download to read offline
Unrestricted © Siemens A/S siemens.com/industrial security Industrial Security Getting Started…
So… how do we start?
Caught between regulation, requirements, and standards Unrestricted © Siemens A/S 2018
The all-encompassing Industrial Security Standard Provides greater clarity by clearly defining the roles and responsibilities Unrestricted © Siemens A/S 2018
IEC 62443 gives us the ability to communicate In an unambiguous way Unrestricted © Siemens A/S 2018
IEC 62443 addresses the Defense in Depth concept Unrestricted © Siemens A/S 2018 Network Security • Cell protection, DMZ, and remote maintenance • Firewall and VPN • Segmentation • Asset and Network Management System integrity • System hardening • Authentication and user administration • Patch management • Logging and Monitoring • Detection of attacks Plant Security • Physical access protection • Processes and guidelines • Security service protecting production plants
IEC 62443 focus on the interfaces between all stakeholders Unrestricted © Siemens A/S 2018 Operator, Integrator, and Manufacturer
IEC 62443 from machines to corporates Unrestricted © Siemens A/S 2018 It is scalable
IEC 62443 provides a complete Cyber Security Management System Unrestricted © Siemens A/S 2018 Risk based approach That covers the setup of: Risk analysis Addressing risk security organization and security processes security countermeasures and Implementation Monitoring and improving
IEC 62443 from the beginning to the end Unrestricted © Siemens A/S 2018 It addresses the entire life cycle
Cybersecurity Life Cycle Unrestricted © Siemens A/S 2018 Maintain phase Assess phase Develop & implement phase
Cybersecurity Life Cycle Unrestricted © Siemens A/S 2018 Getting started Assess phase High-level Cyber Risk Assessment Allocation of IACS Assets to Zones or Conduits Detailed Cyber Risk Assessment Develop & implement phase Cybersecurity Requirements Specification Design and Engineering of countermeasures or other means of risk reduction Installation, commissioning, and validation of countermeasures Maintain phase Maintenance, Monitoring and Management of change Incident Response and Recovery Maintain phase Assess phase Develop & implement phase
Assess phase Unrestricted © Siemens A/S 2018 Risk Assessment Risk = Likelihood x Consequence Where: Likelihood = Threat x Vulnerability
Assess phase Risk methods and frameworks The Information Security Forum (ISF) National Institute of Standards and Technology (NIST) and… … Unrestricted © Siemens A/S 2018 More info: https://www.ncsc.gov.uk/guidance/summary-risk-methods-and-frameworks A good overview
Assess phase Unrestricted © Siemens A/S 2018 Segmentation of TI and OT
Assess phase Unrestricted © Siemens A/S 2018 Trusted/Untrusted Zones and Conduits PL1 PL2 Zone Control #1 PL3 Zone Control #2 Conduit Zone Enterprise Network Zone Plant
Assess phase Unrestricted © Siemens A/S 2018 Risk based development of security levels Evaluate Business Risk to determine Criticality Assign Target Protection Levels Evaluate Protection Levels Achieved Protection Levels Security Assessment Consequence
But… how specific is the IEC 62443?
What is the structure of IEC 62443? Unrestricted © Siemens A/S 2018 1-1 General Terminology, concepts and models 2-1 Policies and procedures Establishing an IACS security program 3-1 System Security technologies for IACS 4-1 Component Product development requirements 1-2 General Master glossary of terms and abbreviations 2-2 Policies and procedures Operating an IACS security program 3-2 System Security assurance levels for zones and conduits 4-2 Component Technical sec. requirements for IACS products 1-3 General 2-3 Policies and procedures 3-3 System System security compliance metrics Patch management in the IACS environment System sec. requirements and security assurance levels 1-4 General IACS sec. life cycle and use case 2-4 Policies and procedures Certification of IACS supplier security policies 1-5 General IACS protection levels Functional requirements Processes / procedures Definition and metrics
Phases in product and IACS life cycles Unrestricted © Siemens A/S 2018 Product life cycle Product Supplier Commercialization / maintenance Control Systems Embedded devices Network components Host devices Applications IACS life cycle Asset Owner System Integrator Automation solution Project application Asset Owner (Service provider) Automation solution Security measures and settings Configuration, User Management Security measures and settings Operational policies and procedures Specification Asset Owner Automation solution Decommissioning policies and procedures Decommissioning Operation / Maintenance Integration / Commissioning Security targets Phase Out Design Specification
Phases in product and IACS life cycles Unrestricted © Siemens A/S 2018 Product life cycle Product Supplier Commercialization / maintenance 2-3 3-3 4-1 4-2 IACS life cycle Asset Owner System Integrator Automation solution Project application Asset Owner (Service provider) Automation solution Security measures and settings 2-1 Specification Configuration, User Management Security measures and settings 2-3 3-2 2-4 3-3 2-1 2-3 Operational policies and procedures 2-4 3-2 3-3 Asset Owner Automation solution Decommissioning policies and procedures 2-1 2-4 Decommissioning Operation / Maintenance Integration / Commissioning Security targets Phase Out Design Specification Control Systems Embedded devices Network components Host devices Applications
Protection Levels Unrestricted © Siemens A/S 2018 Page 30 SL 1 Capability to protect against casual or coincidental violation SL 2 Capability to protect against intentional violation using simple means with low resources, generic skills and low motivation SL 3 Capability to protect against intentional violation using sophisticated means with moderate resources, IACS specific skills and moderate motivation SL 4 Capability to protect against intentional violation using sophisticated means with extended resources, IACS specific skills and high motivation ML 1 Initial - Process unpredictable, poorly controlled, and reactive. ML 2 Managed - Process characterized, reactive ML 3 Defined - Process characterized, proactive deployment ML 4 Optimized - Process measured, controlled, and continuously improved 4 3 2 1 4 3 2 1 Cover security functionalities and processes Security functionalities Security processes Protection Levels Security Level Maturity Level PL 1 Protection against casual or coincidental violation PL 2 Protection against intentional violation using simple means with low resources, generic skills and low motivation PL 3 Protection against intentional violation using sophisticated means with moderate resources, IACS specific skills and moderate motivation PL 4 Protection against intentional violation using sophisticated means with extended resources, IACS specific skills and high motivation
IEC 62443 Security measures Unrestricted © Siemens A/S 2018 It is unambiguous … Secure Physical Access Organize Security Secure Solution Design Secure Operations Secure Lifecycle management Revolving doors with card reader and PIN; Video Surveillance and/or IRIS Scanner at door Dual approval for critical actions Firewalls with Fail Close (e.g. Next Generation Firewall) Monitoring of all device activities Online security functionality verification … Revolving doors with card reader No Email, No WWW, etc. in Secure Cell 2 PCs (Secure Cell/outside) Monitoring of all human interactions Automated backup / recovery … … … Remote access with cRSP or equivalent Doors with card reader Persons responsible for security within own organization Mandatory security education Physical network segmentation or equivalent (e.g. SCALANCE S) Continuous monitoring (e.g. SIEM) … Backup verification Remote access restriction (e.g. need to connect principle) Locked building/doors with keys Awareness training (e.g. Operator Aware. training) Mandatory rules on USB sticks (e.g. Whitelisting) Network segmentation (e.g. VLAN) Security logging on all systems … Backup / recovery system + PL 3 + PL 2 + PL 1 PL 4
Protection Levels Cover security functionalities and processes Unrestricted © Siemens A/S 2018
IEC 62443-3-3 Unrestricted © Siemens A/S 2018 7 Foundational Requirements FR 1 – Identification and authentication control FR 2 – Use control FR 3 – System integrity FR 4 – Data confidentiality FR 5 – Restricted data flow FR 6 – Timely response to events FR 7 – Resource availability Defines security requirements for industrial control systems
FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 System Requirement Overview (Part 1) SRs und REs SL 1 SL 2 SL 3 SL 4 SR 1.1 – Human user identification and authentication     SR 1.1 RE 1 – Unique identification and authentication    SR 1.1 RE 2 – Multifactor authentication for untrusted networks   SR 1.1 RE 3 – Multifactor authentication for all networks  SR 1.2 – Software process and device identification and authentication    SR 1.2 RE 1 – Unique identification and authentication   SR 1.3 – Account management     SR 1.3 RE 1 – Unified account management   SR 1.4 – Identifier management     SR 1.5 – Authenticator management     SR 1.5 RE 1 – Hardware security for software process identity credentials   SR 1.6 – Wireless access management     SR 1.6 RE 1 – Unique identification and authentication   
FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 SR 1.1 – Human user identification and authentication 5.3 SR 1.1 – Human user identification and authentication 5.3.1 Requirement The control system shall provide the capability to identify and authenticate all human users. This capability shall enforce such identification and authentication on all interfaces which provide human user access to the control system to support segregation of duties and least privilege in accordance with applicable security policies and procedures. 5.3.2 Rationale and supplemental guidance All human users need to be identified and authenticated for all access to the control system. Authentication of the identity of these users should be accomplished by using methods such as passwords, tokens, biometrics or, in the case of multifactor authentication, some combination thereof. The geographic location of human users can also be used as part of the authentication process…….
FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 System Requirement Overview (Part 2) SRs und REs SL 1 SL 2 SL 3 SL 4 SR 1.7 – Strength of password-based authentication     SR 1.7 RE 1 – Password generation and lifetime restrictions for human users   SR 1.7 RE 2 – Password lifetime restrictions for all users  SR 1.8 – Public key infrastructure certificates    SR 1.9 – Strength of public key authentication    SR 1.9 RE 1 – Hardware security for public key authentication   SR 1.10 – Authenticator feedback     SR 1.11 – Unsuccessful login attempts     SR 1.12 – System use notification     SR 1.13 – Access via untrusted networks     SR 1.13 RE 1 – Explicit access request approval   
FR 2 – Use control System Requirement Overview (Part 37 ) Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 2.1 – Authorization enforcement     SR 2.1 RE 1 – Authorization enforcement for all users    SR 2.1 RE 2 – Permission mapping to roles    SR 2.1 RE 3 – Supervisor override   SR 2.1 RE 4 – Dual approval  SR 2.2 – Wireless use control     SR 2.2 RE 1 – Identify and report unauthorized wireless devices   SR 2.3 – Use control for portable and mobile devices     SR 2.3 RE 1 – Enforcement of security status of portable and mobile devices   SR 2.4 – Mobile code     SR 2.4 RE 1 – Mobile code integrity check   SR 2.5 – Session lock    
FR 2 – Use control System Requirement Overview (Part 38 ) Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 2.6 – Remote session termination    SR 2.7 – Concurrent session control   SR 2.8 – Auditable events     SR 2.8 RE 1 – Centrally managed, system-wide audit trail   SR 2.9 – Audit storage capacity     SR 2.9 RE 1 – Warn when audit record storage capacity threshold reached   SR 2.10 – Response to audit processing failures     SR 2.11 – Timestamps    SR 2.11 RE 1 – Internal time synchronization   SR 2.11 RE 2 – Protection of time source integrity  SR 2.12 – Non-repudiation   SR 2.12 RE 1 – Non-repudiation for all users 
FR 3 – System integrity System Requirement Overview U SRs und REs SL 1 SL 2 SL 3 SL 4 SR 3.1 – Communication integrity     SR 3.1 RE 1 – Cryptographic integrity protection   SR 3.2 – Malicious code protection     SR 3.2 RE 1 – Malicious code protection on entry and exit points    SR 3.2 RE 2 – Central management and reporting for malicious code protection   SR 3.3 – Security functionality verification     SR 3.3 RE 1 – Automated mechanisms for security functionality verification   SR 3.3 RE 2 – Security functionality verification during normal operation  SR 3.4 – Software and information integrity    SR 3.4 RE 1 – Automated notification about integrity violations   SR 3.5 – Input validation     SR 3.6 – Deterministic output     SR 3.7 – Error handling    SR 3.8 – Session integrity    SR 3.8 RE 1 – Invalidation of session IDs after session termination   SR 3.8 RE 2 – Unique session ID generation   SR 3.8 RE 3 – Randomness of session IDs  SR 3.9 – Protection of audit information    SR 3.9 RE 1 – Audit records on write-once media nrestricted © Siemens A/S 2018 
FR 4 – Data confidentiality System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 4.1 – Information confidentiality     SR 4.1 RE 1 – Protection of confidentiality at rest or in transit via untrusted networks    SR 4.1 RE 2 – Protection of confidentiality across zone boundaries  SR 4.2 – Information persistence    SR 4.2 RE 1 – Purging of shared memory resources   SR 4.3 – Use of cryptography    
FR 5 – Restricted data flow System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 5.1 – Network segmentation     SR 5.1 RE 1 – Physical network segmentation    SR 5.1 RE 2 – Independence from non-control system networks   SR 5.1 RE 3 – Logical and physical isolation of critical networks  SR 5.2 – Zone boundary protection     SR 5.2 RE 1 – Deny by default, allow by exception    SR 5.2 RE 2 – Island mode   SR 5.2 RE 3 – Fail close   SR 5.3 – General purpose person-to-person communication restrictions     SR 5.3 RE 1 – Prohibit all general purpose person-to-person communications   SR 5.4 – Application partitioning    
FR 6 – Timely response to events System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 6.1 – Audit log accessibility     SR 6.1 RE 1 – Programmatic access to audit logs   SR 6.2 – Continuous monitoring   
FR 7 – Resource availability System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 7.1 – Denial of service protection     SR 7.1 RE 1 – Manage communication loads    SR 7.1 RE 2 – Limit DoS effects to other systems or networks   SR 7.2 – Resource management     SR 7.3 – Control system backup     SR 7.3 RE 1 – Backup verification    SR 7.3 RE 2 – Backup automation   SR 7.4 – Control system recovery and reconstitution     SR 7.5 – Emergency power     SR 7.6 – Network and security configuration settings     SR 7.6 RE 1 – Machine-readable reporting of current security settings   SR 7.7 – Least functionality     SR 7.8 – Control system component inventory   
Recap - System Security Levels Unrestricted © Siemens A/S 2018 Plant environment Automation solution Control System as a combination of Independent of plant environment Control System capabilities Capability SLs Risk assessment System Integrator Asset Owner Product supplier Target SLs Achieved SLs Embedded devices Network components Host devices Applications IEC 62443 2-1 Establishing an IACS security program 3-2 Security risk assessment and system design 2-4 Certification of IACS supplier security policies 3-3 System security requirements and Security levels 4-1 Product development requirements 4-2 Technical security requirements for IACS products Contributions of the stakeholders
A piece of a bigger picture Unrestricted © Siemens A/S 2018 ISO 27001 The Functional Safety standard Risk assessment framework IEC 62443 NIST 800-30 Well known IT- security standard The OT-security standard
Recap… Act now Everyoneis a target – also small and medium sized plants IEC62443 is a Risk based framework that can help you getting started in a very structured way Define your Risk… Define your organization Define your Protection level Define your Zones and Conduits
Security information Unrestricted © Siemens A/S 2018 Page 49 Thank You for your attention

Recommended

Industrial_Cyber_Security
Industrial_Cyber_SecurityIndustrial_Cyber_Security
Industrial_Cyber_Security
WillianMachadoFonsec
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
ICS security
ICS securityICS security
ICS security
Ahmed Shitta
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity Risk
Mighty Guides, Inc.
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAse
Don Murdoch GSE CyberGuardian CISSP
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 

Recommended

Industrial_Cyber_Security
Industrial_Cyber_SecurityIndustrial_Cyber_Security
Industrial_Cyber_Security
WillianMachadoFonsec
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
ICS security
ICS securityICS security
ICS security
Ahmed Shitta
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity Risk
Mighty Guides, Inc.
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAse
Don Murdoch GSE CyberGuardian CISSP
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
GenericName6
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
Bob Rhubart
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
Yokogawa1
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
The Current ICS Threat Landscape
The Current ICS Threat LandscapeThe Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap
Anshu Gupta
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
Prime Infoserv
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
Nozomi Networks
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
Priyanka Aash
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
Shriya Rai
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
PROFIBUS and PROFINET InternationaI - PI UK
 
SIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEBSIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEB
Merlin Govender
 

More Related Content

What's hot

microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
GenericName6
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
Bob Rhubart
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
Yokogawa1
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
The Current ICS Threat Landscape
The Current ICS Threat LandscapeThe Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap
Anshu Gupta
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
Prime Infoserv
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
Nozomi Networks
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
Priyanka Aash
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
Shriya Rai
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 

What's hot (20)

microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
The Current ICS Threat Landscape
The Current ICS Threat LandscapeThe Current ICS Threat Landscape
The Current ICS Threat Landscape
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 

Similar to Industrial Security.pdf

10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
PROFIBUS and PROFINET InternationaI - PI UK
 
SIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEBSIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEB
Merlin Govender
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
TI Safe
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
Muhammad Mudassar
 
Skybox security
Skybox security Skybox security
Skybox security
Alejandro Cadarso
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
Schneider Electric
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
Symantec
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
EnergyTech2015
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
Hemanth M
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Splunk
 
Walls of Steel, Doors of Wood - Relevance of Application Security
Walls of Steel, Doors of Wood - Relevance of Application SecurityWalls of Steel, Doors of Wood - Relevance of Application Security
Walls of Steel, Doors of Wood - Relevance of Application Security
Abdul Jaleel
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
Aleksey Lukatskiy
 
Securing control systems v0.4
Securing control systems v0.4Securing control systems v0.4
Securing control systems v0.4
CrispnCrunch
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
DefCamp
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developers
Jiri Danihelka
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
AT-NET Services, Inc. - Charleston Division
 

Similar to Industrial Security.pdf (20)

10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
 
SIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEBSIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEB
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
 
Skybox security
Skybox security Skybox security
Skybox security
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 
Walls of Steel, Doors of Wood - Relevance of Application Security
Walls of Steel, Doors of Wood - Relevance of Application SecurityWalls of Steel, Doors of Wood - Relevance of Application Security
Walls of Steel, Doors of Wood - Relevance of Application Security
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
 
Securing control systems v0.4
Securing control systems v0.4Securing control systems v0.4
Securing control systems v0.4
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developers
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
 

Recently uploaded

Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 

Recently uploaded (20)

Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 

Industrial Security.pdf

  • 1. Unrestricted © Siemens A/S siemens.com/industrial security Industrial Security Getting Started…
  • 3. Caught between regulation, requirements, and standards Unrestricted © Siemens A/S 2018
  • 4. The all-encompassing Industrial Security Standard Provides greater clarity by clearly defining the roles and responsibilities Unrestricted © Siemens A/S 2018
  • 5. IEC 62443 gives us the ability to communicate In an unambiguous way Unrestricted © Siemens A/S 2018
  • 6. IEC 62443 addresses the Defense in Depth concept Unrestricted © Siemens A/S 2018 Network Security • Cell protection, DMZ, and remote maintenance • Firewall and VPN • Segmentation • Asset and Network Management System integrity • System hardening • Authentication and user administration • Patch management • Logging and Monitoring • Detection of attacks Plant Security • Physical access protection • Processes and guidelines • Security service protecting production plants
  • 7. IEC 62443 focus on the interfaces between all stakeholders Unrestricted © Siemens A/S 2018 Operator, Integrator, and Manufacturer
  • 8. IEC 62443 from machines to corporates Unrestricted © Siemens A/S 2018 It is scalable
  • 9. IEC 62443 provides a complete Cyber Security Management System Unrestricted © Siemens A/S 2018 Risk based approach That covers the setup of: Risk analysis Addressing risk security organization and security processes security countermeasures and Implementation Monitoring and improving
  • 10. IEC 62443 from the beginning to the end Unrestricted © Siemens A/S 2018 It addresses the entire life cycle
  • 11. Cybersecurity Life Cycle Unrestricted © Siemens A/S 2018 Maintain phase Assess phase Develop & implement phase
  • 12. Cybersecurity Life Cycle Unrestricted © Siemens A/S 2018 Getting started Assess phase High-level Cyber Risk Assessment Allocation of IACS Assets to Zones or Conduits Detailed Cyber Risk Assessment Develop & implement phase Cybersecurity Requirements Specification Design and Engineering of countermeasures or other means of risk reduction Installation, commissioning, and validation of countermeasures Maintain phase Maintenance, Monitoring and Management of change Incident Response and Recovery Maintain phase Assess phase Develop & implement phase
  • 13. Assess phase Unrestricted © Siemens A/S 2018 Risk Assessment Risk = Likelihood x Consequence Where: Likelihood = Threat x Vulnerability
  • 14. Assess phase Risk methods and frameworks The Information Security Forum (ISF) National Institute of Standards and Technology (NIST) and… … Unrestricted © Siemens A/S 2018 More info: https://www.ncsc.gov.uk/guidance/summary-risk-methods-and-frameworks A good overview
  • 15. Assess phase Unrestricted © Siemens A/S 2018 Segmentation of TI and OT
  • 16. Assess phase Unrestricted © Siemens A/S 2018 Trusted/Untrusted Zones and Conduits PL1 PL2 Zone Control #1 PL3 Zone Control #2 Conduit Zone Enterprise Network Zone Plant
  • 17. Assess phase Unrestricted © Siemens A/S 2018 Risk based development of security levels Evaluate Business Risk to determine Criticality Assign Target Protection Levels Evaluate Protection Levels Achieved Protection Levels Security Assessment Consequence
  • 19. What is the structure of IEC 62443? Unrestricted © Siemens A/S 2018 1-1 General Terminology, concepts and models 2-1 Policies and procedures Establishing an IACS security program 3-1 System Security technologies for IACS 4-1 Component Product development requirements 1-2 General Master glossary of terms and abbreviations 2-2 Policies and procedures Operating an IACS security program 3-2 System Security assurance levels for zones and conduits 4-2 Component Technical sec. requirements for IACS products 1-3 General 2-3 Policies and procedures 3-3 System System security compliance metrics Patch management in the IACS environment System sec. requirements and security assurance levels 1-4 General IACS sec. life cycle and use case 2-4 Policies and procedures Certification of IACS supplier security policies 1-5 General IACS protection levels Functional requirements Processes / procedures Definition and metrics
  • 20. Phases in product and IACS life cycles Unrestricted © Siemens A/S 2018 Product life cycle Product Supplier Commercialization / maintenance Control Systems Embedded devices Network components Host devices Applications IACS life cycle Asset Owner System Integrator Automation solution Project application Asset Owner (Service provider) Automation solution Security measures and settings Configuration, User Management Security measures and settings Operational policies and procedures Specification Asset Owner Automation solution Decommissioning policies and procedures Decommissioning Operation / Maintenance Integration / Commissioning Security targets Phase Out Design Specification
  • 21. Phases in product and IACS life cycles Unrestricted © Siemens A/S 2018 Product life cycle Product Supplier Commercialization / maintenance 2-3 3-3 4-1 4-2 IACS life cycle Asset Owner System Integrator Automation solution Project application Asset Owner (Service provider) Automation solution Security measures and settings 2-1 Specification Configuration, User Management Security measures and settings 2-3 3-2 2-4 3-3 2-1 2-3 Operational policies and procedures 2-4 3-2 3-3 Asset Owner Automation solution Decommissioning policies and procedures 2-1 2-4 Decommissioning Operation / Maintenance Integration / Commissioning Security targets Phase Out Design Specification Control Systems Embedded devices Network components Host devices Applications
  • 22. Protection Levels Unrestricted © Siemens A/S 2018 Page 30 SL 1 Capability to protect against casual or coincidental violation SL 2 Capability to protect against intentional violation using simple means with low resources, generic skills and low motivation SL 3 Capability to protect against intentional violation using sophisticated means with moderate resources, IACS specific skills and moderate motivation SL 4 Capability to protect against intentional violation using sophisticated means with extended resources, IACS specific skills and high motivation ML 1 Initial - Process unpredictable, poorly controlled, and reactive. ML 2 Managed - Process characterized, reactive ML 3 Defined - Process characterized, proactive deployment ML 4 Optimized - Process measured, controlled, and continuously improved 4 3 2 1 4 3 2 1 Cover security functionalities and processes Security functionalities Security processes Protection Levels Security Level Maturity Level PL 1 Protection against casual or coincidental violation PL 2 Protection against intentional violation using simple means with low resources, generic skills and low motivation PL 3 Protection against intentional violation using sophisticated means with moderate resources, IACS specific skills and moderate motivation PL 4 Protection against intentional violation using sophisticated means with extended resources, IACS specific skills and high motivation
  • 23. IEC 62443 Security measures Unrestricted © Siemens A/S 2018 It is unambiguous … Secure Physical Access Organize Security Secure Solution Design Secure Operations Secure Lifecycle management Revolving doors with card reader and PIN; Video Surveillance and/or IRIS Scanner at door Dual approval for critical actions Firewalls with Fail Close (e.g. Next Generation Firewall) Monitoring of all device activities Online security functionality verification … Revolving doors with card reader No Email, No WWW, etc. in Secure Cell 2 PCs (Secure Cell/outside) Monitoring of all human interactions Automated backup / recovery … … … Remote access with cRSP or equivalent Doors with card reader Persons responsible for security within own organization Mandatory security education Physical network segmentation or equivalent (e.g. SCALANCE S) Continuous monitoring (e.g. SIEM) … Backup verification Remote access restriction (e.g. need to connect principle) Locked building/doors with keys Awareness training (e.g. Operator Aware. training) Mandatory rules on USB sticks (e.g. Whitelisting) Network segmentation (e.g. VLAN) Security logging on all systems … Backup / recovery system + PL 3 + PL 2 + PL 1 PL 4
  • 24. Protection Levels Cover security functionalities and processes Unrestricted © Siemens A/S 2018
  • 25. IEC 62443-3-3 Unrestricted © Siemens A/S 2018 7 Foundational Requirements FR 1 – Identification and authentication control FR 2 – Use control FR 3 – System integrity FR 4 – Data confidentiality FR 5 – Restricted data flow FR 6 – Timely response to events FR 7 – Resource availability Defines security requirements for industrial control systems
  • 26. FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 System Requirement Overview (Part 1) SRs und REs SL 1 SL 2 SL 3 SL 4 SR 1.1 – Human user identification and authentication     SR 1.1 RE 1 – Unique identification and authentication    SR 1.1 RE 2 – Multifactor authentication for untrusted networks   SR 1.1 RE 3 – Multifactor authentication for all networks  SR 1.2 – Software process and device identification and authentication    SR 1.2 RE 1 – Unique identification and authentication   SR 1.3 – Account management     SR 1.3 RE 1 – Unified account management   SR 1.4 – Identifier management     SR 1.5 – Authenticator management     SR 1.5 RE 1 – Hardware security for software process identity credentials   SR 1.6 – Wireless access management     SR 1.6 RE 1 – Unique identification and authentication   
  • 27. FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 SR 1.1 – Human user identification and authentication 5.3 SR 1.1 – Human user identification and authentication 5.3.1 Requirement The control system shall provide the capability to identify and authenticate all human users. This capability shall enforce such identification and authentication on all interfaces which provide human user access to the control system to support segregation of duties and least privilege in accordance with applicable security policies and procedures. 5.3.2 Rationale and supplemental guidance All human users need to be identified and authenticated for all access to the control system. Authentication of the identity of these users should be accomplished by using methods such as passwords, tokens, biometrics or, in the case of multifactor authentication, some combination thereof. The geographic location of human users can also be used as part of the authentication process…….
  • 28. FR 1 – Identification and authentication control Unrestricted © Siemens A/S 2018 System Requirement Overview (Part 2) SRs und REs SL 1 SL 2 SL 3 SL 4 SR 1.7 – Strength of password-based authentication     SR 1.7 RE 1 – Password generation and lifetime restrictions for human users   SR 1.7 RE 2 – Password lifetime restrictions for all users  SR 1.8 – Public key infrastructure certificates    SR 1.9 – Strength of public key authentication    SR 1.9 RE 1 – Hardware security for public key authentication   SR 1.10 – Authenticator feedback     SR 1.11 – Unsuccessful login attempts     SR 1.12 – System use notification     SR 1.13 – Access via untrusted networks     SR 1.13 RE 1 – Explicit access request approval   
  • 29. FR 2 – Use control System Requirement Overview (Part 37 ) Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 2.1 – Authorization enforcement     SR 2.1 RE 1 – Authorization enforcement for all users    SR 2.1 RE 2 – Permission mapping to roles    SR 2.1 RE 3 – Supervisor override   SR 2.1 RE 4 – Dual approval  SR 2.2 – Wireless use control     SR 2.2 RE 1 – Identify and report unauthorized wireless devices   SR 2.3 – Use control for portable and mobile devices     SR 2.3 RE 1 – Enforcement of security status of portable and mobile devices   SR 2.4 – Mobile code     SR 2.4 RE 1 – Mobile code integrity check   SR 2.5 – Session lock    
  • 30. FR 2 – Use control System Requirement Overview (Part 38 ) Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 2.6 – Remote session termination    SR 2.7 – Concurrent session control   SR 2.8 – Auditable events     SR 2.8 RE 1 – Centrally managed, system-wide audit trail   SR 2.9 – Audit storage capacity     SR 2.9 RE 1 – Warn when audit record storage capacity threshold reached   SR 2.10 – Response to audit processing failures     SR 2.11 – Timestamps    SR 2.11 RE 1 – Internal time synchronization   SR 2.11 RE 2 – Protection of time source integrity  SR 2.12 – Non-repudiation   SR 2.12 RE 1 – Non-repudiation for all users 
  • 31. FR 3 – System integrity System Requirement Overview U SRs und REs SL 1 SL 2 SL 3 SL 4 SR 3.1 – Communication integrity     SR 3.1 RE 1 – Cryptographic integrity protection   SR 3.2 – Malicious code protection     SR 3.2 RE 1 – Malicious code protection on entry and exit points    SR 3.2 RE 2 – Central management and reporting for malicious code protection   SR 3.3 – Security functionality verification     SR 3.3 RE 1 – Automated mechanisms for security functionality verification   SR 3.3 RE 2 – Security functionality verification during normal operation  SR 3.4 – Software and information integrity    SR 3.4 RE 1 – Automated notification about integrity violations   SR 3.5 – Input validation     SR 3.6 – Deterministic output     SR 3.7 – Error handling    SR 3.8 – Session integrity    SR 3.8 RE 1 – Invalidation of session IDs after session termination   SR 3.8 RE 2 – Unique session ID generation   SR 3.8 RE 3 – Randomness of session IDs  SR 3.9 – Protection of audit information    SR 3.9 RE 1 – Audit records on write-once media nrestricted © Siemens A/S 2018 
  • 32. FR 4 – Data confidentiality System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 4.1 – Information confidentiality     SR 4.1 RE 1 – Protection of confidentiality at rest or in transit via untrusted networks    SR 4.1 RE 2 – Protection of confidentiality across zone boundaries  SR 4.2 – Information persistence    SR 4.2 RE 1 – Purging of shared memory resources   SR 4.3 – Use of cryptography    
  • 33. FR 5 – Restricted data flow System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 5.1 – Network segmentation     SR 5.1 RE 1 – Physical network segmentation    SR 5.1 RE 2 – Independence from non-control system networks   SR 5.1 RE 3 – Logical and physical isolation of critical networks  SR 5.2 – Zone boundary protection     SR 5.2 RE 1 – Deny by default, allow by exception    SR 5.2 RE 2 – Island mode   SR 5.2 RE 3 – Fail close   SR 5.3 – General purpose person-to-person communication restrictions     SR 5.3 RE 1 – Prohibit all general purpose person-to-person communications   SR 5.4 – Application partitioning    
  • 34. FR 6 – Timely response to events System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 6.1 – Audit log accessibility     SR 6.1 RE 1 – Programmatic access to audit logs   SR 6.2 – Continuous monitoring   
  • 35. FR 7 – Resource availability System Requirement Overview Unrestricted © Siemens A/S 2018 SRs und REs SL 1 SL 2 SL 3 SL 4 SR 7.1 – Denial of service protection     SR 7.1 RE 1 – Manage communication loads    SR 7.1 RE 2 – Limit DoS effects to other systems or networks   SR 7.2 – Resource management     SR 7.3 – Control system backup     SR 7.3 RE 1 – Backup verification    SR 7.3 RE 2 – Backup automation   SR 7.4 – Control system recovery and reconstitution     SR 7.5 – Emergency power     SR 7.6 – Network and security configuration settings     SR 7.6 RE 1 – Machine-readable reporting of current security settings   SR 7.7 – Least functionality     SR 7.8 – Control system component inventory   
  • 36. Recap - System Security Levels Unrestricted © Siemens A/S 2018 Plant environment Automation solution Control System as a combination of Independent of plant environment Control System capabilities Capability SLs Risk assessment System Integrator Asset Owner Product supplier Target SLs Achieved SLs Embedded devices Network components Host devices Applications IEC 62443 2-1 Establishing an IACS security program 3-2 Security risk assessment and system design 2-4 Certification of IACS supplier security policies 3-3 System security requirements and Security levels 4-1 Product development requirements 4-2 Technical security requirements for IACS products Contributions of the stakeholders
  • 37. A piece of a bigger picture Unrestricted © Siemens A/S 2018 ISO 27001 The Functional Safety standard Risk assessment framework IEC 62443 NIST 800-30 Well known IT- security standard The OT-security standard
  • 38. Recap… Act now Everyoneis a target – also small and medium sized plants IEC62443 is a Risk based framework that can help you getting started in a very structured way Define your Risk… Define your organization Define your Protection level Define your Zones and Conduits
  • 39. Security information Unrestricted © Siemens A/S 2018 Page 49 Thank You for your attention