SlideShare a Scribd company logo

Cyber Security in Railways Systems, Ansaldo STS experience

Community Protection Forum
Community Protection Forum

Workshop - «Risks and Security Management in Logistics and Transports» by Daniele Debertol, PhD Ansaldo STS, A FInmeccanica Company

1 of 15
Download to read offline
About us: Finmeccanica CP EXPO Workshop - «Risks and Security Management in Logistics and Transports» Cyber Security in Railways Systems, Ansaldo STS experience – Part 2: Cyber Security Strategy and Design Relator: Joint work with: Daniele Debertol, PhD. Ermete Meda, InfoSec Manager Finmeccanica is Italy’s leading manufacturer in the high technology sector. Genova, 29 October 2013 Finmeccanica is the largest shareholder in Ansaldo STS with a 40% stake. 1
Signaling Systems: Safety-to-Security relationships “Vital Systems” • RBC (Radio Block Center) • Interlocking Environment Proprietary Infrastructure that ensures Railway Safety is not subject to computer attack Vital Systems “Non-Vital Systems” • Centralized Traffic Control Systems (e.g. TMS), Automation Systems Environment • Commercial ICT Infrastructure undergoing Cyber Security Risks (Operational Continuity, Financial losses, Reputational damage) Non-Vital Systems Non-Vital Systems 2
… and between vital and non-vital layers Needs Protection… External Systems Non-vital layer Train Management System (TMS) Interlocking RBC Interlocking Vital layer ERTMS Euroradio T2 T1 Balise RBC: Radio-Block Center 3
Evolution and Characteristics of Railway Signaling Systems Technology Platforms In the Past Today Proprietary HW/SW Isolated Systems Dedicated Applications Structured Information Commercial low cost HW/SW TCP/IP Protocol Interconnected Systems Heterogeneous Services (E-mail, Info-web, VoIP, CCTV, …) Structured and unstructured Information Operating Environment Today Distributed ICT infrastructure spread over long distances, and unattended systems Connections between safety critical and non-safety critical layers External systems connected to signaling infrastructure Human factor (operators, maintainers and… passengers) 4
Cyber Space calling, Cyber Security knocking Cyber Security: protection of Cyber Space. But what is Cyber Space? Yesterday: many different environments, side-by-side Today: one single, big environment Consequences: Dynamic Threat Landscape in unique Cyber Domain Strategic & Tactical Cyber War Military Terrorism Politics Espionage Intellectual Property Organized Crime $ Vandalism & Hacktivism Ego, Curiosity Stuxnet, Operation Aurora, Botnets Zeus, Flame, Mandiant APT1 Report, AET attacks, Botnets, Phishing email DDoS attacks, Wikileaks, Anonymous 5
Mature Cyber Security Process 1 Discovery & Assessment • • • 2 HW/SW Review & Redesign • • • 3 Identify key risks Identify key assets Identify gaps Countermeasure rationalization Security Infrastructure Assessment Fill technology gaps Intelligence & Analytics • • • Monitoring & Management Improvement Big Data Security Analytics Real-time Intelligence feeds 3 Phase Approach 6
ICT Security Activities and Governance: Best Practices Incident Management Event Identification Countermeasures Effort 7
ICT Security Activities and Governance: real life Reactive countermeasures Reaction WTF is Detection … and guess what? … and Monitoring… Monitoring… Prevention going on??? (not excluding Forensics) Proactive countermeasures 8
Cyber Security: taking advantage of IT Building on top of Information Technology infrastructures, means that you get both its weaknesses, true, but its strenghts as well… … putting it the other way round: if a system is not secure by design – and they are not –, it will leave plenty of traces for you to follow! Leaving trace-routes behind 9
Strategy: enhance monitoring and correlate Content Filtering Virtual Patching AAA Firewalling IDS/IPS So many eyes… giving a very broad view (say, at 365°degrees… to stay safe)… OK… ° But where to look for? And for what? And who? 10
Perimeter Defence - Firewall shortcoming Signalling Plant_2 Signalling Plant_1 Signalling Plant_N ….. Firewall Module Firewall Module Firewall Module WAN Policy Installation Logs Traffic Firewall Module Management Console External Systems expected results from logs Solution: adding IPS/IDS and Log Correlation 11
Content Filtering: the do’s and the dont’s Operating system is static, meaning that you can’t change it too often (good…), but that you won’t be able to patch (at all) either, which is NO GOOD! Dirty Traffic Virtual Patcher Clean Traffic Clean Traffic Threats Treatment Analysis: find critical vulnerabilities directly exposed to possible attacks Remediation: identify (& block) specific packets for the above vulnerabilities Solution: adding Virtual Patching 12
Near Realtime Asset Control • not a performance- or availability-driven tool, though it may help • based on static asset database loaded offline at project time Repeat as needed • perform differential discovery onsite for database tuning • acknowledge variations that should be allowed • what is left, deal with: either a missing sheep, or a mismatched one, or… go, bark, there’s a wolf! Clean Traffic Clean Traffic GUI Monitoring subnet WAN Know your flock, and beware of wolves! Barkin’, at the very least 13
The russian peasant of SIEMs at work: fast and light Events Console Message Correlation Minimize False Positives Realtime response (no archiving) Novelty detection for scheme-in-the-chaos Correlation Engine Log Files Sensor_1 Sensor_2 … Sensor_n Log Correlation 14
The 11th hour (a.m.?) Do we simply wait for vulnerabilities to become actual threats or Can we advance from here, and provide for new services? Cyber Security = Defense line 15

Recommended

Monitoring the Data Center
Monitoring the Data CenterMonitoring the Data Center
Monitoring the Data Center
Lancope, Inc.
 
Select idps
Select idpsSelect idps
Select idps
Info-Tech Research Group
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical Controls
MLG College of Learning, Inc
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
Jan Fried
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
Priyanka Aash
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions
Dragos, Inc.
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
AlienVault
 

Recommended

Monitoring the Data Center
Monitoring the Data CenterMonitoring the Data Center
Monitoring the Data Center
Lancope, Inc.
 
Select idps
Select idpsSelect idps
Select idps
Info-Tech Research Group
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical Controls
MLG College of Learning, Inc
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
Jan Fried
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
Priyanka Aash
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions How to Respond to Industrial Intrusions
How to Respond to Industrial Intrusions
Dragos, Inc.
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
AlienVault
 
Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS Defenders
Dragos, Inc.
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
Charles Li
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
MLG College of Learning, Inc
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
Anton Chuvakin
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
Dr Robert D. Childs
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
North Texas Chapter of the ISSA
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
Alert Logic
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
Anita D'Amico
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
Kumar Gaurav
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
Rsa report v14
Rsa report v14Rsa report v14
Rsa report v14
Nicholas Tan
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
Ahmed Ayman
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint Protection
Trustmarque
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
Satria Ady Pradana
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
AlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
AlienVault
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
North Texas Chapter of the ISSA
 
S4x20 Forescout Presentation
S4x20 Forescout Presentation S4x20 Forescout Presentation
S4x20 Forescout Presentation
Brian Proctor - GICSP, CISSP, CRISC
 
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Francesco Flammini
 
CV_Magesh
CV_MageshCV_Magesh
CV_Magesh
magesh velu
 

More Related Content

What's hot

Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS Defenders
Dragos, Inc.
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
Charles Li
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
MLG College of Learning, Inc
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
Anton Chuvakin
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
Dr Robert D. Childs
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
North Texas Chapter of the ISSA
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
Alert Logic
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
Anita D'Amico
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
Kumar Gaurav
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
Rsa report v14
Rsa report v14Rsa report v14
Rsa report v14
Nicholas Tan
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
Ahmed Ayman
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint Protection
Trustmarque
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
Satria Ady Pradana
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
AlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
AlienVault
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
North Texas Chapter of the ISSA
 
S4x20 Forescout Presentation
S4x20 Forescout Presentation S4x20 Forescout Presentation
S4x20 Forescout Presentation
Brian Proctor - GICSP, CISSP, CRISC
 

What's hot (20)

Trisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS DefendersTrisis in Perspective: Implications for ICS Defenders
Trisis in Perspective: Implications for ICS Defenders
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
 
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougalNTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
NTXISSACSC2 - Kid Proofing the Internet of Things by Monty McDougal
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Rsa report v14
Rsa report v14Rsa report v14
Rsa report v14
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Intel Security Endpoint Protection
Intel Security Endpoint ProtectionIntel Security Endpoint Protection
Intel Security Endpoint Protection
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
 
S4x20 Forescout Presentation
S4x20 Forescout Presentation S4x20 Forescout Presentation
S4x20 Forescout Presentation
 

Viewers also liked

Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Francesco Flammini
 
CV_Magesh
CV_MageshCV_Magesh
CV_Magesh
magesh velu
 
The Digital Disruption of CCTV
The Digital Disruption of CCTVThe Digital Disruption of CCTV
The Digital Disruption of CCTV
Chris Sandström
 
Texmaco-STP5
Texmaco-STP5Texmaco-STP5
Texmaco-STP5
Nitish Joshi (Looking for Rail Projects in Africa)
 
"The Great Train Cyber Robbery" SCADAStrangeLove
"The Great Train Cyber Robbery" SCADAStrangeLove"The Great Train Cyber Robbery" SCADAStrangeLove
"The Great Train Cyber Robbery" SCADAStrangeLove
Aleksandr Timorin
 
Signalling and Interlocking
Signalling and InterlockingSignalling and Interlocking
Signalling and Interlocking
srinivas2036
 
It's time to change the basics of Cyber Security
It's time to change the basics of Cyber SecurityIt's time to change the basics of Cyber Security
It's time to change the basics of Cyber Security
Jiří Napravnik
 

Viewers also liked (7)

Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
Model-Based Approaches for Railway Safety, Reliability and Security: The Expe...
 
CV_Magesh
CV_MageshCV_Magesh
CV_Magesh
 
The Digital Disruption of CCTV
The Digital Disruption of CCTVThe Digital Disruption of CCTV
The Digital Disruption of CCTV
 
Texmaco-STP5
Texmaco-STP5Texmaco-STP5
Texmaco-STP5
 
"The Great Train Cyber Robbery" SCADAStrangeLove
"The Great Train Cyber Robbery" SCADAStrangeLove"The Great Train Cyber Robbery" SCADAStrangeLove
"The Great Train Cyber Robbery" SCADAStrangeLove
 
Signalling and Interlocking
Signalling and InterlockingSignalling and Interlocking
Signalling and Interlocking
 
It's time to change the basics of Cyber Security
It's time to change the basics of Cyber SecurityIt's time to change the basics of Cyber Security
It's time to change the basics of Cyber Security
 

Similar to Cyber Security in Railways Systems, Ansaldo STS experience

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
TI Safe
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
Laura Arrigo
 
Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on Snort
Francis Yang
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!
Priyanka Aash
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Jiunn-Jer Sun
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
Eoin Keary
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Aparajita Banerjee
 
Cyber Security in Power Systems
Cyber Security in Power SystemsCyber Security in Power Systems
Cyber Security in Power Systems
Power System Operation
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptx
chWaqasZahid
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
Momita Sharma
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
Eoin Keary
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
♟Sergej Epp
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
Minh Le
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
Cyber Security Alliance
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
Stonesoft
 

Similar to Cyber Security in Railways Systems, Ansaldo STS experience (20)

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on Snort
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
Cyber Security in Power Systems
Cyber Security in Power SystemsCyber Security in Power Systems
Cyber Security in Power Systems
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptx
 
Honeypots.ppt1800363876
Honeypots.ppt1800363876Honeypots.ppt1800363876
Honeypots.ppt1800363876
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
 

More from Community Protection Forum

The Role of the Commonwealth in Cyberspace
The Role of the Commonwealth in CyberspaceThe Role of the Commonwealth in Cyberspace
The Role of the Commonwealth in Cyberspace
Community Protection Forum
 
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
Community Protection Forum
 
Industrial Safety and Security in Horizon 2020
Industrial Safety and Security in Horizon 2020Industrial Safety and Security in Horizon 2020
Industrial Safety and Security in Horizon 2020
Community Protection Forum
 
New Frontiers for Nuclear Power Plants Safety
New Frontiers for Nuclear Power Plants SafetyNew Frontiers for Nuclear Power Plants Safety
New Frontiers for Nuclear Power Plants Safety
Community Protection Forum
 
New Models and New Technologies for an Integrated Risk Management in Complex ...
New Models and New Technologies for an Integrated Risk Management in Complex ...New Models and New Technologies for an Integrated Risk Management in Complex ...
New Models and New Technologies for an Integrated Risk Management in Complex ...
Community Protection Forum
 
Cyber Security Challenges: how are we facing them?
Cyber Security Challenges: how are we facing them?Cyber Security Challenges: how are we facing them?
Cyber Security Challenges: how are we facing them?
Community Protection Forum
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
Security Projects & Projects Safety
Security Projects & Projects SafetySecurity Projects & Projects Safety
Security Projects & Projects Safety
Community Protection Forum
 
Security of the Supply Chain & Commerce Facilitation with a PM approach
Security of the Supply Chain & Commerce Facilitation with a PM approachSecurity of the Supply Chain & Commerce Facilitation with a PM approach
Security of the Supply Chain & Commerce Facilitation with a PM approach
Community Protection Forum
 
A Cyberwarfare Weapon: Slowreq
A Cyberwarfare Weapon: SlowreqA Cyberwarfare Weapon: Slowreq
A Cyberwarfare Weapon: Slowreq
Community Protection Forum
 
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
Community Protection Forum
 
Touristic Port Security
Touristic Port SecurityTouristic Port Security
Touristic Port Security
Community Protection Forum
 
Cyber Security Applications for Smart Communities
Cyber Security Applications for Smart CommunitiesCyber Security Applications for Smart Communities
Cyber Security Applications for Smart Communities
Community Protection Forum
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
 
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
Community Protection Forum
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
Community Protection Forum
 
Safety and Security Task in the Operation of Multipurpose Italian Navy Units
Safety and Security Task in the Operation of Multipurpose Italian Navy UnitsSafety and Security Task in the Operation of Multipurpose Italian Navy Units
Safety and Security Task in the Operation of Multipurpose Italian Navy Units
Community Protection Forum
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
Community Protection Forum
 
Cyber Security and the National Central Banks
Cyber Security and the National Central BanksCyber Security and the National Central Banks
Cyber Security and the National Central Banks
Community Protection Forum
 
Smart Cities: Technologies for Efficient and Sustainable Cities
Smart Cities: Technologies for Efficient and Sustainable CitiesSmart Cities: Technologies for Efficient and Sustainable Cities
Smart Cities: Technologies for Efficient and Sustainable Cities
Community Protection Forum
 

More from Community Protection Forum (20)

The Role of the Commonwealth in Cyberspace
The Role of the Commonwealth in CyberspaceThe Role of the Commonwealth in Cyberspace
The Role of the Commonwealth in Cyberspace
 
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
Critical Infrastucture Protection: a strategic opportunity for countries’ mod...
 
Industrial Safety and Security in Horizon 2020
Industrial Safety and Security in Horizon 2020Industrial Safety and Security in Horizon 2020
Industrial Safety and Security in Horizon 2020
 
New Frontiers for Nuclear Power Plants Safety
New Frontiers for Nuclear Power Plants SafetyNew Frontiers for Nuclear Power Plants Safety
New Frontiers for Nuclear Power Plants Safety
 
New Models and New Technologies for an Integrated Risk Management in Complex ...
New Models and New Technologies for an Integrated Risk Management in Complex ...New Models and New Technologies for an Integrated Risk Management in Complex ...
New Models and New Technologies for an Integrated Risk Management in Complex ...
 
Cyber Security Challenges: how are we facing them?
Cyber Security Challenges: how are we facing them?Cyber Security Challenges: how are we facing them?
Cyber Security Challenges: how are we facing them?
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
Security Projects & Projects Safety
Security Projects & Projects SafetySecurity Projects & Projects Safety
Security Projects & Projects Safety
 
Security of the Supply Chain & Commerce Facilitation with a PM approach
Security of the Supply Chain & Commerce Facilitation with a PM approachSecurity of the Supply Chain & Commerce Facilitation with a PM approach
Security of the Supply Chain & Commerce Facilitation with a PM approach
 
A Cyberwarfare Weapon: Slowreq
A Cyberwarfare Weapon: SlowreqA Cyberwarfare Weapon: Slowreq
A Cyberwarfare Weapon: Slowreq
 
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
Emergency Electrical Power Supply to Nuclear Safety Systems: design basis and...
 
Touristic Port Security
Touristic Port SecurityTouristic Port Security
Touristic Port Security
 
Cyber Security Applications for Smart Communities
Cyber Security Applications for Smart CommunitiesCyber Security Applications for Smart Communities
Cyber Security Applications for Smart Communities
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
Accidents in the Energy Sector and Energy Infrastructure Attacks in the conte...
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Safety and Security Task in the Operation of Multipurpose Italian Navy Units
Safety and Security Task in the Operation of Multipurpose Italian Navy UnitsSafety and Security Task in the Operation of Multipurpose Italian Navy Units
Safety and Security Task in the Operation of Multipurpose Italian Navy Units
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
Cyber Security and the National Central Banks
Cyber Security and the National Central BanksCyber Security and the National Central Banks
Cyber Security and the National Central Banks
 
Smart Cities: Technologies for Efficient and Sustainable Cities
Smart Cities: Technologies for Efficient and Sustainable CitiesSmart Cities: Technologies for Efficient and Sustainable Cities
Smart Cities: Technologies for Efficient and Sustainable Cities
 

Recently uploaded

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
Federico Razzoli
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 

Recently uploaded (20)

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 

Cyber Security in Railways Systems, Ansaldo STS experience

  • 1. About us: Finmeccanica CP EXPO Workshop - «Risks and Security Management in Logistics and Transports» Cyber Security in Railways Systems, Ansaldo STS experience – Part 2: Cyber Security Strategy and Design Relator: Joint work with: Daniele Debertol, PhD. Ermete Meda, InfoSec Manager Finmeccanica is Italy’s leading manufacturer in the high technology sector. Genova, 29 October 2013 Finmeccanica is the largest shareholder in Ansaldo STS with a 40% stake. 1
  • 2. Signaling Systems: Safety-to-Security relationships “Vital Systems” • RBC (Radio Block Center) • Interlocking Environment Proprietary Infrastructure that ensures Railway Safety is not subject to computer attack Vital Systems “Non-Vital Systems” • Centralized Traffic Control Systems (e.g. TMS), Automation Systems Environment • Commercial ICT Infrastructure undergoing Cyber Security Risks (Operational Continuity, Financial losses, Reputational damage) Non-Vital Systems Non-Vital Systems 2
  • 3. … and between vital and non-vital layers Needs Protection… External Systems Non-vital layer Train Management System (TMS) Interlocking RBC Interlocking Vital layer ERTMS Euroradio T2 T1 Balise RBC: Radio-Block Center 3
  • 4. Evolution and Characteristics of Railway Signaling Systems Technology Platforms In the Past Today Proprietary HW/SW Isolated Systems Dedicated Applications Structured Information Commercial low cost HW/SW TCP/IP Protocol Interconnected Systems Heterogeneous Services (E-mail, Info-web, VoIP, CCTV, …) Structured and unstructured Information Operating Environment Today Distributed ICT infrastructure spread over long distances, and unattended systems Connections between safety critical and non-safety critical layers External systems connected to signaling infrastructure Human factor (operators, maintainers and… passengers) 4
  • 5. Cyber Space calling, Cyber Security knocking Cyber Security: protection of Cyber Space. But what is Cyber Space? Yesterday: many different environments, side-by-side Today: one single, big environment Consequences: Dynamic Threat Landscape in unique Cyber Domain Strategic & Tactical Cyber War Military Terrorism Politics Espionage Intellectual Property Organized Crime $ Vandalism & Hacktivism Ego, Curiosity Stuxnet, Operation Aurora, Botnets Zeus, Flame, Mandiant APT1 Report, AET attacks, Botnets, Phishing email DDoS attacks, Wikileaks, Anonymous 5
  • 6. Mature Cyber Security Process 1 Discovery & Assessment • • • 2 HW/SW Review & Redesign • • • 3 Identify key risks Identify key assets Identify gaps Countermeasure rationalization Security Infrastructure Assessment Fill technology gaps Intelligence & Analytics • • • Monitoring & Management Improvement Big Data Security Analytics Real-time Intelligence feeds 3 Phase Approach 6
  • 7. ICT Security Activities and Governance: Best Practices Incident Management Event Identification Countermeasures Effort 7
  • 8. ICT Security Activities and Governance: real life Reactive countermeasures Reaction WTF is Detection … and guess what? … and Monitoring… Monitoring… Prevention going on??? (not excluding Forensics) Proactive countermeasures 8
  • 9. Cyber Security: taking advantage of IT Building on top of Information Technology infrastructures, means that you get both its weaknesses, true, but its strenghts as well… … putting it the other way round: if a system is not secure by design – and they are not –, it will leave plenty of traces for you to follow! Leaving trace-routes behind 9
  • 10. Strategy: enhance monitoring and correlate Content Filtering Virtual Patching AAA Firewalling IDS/IPS So many eyes… giving a very broad view (say, at 365°degrees… to stay safe)… OK… ° But where to look for? And for what? And who? 10
  • 11. Perimeter Defence - Firewall shortcoming Signalling Plant_2 Signalling Plant_1 Signalling Plant_N ….. Firewall Module Firewall Module Firewall Module WAN Policy Installation Logs Traffic Firewall Module Management Console External Systems expected results from logs Solution: adding IPS/IDS and Log Correlation 11
  • 12. Content Filtering: the do’s and the dont’s Operating system is static, meaning that you can’t change it too often (good…), but that you won’t be able to patch (at all) either, which is NO GOOD! Dirty Traffic Virtual Patcher Clean Traffic Clean Traffic Threats Treatment Analysis: find critical vulnerabilities directly exposed to possible attacks Remediation: identify (& block) specific packets for the above vulnerabilities Solution: adding Virtual Patching 12
  • 13. Near Realtime Asset Control • not a performance- or availability-driven tool, though it may help • based on static asset database loaded offline at project time Repeat as needed • perform differential discovery onsite for database tuning • acknowledge variations that should be allowed • what is left, deal with: either a missing sheep, or a mismatched one, or… go, bark, there’s a wolf! Clean Traffic Clean Traffic GUI Monitoring subnet WAN Know your flock, and beware of wolves! Barkin’, at the very least 13
  • 14. The russian peasant of SIEMs at work: fast and light Events Console Message Correlation Minimize False Positives Realtime response (no archiving) Novelty detection for scheme-in-the-chaos Correlation Engine Log Files Sensor_1 Sensor_2 … Sensor_n Log Correlation 14
  • 15. The 11th hour (a.m.?) Do we simply wait for vulnerabilities to become actual threats or Can we advance from here, and provide for new services? Cyber Security = Defense line 15