Dragos, Inc., profile picture
Uploaded byDragos, Inc.
PPTX, PDF725 views

Neighborhood Keeper - Introduction

The document outlines the challenges faced by smaller communities in deploying and leveraging advanced cybersecurity technologies for operational technology (OT) and industrial control systems (ICS). It presents a roadmap to enhance energy delivery systems' cybersecurity through the deployment of commercial technology and cloud-based analytics for real-time data sharing and threat detection. Additionally, it emphasizes the importance of collaboration among energy sector participants to improve overall cybersecurity resilience and threat understanding.

Embed presentation

Downloaded 14 times
Introduction Matt Bodman Director of Special Programs NeighborhoodKeeper
The Community Challenge IssueswithEffortsBefore ManyCommunityMembers LackResources Our smallerinfrastructurecommunity memberslack resourcesforbudgetand personnelto deploy,maintain,andleverageleadingtechnologiesonthemarket. InformationSharingStruggles inOT/ICS Manyinformationsharingprogramssharedataorinformation;theyrarelyshareintelligence. Thisrequiressensitivedatato besharedbetweenentitieswith littlecurating. Effort is expended ona hopethatvaluewill beseenlater andindicatorsdonot scale. Insights into OT/ICSNetworks is Limited Cyberthreatstarget OT/ICSnetworksyet thecollectionandanalysisfrom thosenetworksis extremelylimited.It definitelydoesnotexist in thesmallerinfrastructuresiteswhere adversariescan train andprepareundetected.
Roadmap to Achieve Energy Delivery Systems Cybersecurity Objectives Mapped Roadmap Item4.5 (Cybereventdetectiontoolsthatevolve with the dynamicthreatlandscapecommerciallyavailable) By deployingcommercial off theshelf(COTS)industrialspecifictechnology(theDragosPlatform) to theOT networklayerof the participantsand researching,developing,and deployingindustrialspecificthreatbehavioranalyticstoprovidea transposableandscalableform of intelligence-driven threatdetection. Roadmap Item 5.6 (Mature,proactiveprocessestorapidlysharethreat,vulnerabilities,andmitigation strategiesareimplementedthroughouttheenergysector) Researching,architecting,anddeployinga cloudarchitecture(analyticsframework)that will securelyinterconnecttheOT layersensorstoreceive and share,at machine-speed,insightsin theform of non-sensitiveand non-personalidentifiablemetadata Roadmap Item 1.5and 4.6 (Compellingbusinesscasedeveloperforinvestmentin energydeliverysystemssecurity) (Lessonslearnedfromcyberincidentssharedand implementedthroughoutthe energysector) Researchanddeveloppublic use-casesandinsightsfrom thisdatato showcasethevalueof thisapproachto inform defenseandresponsepractices andcreatea combinedthreatpictureacrosstheenergysectorthat isfreelyavailableto all
Other Program Participants and Value Electricity InformationSharingand Analysis Center(E-ISAC) Advisoryfunctionthat will ensurethatwhat is beingresearchedanddevelopedwill be usefulto thelarger electric sectorcommunity.Additionally,the focuswill be on howto usetheanalyticaloutputsto enrichthe CRISPdataset.As anexample, leveragingwhen threatsin OT occurred to findthreatsin IT. IdahoNational Laboratory Advisoryfunctionthat will ensurethatwhat is beingresearchedanddevelopedwill be usefulto theDepartmentof Energy and tothe view of thenational threatlandscape.Additionally,theywill focusonhowto leveragethe insightsto enrichandenhanceCYOTE. Ameren,First Energy, and SouthernCompany Utilityparticipantsto deploythe technologyandconnect to the cloudanalyticsframework. Detectionsin theirenvironment, interviewswith their personnel,and use-casesjointlyproducedwill ensuretheapproachis soundandscalableto take to thelarger industryespeciallyco-opsand municipalities.
Expected Outputs From the R&D A sustainableprogramtoilluminatethe industrialthreatlandscape Day 1 Valueto Participants TheDragos Platformwill immediatelyprovideassetidentificationandautomaticreportingto participants.Threatanalytics arealsoimmediatelyavailable.Additionally,datais storedonsiteandavailabletoanyfutureincidentresponders Low Cost ThemodifiedDragosPlatformwill beavailableat anestimated$5-10k a yearper networkapplianceprice pointfor~15k- 50kper yearperco-op/municipality. Low TouchPoint Remoteanalysisoftheanalyticaloutputswill bedoneforthe participantsandmonitoring donefor them; if anythingis ever particularlybad they’llbenotified.No needforadditionalpersonnelat participantsites. No Trust Nosensitivedataleavestheparticipants’sites.It is onlyanalyticaloutputsnopersonalidentifiableinformationinthe systemoravailableto analysts Shared Insights New threatanalyticsrun acrossthe environmentwill identifythreatsin OT/ICS networksto shareinsightsof what detectionsand playbooks(mitigations)work acrossparticipants.Thiswill besharedat machine-speedto allparticipants. Enrichment Insightswill be leveragedto enrich thenationalunderstandingof threatsaswell asprogramssuchasCRISPandCYTE. Insightscan alsobeusedto offerregulationand standardsbodiesinsightsintothe realriskso theapproachesareadapted.
Questions? KEEPERS@DRAGOS.COM https://dragos.com/neighborhood-keeper/

More Related Content

PPTX
Dragos 2019 ICS Year in Review
byDragos, Inc.
 
PPTX
Dressing up the ICS Kill Chain
byDragos, Inc.
 
PPTX
Dragos year in review (yir) 2018
byDragos, Inc.
 
PPTX
2018 Year in Review- ICS Threat Activity Groups
byDragos, Inc.
 
PPTX
Dragos S4X20: Mapping ICS Incidents to the MITRE Attack Framework
byDragos, Inc.
 
PDF
Reassessing the 2016 CRASHOVERRIDE Cyber Attack
byDragos, Inc.
 
PPTX
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
byDragos, Inc.
 
PDF
The Current ICS Threat Landscape
byDragos, Inc.
 
Dragos 2019 ICS Year in Review
byDragos, Inc.
 
Dressing up the ICS Kill Chain
byDragos, Inc.
 
Dragos year in review (yir) 2018
byDragos, Inc.
 
2018 Year in Review- ICS Threat Activity Groups
byDragos, Inc.
 
Dragos S4X20: Mapping ICS Incidents to the MITRE Attack Framework
byDragos, Inc.
 
Reassessing the 2016 CRASHOVERRIDE Cyber Attack
byDragos, Inc.
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
byDragos, Inc.
 
The Current ICS Threat Landscape
byDragos, Inc.
 

What's hot

PPTX
PLC Virtualization Dragos S4 2019
byDragos, Inc.
 
PDF
Addressing the cyber kill chain
bySymantec Brasil
 
PPTX
How Long to Boom: Understanding and Measuring ICS Hacker Maturity
byDragos, Inc.
 
PDF
Dragos and CyberWire: ICS Ransomware
byDragos, Inc.
 
PPTX
Dragos S4x20: How to Build an OT Security Operations Center
byDragos, Inc.
 
PDF
Hardware Security on Vehicles
byPriyanka Aash
 
PDF
The State of Threat Detection 2019
byFidelis Cybersecurity
 
PDF
Industrial Control Systems Cybersecurity Technology Selection
byDragos, Inc.
 
PDF
Kofax Document Security
byKofax
 
PPTX
Purple Teaming ICS Networks
byDragos, Inc.
 
PDF
Consequence Informed Cyber Security
byDragos, Inc.
 
PPTX
Solving ICS Cybersecurity Challenges in the Electric Industry
byDragos, Inc.
 
PDF
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
byKaspersky
 
PDF
Rising Cyber Escalation US Iran Russia ICS Threats and Response
byDragos, Inc.
 
PDF
Security sdn
byPriya Singh
 
PPTX
Debunking the Hacker Hype: The Reality of Widespread Blackouts
byDragos, Inc.
 
PDF
Moving Beyond Zero Trust
byscoopnewsgroup
 
PPTX
Tripwire Energy Working Group: TIV Demo
byTripwire
 
PPTX
How to Increase ICS Cybersecurity Return on Investment (ROI)
byDragos, Inc.
 
PPTX
Dragos & SRP, PI World 2019: Utilizing Operations Data for Enhanced Cyber Thr...
byDragos, Inc.
 
PLC Virtualization Dragos S4 2019
byDragos, Inc.
 
Addressing the cyber kill chain
bySymantec Brasil
 
How Long to Boom: Understanding and Measuring ICS Hacker Maturity
byDragos, Inc.
 
Dragos and CyberWire: ICS Ransomware
byDragos, Inc.
 
Dragos S4x20: How to Build an OT Security Operations Center
byDragos, Inc.
 
Hardware Security on Vehicles
byPriyanka Aash
 
The State of Threat Detection 2019
byFidelis Cybersecurity
 
Industrial Control Systems Cybersecurity Technology Selection
byDragos, Inc.
 
Kofax Document Security
byKofax
 
Purple Teaming ICS Networks
byDragos, Inc.
 
Consequence Informed Cyber Security
byDragos, Inc.
 
Solving ICS Cybersecurity Challenges in the Electric Industry
byDragos, Inc.
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
byKaspersky
 
Rising Cyber Escalation US Iran Russia ICS Threats and Response
byDragos, Inc.
 
Security sdn
byPriya Singh
 
Debunking the Hacker Hype: The Reality of Widespread Blackouts
byDragos, Inc.
 
Moving Beyond Zero Trust
byscoopnewsgroup
 
Tripwire Energy Working Group: TIV Demo
byTripwire
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
byDragos, Inc.
 
Dragos & SRP, PI World 2019: Utilizing Operations Data for Enhanced Cyber Thr...
byDragos, Inc.
 

Similar to Neighborhood Keeper - Introduction

PDF
Power Plants Security Webinar Presentation
byCertrec
 
PDF
Deep Dive into Operational Technology Security - USCSI®.pdf
byUnited States Cybersecurity Institute (USCSI®)
 
PDF
Cybersecurity in Utilities
bySougata Mitra
 
PDF
Advice for CISOs: How to Approach OT Cybersecurity
byMighty Guides, Inc.
 
PDF
Strategies for Managing OT Cybersecurity Risk
byMighty Guides, Inc.
 
PDF
Securing the Future of Industry: How ICS Security Is Evolving with IT/OT Conv...
byswatipatil20000
 
PDF
IoT security Q3 2020 overview
byAnastasiia Konoplova
 
PDF
Strengthening Critical Infrastructure Security.pdf
byssuserc1c354
 
PPTX
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
byEnergySec
 
PDF
Nozomi Networks Q1_2018 Company Introduction
byNozomi Networks
 
PPTX
The Final Presentation - The Arsenal.pptx
byOlusholaWhenu1
 
PPTX
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
bySean R. Bouchard, P.Eng
 
PDF
Reimagining OT cybersecurity Strategy - Deloitte
byaakash malhotra
 
PDF
Reference Architecture for Electric Energy OT.pdf
byimjamadarp19
 
PDF
Industrial Control Security USA Sacramento California Oct 6/7
byJames Nesbitt
 
PDF
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
byTI Safe
 
PDF
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
byMighty Guides, Inc.
 
PDF
Io t security defense in depth charles li v1 20180425c
byCharles Li
 
PPTX
Law seminars intl cybersecurity in the power industry
byKevin Murphy
 
PDF
IRJET- Edge Deployed Cyber Security Hardware Architecture for Energy Delivery...
byIRJET Journal
 
Power Plants Security Webinar Presentation
byCertrec
 
Deep Dive into Operational Technology Security - USCSI®.pdf
byUnited States Cybersecurity Institute (USCSI®)
 
Cybersecurity in Utilities
bySougata Mitra
 
Advice for CISOs: How to Approach OT Cybersecurity
byMighty Guides, Inc.
 
Strategies for Managing OT Cybersecurity Risk
byMighty Guides, Inc.
 
Securing the Future of Industry: How ICS Security Is Evolving with IT/OT Conv...
byswatipatil20000
 
IoT security Q3 2020 overview
byAnastasiia Konoplova
 
Strengthening Critical Infrastructure Security.pdf
byssuserc1c354
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
byEnergySec
 
Nozomi Networks Q1_2018 Company Introduction
byNozomi Networks
 
The Final Presentation - The Arsenal.pptx
byOlusholaWhenu1
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
bySean R. Bouchard, P.Eng
 
Reimagining OT cybersecurity Strategy - Deloitte
byaakash malhotra
 
Reference Architecture for Electric Energy OT.pdf
byimjamadarp19
 
Industrial Control Security USA Sacramento California Oct 6/7
byJames Nesbitt
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
byTI Safe
 
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
byMighty Guides, Inc.
 
Io t security defense in depth charles li v1 20180425c
byCharles Li
 
Law seminars intl cybersecurity in the power industry
byKevin Murphy
 
IRJET- Edge Deployed Cyber Security Hardware Architecture for Energy Delivery...
byIRJET Journal
 

More from Dragos, Inc.

PDF
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
byDragos, Inc.
 
PPTX
Securing Electric Utility Infrastructure
byDragos, Inc.
 
PPTX
TRISIS in Perspective
byDragos, Inc.
 
PPTX
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
byDragos, Inc.
 
PDF
Threat Activity Groups - Dragos
byDragos, Inc.
 
PDF
Trisis in Perspective: Implications for ICS Defenders
byDragos, Inc.
 
PDF
TTPs for Threat hunting In Oil Refineries
byDragos, Inc.
 
PDF
Behavior-Based Defense in ICS
byDragos, Inc.
 
PPTX
The Four Types of Threat Detection and Use Cases in Industrial Security
byDragos, Inc.
 
PDF
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
byDragos, Inc.
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
byDragos, Inc.
 
Securing Electric Utility Infrastructure
byDragos, Inc.
 
TRISIS in Perspective
byDragos, Inc.
 
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
byDragos, Inc.
 
Threat Activity Groups - Dragos
byDragos, Inc.
 
Trisis in Perspective: Implications for ICS Defenders
byDragos, Inc.
 
TTPs for Threat hunting In Oil Refineries
byDragos, Inc.
 
Behavior-Based Defense in ICS
byDragos, Inc.
 
The Four Types of Threat Detection and Use Cases in Industrial Security
byDragos, Inc.
 
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
byDragos, Inc.
 

Recently uploaded

PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
The year in review - MarvelClient in 2025
bypanagenda
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 

Neighborhood Keeper - Introduction

  • 1.
    Introduction Matt Bodman Director ofSpecial Programs NeighborhoodKeeper
  • 2.
    The Community Challenge IssueswithEffortsBefore ManyCommunityMembersLackResources Our smallerinfrastructurecommunity memberslack resourcesforbudgetand personnelto deploy,maintain,andleverageleadingtechnologiesonthemarket. InformationSharingStruggles inOT/ICS Manyinformationsharingprogramssharedataorinformation;theyrarelyshareintelligence. Thisrequiressensitivedatato besharedbetweenentitieswith littlecurating. Effort is expended ona hopethatvaluewill beseenlater andindicatorsdonot scale. Insights into OT/ICSNetworks is Limited Cyberthreatstarget OT/ICSnetworksyet thecollectionandanalysisfrom thosenetworksis extremelylimited.It definitelydoesnotexist in thesmallerinfrastructuresiteswhere adversariescan train andprepareundetected.
  • 3.
    Roadmap to AchieveEnergy Delivery Systems Cybersecurity Objectives Mapped Roadmap Item4.5 (Cybereventdetectiontoolsthatevolve with the dynamicthreatlandscapecommerciallyavailable) By deployingcommercial off theshelf(COTS)industrialspecifictechnology(theDragosPlatform) to theOT networklayerof the participantsand researching,developing,and deployingindustrialspecificthreatbehavioranalyticstoprovidea transposableandscalableform of intelligence-driven threatdetection. Roadmap Item 5.6 (Mature,proactiveprocessestorapidlysharethreat,vulnerabilities,andmitigation strategiesareimplementedthroughouttheenergysector) Researching,architecting,anddeployinga cloudarchitecture(analyticsframework)that will securelyinterconnecttheOT layersensorstoreceive and share,at machine-speed,insightsin theform of non-sensitiveand non-personalidentifiablemetadata Roadmap Item 1.5and 4.6 (Compellingbusinesscasedeveloperforinvestmentin energydeliverysystemssecurity) (Lessonslearnedfromcyberincidentssharedand implementedthroughoutthe energysector) Researchanddeveloppublic use-casesandinsightsfrom thisdatato showcasethevalueof thisapproachto inform defenseandresponsepractices andcreatea combinedthreatpictureacrosstheenergysectorthat isfreelyavailableto all
  • 4.
    Other Program Participantsand Value Electricity InformationSharingand Analysis Center(E-ISAC) Advisoryfunctionthat will ensurethatwhat is beingresearchedanddevelopedwill be usefulto thelarger electric sectorcommunity.Additionally,the focuswill be on howto usetheanalyticaloutputsto enrichthe CRISPdataset.As anexample, leveragingwhen threatsin OT occurred to findthreatsin IT. IdahoNational Laboratory Advisoryfunctionthat will ensurethatwhat is beingresearchedanddevelopedwill be usefulto theDepartmentof Energy and tothe view of thenational threatlandscape.Additionally,theywill focusonhowto leveragethe insightsto enrichandenhanceCYOTE. Ameren,First Energy, and SouthernCompany Utilityparticipantsto deploythe technologyandconnect to the cloudanalyticsframework. Detectionsin theirenvironment, interviewswith their personnel,and use-casesjointlyproducedwill ensuretheapproachis soundandscalableto take to thelarger industryespeciallyco-opsand municipalities.
  • 11.
    Expected Outputs Fromthe R&D A sustainableprogramtoilluminatethe industrialthreatlandscape Day 1 Valueto Participants TheDragos Platformwill immediatelyprovideassetidentificationandautomaticreportingto participants.Threatanalytics arealsoimmediatelyavailable.Additionally,datais storedonsiteandavailabletoanyfutureincidentresponders Low Cost ThemodifiedDragosPlatformwill beavailableat anestimated$5-10k a yearper networkapplianceprice pointfor~15k- 50kper yearperco-op/municipality. Low TouchPoint Remoteanalysisoftheanalyticaloutputswill bedoneforthe participantsandmonitoring donefor them; if anythingis ever particularlybad they’llbenotified.No needforadditionalpersonnelat participantsites. No Trust Nosensitivedataleavestheparticipants’sites.It is onlyanalyticaloutputsnopersonalidentifiableinformationinthe systemoravailableto analysts Shared Insights New threatanalyticsrun acrossthe environmentwill identifythreatsin OT/ICS networksto shareinsightsof what detectionsand playbooks(mitigations)work acrossparticipants.Thiswill besharedat machine-speedto allparticipants. Enrichment Insightswill be leveragedto enrich thenationalunderstandingof threatsaswell asprogramssuchasCRISPandCYTE. Insightscan alsobeusedto offerregulationand standardsbodiesinsightsintothe realriskso theapproachesareadapted.
  • 12.