SlideShare a Scribd company logo

Introduction to Industrial Cybersecurity for Water and Waste Water Operators

Download as PPTX, PDF
S
Sean R. Bouchard, P.Eng

Introduction to Industrial Cybersecurity concepts based around ISA/IEC 62443 and a look at what the Defense in Depth strategy looks like in Critical Infrastructure for Water and Waste Water Operators. Originally presented at EOCP 2020 Virtual Conference in BC, Canada.

Engineering
1 of 23
#EOCP2020 www.icieng.com/eocp2020 Intro to Industrial Cybersecurity and ISA/IEC 62443 for Operators EOCP OPERATOR CONFERENCE SEPTEMBER 16, 2020 Introduction to Industrial Cybersecurity concepts based around ISA/IEC 62443 and a look at what the Defense in Depth strategy looks like in Critical Infrastructure for Water and Wastewater Operators.
#EOCP2020 www.icieng.com/eocp2020 About Presenters Sean R. Bouchard, P.Eng. • ISA/IEC 62443 – CFS Bill McMillan, AScT • Kootenay Utility Services Kootenay Utility Solutions ensures the safe operation of small water and wastewater systems for First Nations and non-First Nations alike. If we can make it safer, why not? Engineering and Securing Industrial Automation and Control Systems
#EOCP2020 www.icieng.com/eocp2020 Presentation Activity! • Crossword puzzle based on the content of this presentation available with the slide package or on our website (along with answer key) at www.icieng.com/eocp2020
#EOCP2020 www.icieng.com/eocp2020 Cybersecurity in BC • National Cyber Security Strategy • https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt- strtg/index-en.aspx • Reporting an Incident • https://cyber.gc.ca/en/cyber-incidents • RCMP • Privacy Acts (Be aware of additional acts when collecting data) • FOIPPA (Information Privacy & Security) • FIPPA, Privacy Act (Federal), Access to Information Act (Federal) • https://www2.gov.bc.ca/gov/content/governments/services-for- government/policies-procedures/foippa-manual • CSA Staff Notice on Cybersecurity
#EOCP2020 www.icieng.com/eocp2020 Threat Landscape – 5 Common Myths, Recap • Five Common Myths about Industrial Cybersecurity • 1. We don't connect to the internet • 2. Our control systems are behind a firewall • 3. Hackers don't understand control systems • 4. Our facility is not a target • 5. Our safety systems will protect us • Want more? Visit www.icieng.com/eocp2020 for details from Cybersecurity Demonstration Presentation yesterday (Darren & Rob @ ICI)
#EOCP2020 www.icieng.com/eocp2020 ISA/IEC 62443 Standard What is it? • An Informative Standard • International • Provides a framework to address and mitigate current and future security vulnerabilities in Operational Technology • Includes guidelines for identification and management of cybersecurity risks. • Assessments (high-level and detailed) • Gap Analysis • Documentation (Change Management, etc) ISA International Society of Automation IEC International Electrotechnical Commission IAC S Industrial Automation and Control Systems OT Operational Technology
#EOCP2020 www.icieng.com/eocp2020 IT and OT
#EOCP2020 www.icieng.com/eocp2020 ISA/IEC 62443 Standard IT and OT • Maturity of systems: IT, CSMS, Engineering, OQM • Confidentiality vs Availability • Risks: Financial, Information Loss vs. Health, Safety, Environment • Different Protocols • Life Span • IT: 3-5 Years • OT: ~20 Years
#EOCP2020 www.icieng.com/eocp2020 Pitfalls • Continuous Improvement and Failure Analysis • Communication • Training (and training fatigue) • Integration with HSE is required, but training should be separated. • Documentation (or lack thereof) • Starting detailed Cybersecurity implementation without a rationale • Addressing only one component of an IACS • Management support (or lack thereof)
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth (DiD) • A layered approach to applying countermeasures or defensive mechanisms • Not symmetrical – some categories require more attention than others • Dependencies • Detection-in-Depth (5D’s) • Accountability • What is your organizations “Risk- Tolerance”?
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Physical Security • Location, location, location. • Physical access to a system or equipment is a vulnerability.
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Policies & Procedures Initiate CSMS High Level Risk Assessment Detailed Risk Assessment High Level Risk Assessment Establish Policy Organization/ Awareness Select and Implement Counter- measures Maintain CSMS • A component of a Cyber-Security Management System (CSMS) established from a Risk Assessment
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Zones & Conduits Flat Network Example WAN / INTERNET
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Zones & Conduits Flat Network Example – Single Device Compromised WAN / INTERNET
#EOCP2020 www.icieng.com/eocp2020 I/O ZONE PLANT ZONE ENGINEERING ZONE SCADA ZONE ENTERPRISE ZONEEnterprise Firewall Office Phone Office Printer OT Controller (PLC) WAN / INTERNET DMZ Firewall Process IO Device Email Workstation Operator Interface Engineering Workstation SCADA Server OT Firewall OT Firewall CONDUIT CONDUIT CONDUIT CONDUIT
#EOCP2020 www.icieng.com/eocp2020 I/O ZONE PLANT ZONE ENGINEERING ZONE SCADA ZONE ENTERPRISE ZONEEnterprise Firewall Office Phone Office Printer OT Controller (PLC) WAN / INTERNET DMZ Firewall Process IO Device Email Workstation Operator Interface Engineering Workstation SCADA Server OT Firewall OT Firewall CONDUIT CONDUIT CONDUIT CONDUIT
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Malware Prevention • Reduce the risk and impact of Malware • Internal sources • External Sources • Control systems are custom solutions and conventional anti-virus systems cannot be deployed on embedded systems such as a PLC. • Training!
#EOCP2020 www.icieng.com/eocp2020 Defense In Depth Access Controls • Authentication • Authorization • Audit
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Monitoring & Detection • Host or Network based detection. • Collecting information does NOT do any good unless you can detect and act on it.
#EOCP2020 www.icieng.com/eocp2020 Defense in Depth Patching
#EOCP2020 www.icieng.com/eocp2020 What you can do today • Passwords • Physical Security • Firewalls (anything default?) • Keyswitch on PLC – Run vs. Program? • Remote Access Defense in Depth (DiD) 1. Physical Security 2. Policies & Procedures 3. Zone & Conduits 4. Malware Prevention 5. Access Controls 6. Monitoring & Detection 7. Patching
#EOCP2020 www.icieng.com/eocp2020 Learning More Resources & Groups • Public Safety Canada • https://www.publicsafety.gc.ca/cnt/ntnl-scrt/crtcl- nfrstrctr/index-en.aspx • Canadian Center for Cybersecurity https://cyber.gc.ca/en/ • (USA) ICS-CERT https://us-cert.cisa.gov/ics • (USA) Cybersecurity and Infrastructure Security Agency • ISA99 Committee • https://www.isa.org/standards-and-publications/isa-standards/isa- standards-committees/isa99 • Get involved – Canadian Youth Cyber Education Initiative: • https://www.cybertitan.ca/ • Reminder – Further references to material in these slides can be found on our website at www.icieng.com/eocp2020
#EOCP2020 www.icieng.com/eocp2020 Q&A Bill McMillan Kootenay Utility Services wjamcmillan@gmail.com 250-687-1889 Sean R. Bouchard, P.Eng. ICI Electrical Engineering srb@icieng.com 778-220-7269 Twitter: @seanrbouchard For more information, see our website: www.icieng.com/eocp2020

Recommended

Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
Yokogawa1
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
Yokogawa1
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
Jim Gilsinn
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
promediakw
 

Recommended

Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
Yokogawa1
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
Yokogawa1
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
Jim Gilsinn
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
promediakw
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
International Electrotechnical Commission (IEC)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
Byres Security Inc.
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
Jim Gilsinn
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
North Texas Chapter of the ISSA
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
Digital Bond
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Jiunn-Jer Sun
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
EnergySec
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
EnergySec
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
pgmaynard
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
EnergySec
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2David Spinks
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
Eric Andresen
 
PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
AlekseySolomin
 
BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdf
JokaTek
 

More Related Content

What's hot

IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
International Electrotechnical Commission (IEC)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
Byres Security Inc.
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
Jim Gilsinn
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
North Texas Chapter of the ISSA
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
Digital Bond
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Jiunn-Jer Sun
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
EnergySec
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
EnergySec
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
pgmaynard
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
EnergySec
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
Eric Andresen
 

What's hot (20)

IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
 

Similar to Introduction to Industrial Cybersecurity for Water and Waste Water Operators

PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
AlekseySolomin
 
BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdf
JokaTek
 
CCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptxCCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptx
EBERTE
 
IoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR ProposalIoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR Proposal
Syam Madanapalli
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
Electric Imp
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
Andy Taylor
 
Building converged plantwide ethernet architectures
Building converged plantwide ethernet architecturesBuilding converged plantwide ethernet architectures
Building converged plantwide ethernet architectures
IntelligentManufacturingInstitute
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析
Onward Security
 
Practical IEC 61850 for Substation Automation for Engineers & Technicians
Practical IEC 61850 for Substation Automation for Engineers & TechniciansPractical IEC 61850 for Substation Automation for Engineers & Technicians
Practical IEC 61850 for Substation Automation for Engineers & Technicians
Living Online
 
Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...
Carotek
 
Troubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPTroubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IP
Living Online
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentation
PIACERE
 
Discrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the FutureDiscrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the Future
Mainstay
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
Ashley Zupkus
 
eIoT-tech-intro-for-paris-hackathon
eIoT-tech-intro-for-paris-hackathoneIoT-tech-intro-for-paris-hackathon
eIoT-tech-intro-for-paris-hackathon
Cisco DevNet
 
Hey IT, Meet OT with Hima Mukkamala
Hey IT, Meet OT with Hima MukkamalaHey IT, Meet OT with Hima Mukkamala
Hey IT, Meet OT with Hima Mukkamala
gogo6
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWS
Gabriel Paredes Loza
 
Controls-Con 2019 | Business Track
Controls-Con 2019 | Business TrackControls-Con 2019 | Business Track
Controls-Con 2019 | Business Track
Cochrane_Supply
 
Home Automation using Internet of Things
Home Automation using Internet of ThingsHome Automation using Internet of Things
Home Automation using Internet of Things
IRJET Journal
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
Duncan Purves
 

Similar to Introduction to Industrial Cybersecurity for Water and Waste Water Operators (20)

PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
 
BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdf
 
CCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptxCCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptx
 
IoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR ProposalIoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR Proposal
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
 
Building converged plantwide ethernet architectures
Building converged plantwide ethernet architecturesBuilding converged plantwide ethernet architectures
Building converged plantwide ethernet architectures
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析
 
Practical IEC 61850 for Substation Automation for Engineers & Technicians
Practical IEC 61850 for Substation Automation for Engineers & TechniciansPractical IEC 61850 for Substation Automation for Engineers & Technicians
Practical IEC 61850 for Substation Automation for Engineers & Technicians
 
Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...
 
Troubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPTroubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IP
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentation
 
Discrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the FutureDiscrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the Future
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
 
eIoT-tech-intro-for-paris-hackathon
eIoT-tech-intro-for-paris-hackathoneIoT-tech-intro-for-paris-hackathon
eIoT-tech-intro-for-paris-hackathon
 
Hey IT, Meet OT with Hima Mukkamala
Hey IT, Meet OT with Hima MukkamalaHey IT, Meet OT with Hima Mukkamala
Hey IT, Meet OT with Hima Mukkamala
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWS
 
Controls-Con 2019 | Business Track
Controls-Con 2019 | Business TrackControls-Con 2019 | Business Track
Controls-Con 2019 | Business Track
 
Home Automation using Internet of Things
Home Automation using Internet of ThingsHome Automation using Internet of Things
Home Automation using Internet of Things
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
 

Recently uploaded

Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Teleport Manpower Consultant
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
aqil azizi
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
BrazilAccount1
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
ChristineTorrepenida1
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
Pratik Pawar
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
top1002
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 

Recently uploaded (20)

Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 

Introduction to Industrial Cybersecurity for Water and Waste Water Operators

  • 1. #EOCP2020 www.icieng.com/eocp2020 Intro to Industrial Cybersecurity and ISA/IEC 62443 for Operators EOCP OPERATOR CONFERENCE SEPTEMBER 16, 2020 Introduction to Industrial Cybersecurity concepts based around ISA/IEC 62443 and a look at what the Defense in Depth strategy looks like in Critical Infrastructure for Water and Wastewater Operators.
  • 2. #EOCP2020 www.icieng.com/eocp2020 About Presenters Sean R. Bouchard, P.Eng. • ISA/IEC 62443 – CFS Bill McMillan, AScT • Kootenay Utility Services Kootenay Utility Solutions ensures the safe operation of small water and wastewater systems for First Nations and non-First Nations alike. If we can make it safer, why not? Engineering and Securing Industrial Automation and Control Systems
  • 3. #EOCP2020 www.icieng.com/eocp2020 Presentation Activity! • Crossword puzzle based on the content of this presentation available with the slide package or on our website (along with answer key) at www.icieng.com/eocp2020
  • 4. #EOCP2020 www.icieng.com/eocp2020 Cybersecurity in BC • National Cyber Security Strategy • https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt- strtg/index-en.aspx • Reporting an Incident • https://cyber.gc.ca/en/cyber-incidents • RCMP • Privacy Acts (Be aware of additional acts when collecting data) • FOIPPA (Information Privacy & Security) • FIPPA, Privacy Act (Federal), Access to Information Act (Federal) • https://www2.gov.bc.ca/gov/content/governments/services-for- government/policies-procedures/foippa-manual • CSA Staff Notice on Cybersecurity
  • 5. #EOCP2020 www.icieng.com/eocp2020 Threat Landscape – 5 Common Myths, Recap • Five Common Myths about Industrial Cybersecurity • 1. We don't connect to the internet • 2. Our control systems are behind a firewall • 3. Hackers don't understand control systems • 4. Our facility is not a target • 5. Our safety systems will protect us • Want more? Visit www.icieng.com/eocp2020 for details from Cybersecurity Demonstration Presentation yesterday (Darren & Rob @ ICI)
  • 6. #EOCP2020 www.icieng.com/eocp2020 ISA/IEC 62443 Standard What is it? • An Informative Standard • International • Provides a framework to address and mitigate current and future security vulnerabilities in Operational Technology • Includes guidelines for identification and management of cybersecurity risks. • Assessments (high-level and detailed) • Gap Analysis • Documentation (Change Management, etc) ISA International Society of Automation IEC International Electrotechnical Commission IAC S Industrial Automation and Control Systems OT Operational Technology
  • 8. #EOCP2020 www.icieng.com/eocp2020 ISA/IEC 62443 Standard IT and OT • Maturity of systems: IT, CSMS, Engineering, OQM • Confidentiality vs Availability • Risks: Financial, Information Loss vs. Health, Safety, Environment • Different Protocols • Life Span • IT: 3-5 Years • OT: ~20 Years
  • 9. #EOCP2020 www.icieng.com/eocp2020 Pitfalls • Continuous Improvement and Failure Analysis • Communication • Training (and training fatigue) • Integration with HSE is required, but training should be separated. • Documentation (or lack thereof) • Starting detailed Cybersecurity implementation without a rationale • Addressing only one component of an IACS • Management support (or lack thereof)
  • 10. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth (DiD) • A layered approach to applying countermeasures or defensive mechanisms • Not symmetrical – some categories require more attention than others • Dependencies • Detection-in-Depth (5D’s) • Accountability • What is your organizations “Risk- Tolerance”?
  • 11. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Physical Security • Location, location, location. • Physical access to a system or equipment is a vulnerability.
  • 12. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Policies & Procedures Initiate CSMS High Level Risk Assessment Detailed Risk Assessment High Level Risk Assessment Establish Policy Organization/ Awareness Select and Implement Counter- measures Maintain CSMS • A component of a Cyber-Security Management System (CSMS) established from a Risk Assessment
  • 13. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Zones & Conduits Flat Network Example WAN / INTERNET
  • 14. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Zones & Conduits Flat Network Example – Single Device Compromised WAN / INTERNET
  • 15. #EOCP2020 www.icieng.com/eocp2020 I/O ZONE PLANT ZONE ENGINEERING ZONE SCADA ZONE ENTERPRISE ZONEEnterprise Firewall Office Phone Office Printer OT Controller (PLC) WAN / INTERNET DMZ Firewall Process IO Device Email Workstation Operator Interface Engineering Workstation SCADA Server OT Firewall OT Firewall CONDUIT CONDUIT CONDUIT CONDUIT
  • 16. #EOCP2020 www.icieng.com/eocp2020 I/O ZONE PLANT ZONE ENGINEERING ZONE SCADA ZONE ENTERPRISE ZONEEnterprise Firewall Office Phone Office Printer OT Controller (PLC) WAN / INTERNET DMZ Firewall Process IO Device Email Workstation Operator Interface Engineering Workstation SCADA Server OT Firewall OT Firewall CONDUIT CONDUIT CONDUIT CONDUIT
  • 17. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Malware Prevention • Reduce the risk and impact of Malware • Internal sources • External Sources • Control systems are custom solutions and conventional anti-virus systems cannot be deployed on embedded systems such as a PLC. • Training!
  • 18. #EOCP2020 www.icieng.com/eocp2020 Defense In Depth Access Controls • Authentication • Authorization • Audit
  • 19. #EOCP2020 www.icieng.com/eocp2020 Defense in Depth Monitoring & Detection • Host or Network based detection. • Collecting information does NOT do any good unless you can detect and act on it.
  • 21. #EOCP2020 www.icieng.com/eocp2020 What you can do today • Passwords • Physical Security • Firewalls (anything default?) • Keyswitch on PLC – Run vs. Program? • Remote Access Defense in Depth (DiD) 1. Physical Security 2. Policies & Procedures 3. Zone & Conduits 4. Malware Prevention 5. Access Controls 6. Monitoring & Detection 7. Patching
  • 22. #EOCP2020 www.icieng.com/eocp2020 Learning More Resources & Groups • Public Safety Canada • https://www.publicsafety.gc.ca/cnt/ntnl-scrt/crtcl- nfrstrctr/index-en.aspx • Canadian Center for Cybersecurity https://cyber.gc.ca/en/ • (USA) ICS-CERT https://us-cert.cisa.gov/ics • (USA) Cybersecurity and Infrastructure Security Agency • ISA99 Committee • https://www.isa.org/standards-and-publications/isa-standards/isa- standards-committees/isa99 • Get involved – Canadian Youth Cyber Education Initiative: • https://www.cybertitan.ca/ • Reminder – Further references to material in these slides can be found on our website at www.icieng.com/eocp2020
  • 23. #EOCP2020 www.icieng.com/eocp2020 Q&A Bill McMillan Kootenay Utility Services wjamcmillan@gmail.com 250-687-1889 Sean R. Bouchard, P.Eng. ICI Electrical Engineering srb@icieng.com 778-220-7269 Twitter: @seanrbouchard For more information, see our website: www.icieng.com/eocp2020