SlideShare a Scribd company logo
1 of 20
Cybersecurity in Electrical Networks
• siemens.com/cybersecurity
• Unrestricted © Siemens 2022
Restricted © Siemens 2022
2022
Page 2 SI DG
Cybersecurity in Electrical Networks
Agenda
 Threat Landscape
 Holistic Approach for Cybersecurity
 Security Standards for Energy Management
 Siemens Global Setup
 Siemens Secure Products
 Siemens Secure Substation System
 References for Substation Blueprint acc. IEC 62443-3-3
 Summary
Unrestricted © Siemens 2022
2022
Page 3 SI DG
Cybersecurity in Electrical Networks
Continuously Evolving Threat Landscape
Increasing
interconnection and
integration
Big Data and
Internet of Things
Cloud
applications
Collaboration in a
digital environment
Changing Threat
Landscape*
Changing Infrastructure
And Processes
IT standard components
• Based on BSI Top10 Threats 2019 for Industrial Control Systems.
• https://www.allianz-fuer-cybersicherheit.de/SharedDocs/Downloads/Webs/ACS/DE/BSI-CS/BSI-
CS_005E.pdf;jsessionid=15A29323F0B1EB9026255959DFD17133.internet462?__blob=publicationFile&v=1
Infiltration of
Malware
Intrusion via
remote access
Human error, sabotage
and espionage
D-DOS Attacks
Unrestricted © Siemens 2022
2022
Page 4 SI DG
Cybersecurity in Electrical Networks
Holistic Approach
Tech-
nology
People
Processes
(Products)Technology
Support of protection goals
(Confidentiality, Integrity, Availability)
Comply with international standards
Processes
Covers the whole product life-cycle
Foster solution and operational requirements
People
Awareness and understanding
of cyber security
Security needs a holistic approach
Product Security
Solution Security
Operational Security
Key-Standards
IEC 62443
(System Security)
IEC 62351
(Communication Security)
ISO/IEC 27001
(Security Mgmt)
Unrestricted © Siemens 2022
2022
Page 5 SI DG
Cybersecurity in Electrical Networks
Cybersecurity Measures based on ISO/IEC 27001, IEC 62443
and IEC 62351
Technologies
Organizational
Preparedness
Secure
Development
Secure
Integration and
Service
Vulnerability
and Incident
Handling
Secure System
Architecture
System Hardening
Access Control
and Account
Management
Security Logging &
Monitoring
Malware
Protection
Backup and
Restore
Secure Remote
Access
Data Protection
and Integrity
Privacy
Security Patch
Management
Organizational Security & Processes
People, Policies, Processes, Governance
Products & Systems
Cybersecurity technologies contributing
to the overall security architecture
Processes
Unrestricted © Siemens 2022
2022
Page 6 SI DG
Cybersecurity in Electrical Networks
Standards: ISO/IEC 27001
Vocabulary
standard
Requirement
standards
Guideline
standards
Sector-specific
guideline
standard
ISMS
Family
of
standards
Focus
• Security Policies
• Organization and info. security
• Human Resource Security
• Asset Management
• Access Control
• Cryptography
• Physical and Environ. Security
• Operations Security
• Communications Security
• System and Application
• Supplier Relationship
• Incident Management
• Business Continuity
• Compliance
Domain-specific standards for
adapting ISO/IEC 27002 for a
specific target domain
27000
Overview and vocabulary
27001
ISMS – Requirements
27006
Requirements for bodies providing audit
and certification of ISMS
27002
Code of practice for information
security controls
27005
Information security risk management
27003
ISMS – Implementation guidance
27007
Guideline for ISMS auditing
27004
ISMS – Measurement
27019
ISMS – Guidelines based on ISO/IEC
27002 for process control systems specific
to the energy utility industry
270xx
…
27017 Cloud-Services
27018 Privacy
Information Security Management System (ISMS)
Unrestricted © Siemens 2022
2022
Page 7 SI DG
Cybersecurity in Electrical Networks
Standards: IEC 62443
• IEC 62443 addresses
organizational and technical
requirements for
• Operator
• Integrator
• Product Vendor
• Enables design of security
solutions for different purposes
through security measures of
varying strength.
• Enables certification of solutions
and processes.
Operator Product Supplier
System Integrator
Unrestricted © Siemens 2022
2022
Page 8 SI DG
Cybersecurity in Electrical Networks
Standards: ISO/IEC 27001 & IEC 62443 & IEC 62351
IT Infrastructure
(Office IT)
ISO/IEC 27001
ISO/IEC 27002
IT Infrastructure
(Office IT)
IT Infrastructure
(Office IT)
Functional, e.g. Security level,
strength of security measures
ISO/IEC 27001
ISO/IEC 27019
IEC 62443-4-1
IEC 62443-4-2 IEC 62351
IEC 62443-2-4
IEC 62443-3-3
Technical, e.g. RBAC, secured
communication protocols, …
Station
level
Field
level
Trusted zone
Switch
Switch
Switch Switch
Switch
Switch
Switch
DMZ
Trusted zone
Switch
Control center
Untrusted network
Service
PC
HMI
PC
Station controller
IEDs
Protection and
field devices
Router
Remote access
Procedural, e.g. ISMS for
operator, development process
for integrators and product
suppliers
Operator
Product
Supplier
Integrator
Approach in-line with the SGTF EG2 recommendation for the Network Code on cybersecurity
https://ec.europa.eu/energy/sites/ener/files/sgtf_eg2_report_final_report_2019.pdf
Requirements
OT Infrastructure
Unrestricted © Siemens 2022
2022
Page 9 SI DG
Cybersecurity in Electrical Networks
Siemens Digital Grid Cybersecurity
Trusted Partner
Our solutions are based on a solid
foundation:
• Cybersecurity in line with
international standards, certified
processes
• Siemens ISMS in line with
ISO/IEC 27001
• Siemens operates own
ProductCERT organization
• Siemens CERT for own
infrastructure
Product Security
Fully protected with interoperable
products that meet the highest
cybersecurity standards:
• Secure development process
• Cybersecurity in the supply chain
• Security vulnerability
management supported by
Siemens ProductCERT
• Conformity to standards and
regulation
System Security
System security that allows an optimal and
secure interaction of the individual
components:
• Expertise and knowledge of energy
automation
• Security-in-Depth approach based on
IEC 62443-3-3: Cybersecurity in the
system architecture and in the products
• Security Process (IEC 62443-2-4) in the
system engineering, build-up and
maintenance
• Security for remote access
• Cybersecurity in the supply chain
Unrestricted © Siemens 2022
2022
Page 10 SI DG
Cybersecurity in Electrical Networks
Siemens ProductCERT
Advisories
• Siemens:
https://www.siemens.com/cert/advisories
• ICS-CERT
https://ics-cert.us-cert.gov/advisories
Siemens ProductCERT and Siemens
CERT
The central expert teams for immediate
response to security threats and issues
affecting Siemens products, solutions,
services, or infrastructure.
Patch Information
• Security Patch Compatibility Reports
www.siemens.com/gridsecurity
Unrestricted © Siemens 2022
2022
Page 11 SI DG
Cybersecurity in Electrical Networks
Cybersecurity functions in SIPROTEC and SICAM Products
Separation of Ethernet traffic
over integrated firewall &
VLAN
Signed software /
firmware
Protection against
firmware/software
manipulation
RBAC with central user
management
Centrally manage users and
assign roles for authorization
(based on IEC 62351-8)
Security Logging
Nonvolatile persistence of
security audit trail and
transfer over Syslog
Gateway Features in
SICAM A8000 & PAS
• VPN & TLS security
• Secure IEC 80670-5-104,
IEC 61850, DNP3i
• Hardware-based
application layer firewall in
SICAM A8000
BDEW Whitepaper and
IEEE 1686 conformity
Fulfils recommendations for
control and communication
systems security
Certificate Management
Easy certificate management
with SICAM GridPass
Firewall & VLAN
Unrestricted © Siemens 2022
2022
Page 12 SI DG
Cybersecurity in Electrical Networks
Cybersecurity functions in SIPROTEC 5
• SIPROTEC 5 uses key stored in onboard crypto-chip to allow only firmware
signed by Siemens to load
• Secure TLS communication between DIGSI 5 and the SIPROTEC 5 device
• Separation of process communication from management communication in
device thanks to modular communication units
• Works with existing RADIUS servers e.g. Microsoft Active Directory‘s
Network Policy Server (NPS)
• Roles and rights adhere to standards and guidelines e.g. IEC 62351, IEEE
1686, BDEW Whitepaper
• Enhanced device-local security ring buffer. Comprehensive security-relevant
events and alarm logging. Central logging of Security Events over Syslog
• Security logs can be transmitted to up to 2 central Syslog servers using the
Syslog UDP protocol
• Transparent vulnerability handling over Siemens ProductCERT
Unrestricted © Siemens 2022
2022
Page 13 SI DG
Cybersecurity in Electrical Networks
IEC 62443 certified Solution
Cyber security
measures
Access control and
account management
Security logging
and monitoring
System hardening
Security patching,
Backup and restore
Malware protection
Data protection, data integrity
and system architecture
Secure remote access
IEC 62443 certified
Solution
Certified from TÜV SÜD
• IEC 62443-2-4 – Integrator processes
• IEC 62443-3-3 – Technical functionalities
Unrestricted © Siemens 2022
2022
Page 14 SI DG
Cybersecurity in Electrical Networks
ISO/IEC 27001 and IEC 62443 Certification
https://new.siemens.com/global/en/general/system-certificates/si-dg.html
ISMS as foundation Secure Substation Blueprint Secure Integration Processes
Detecção Contínua de Ameaças (NERC-CIP)
Unrestricted | © Siemens 2022 | S.Sevileanu | SI EA CS | 2022-03-07
Page 15
Level 4
Corporate IT
Network
Level 3.5
IT/OT DMZ Zone
Level 3
Operations
Level 2
Process Network
Level 0
Field Devices
Level 1
Control Network
EMC SRA (Central)
Jump Box SRA (Site) Repl.
Historian
Patching Server
CTD Server
SCADA Server HMI
Historian Operator Station DNS
SCADA Server HMI
RTU RTU PLC
Pump Valve Sensor Fan Actuator Valve Pump Fan
Analytic
s
Log Mgmt. SIE
M
Security Operations Center
PLC
CTD – Detecção Contínua
de Ameaças
 Inventário de Ativos
 Gestão de
Vulnerabilidades
 Identificação de riscos
 Auditoria de Riscos (Risk
Assessment)
 Detecção Contínua de
Ameaças (IDS)
 Mapear fluxos de dados e
protocolos industriais em
uso
Acesso Remoto através de um sistema intermediário (NERC-CIP)
Restricted | © Siemens 20XX | Author | Department | YYYY-MM-DD
Page 16
Secure Remote Access
(SRA)
 Acesso Remoto Seguro
 Gestão de Identidades
 Credenciais Privilegiadas
 Segurança (preserva o
Modelo Purdue – Nível 4
ao Nível 3/3,5)
 Autenticação unificada
para usuários locais e
externos
 A autenticação AD local é
possível
 Independência do
departamento de IT para
gerenciar perfis e direitos
de usuários de TO
Rotina Operacional ONS para o ARCiber
Confidential | © Siemens 2022 | S.Sevileanu | RC BR SI DG | 2022-07-29
Page 17
Arquitetura
• Segmentação
• VPN
• Antimalware
Governança
• Gestor Responsável
• Política
Inventário
• Ciclo de 24 meses
• Hardening
Gestão de Vulnerabilidades
• Atualização
• Varredura
Gestão de Acessos
• Gestão de Identidades
• Credenciais Privilegiadas
Monitoramento e RI
• Compartilhamento de
Inteligência
• Notificação de Incidentes
• Testes dos Planos
Unrestricted © Siemens 2022
2022
Page 18 SI DG
• Hydro-Québec, Montreal, QC, Canada
• Protection and Control System with IEC 61850
• Siemens deployed the complete system with Siemens components
• Cybersecurity based on the IEC 62443-3-3 certified Secure Substation
solution
• Secure Architecture
• Hardening,
• Access Control and Account Management
• Security Logging
• …
• Non-functional security requirements
• Further IEC 62443-3-3 conform substations based on the secure substation
blueprint are deployed in
• Europe
• Middle East
Cybersecurity in Electrical Networks
Reference: Secure Substation for Hydro-Quebec
https://new.siemens.com/ca/en/company/topic-areas/ingenuity-for-life/hydro-quebec.html
Unrestricted © Siemens 2022
2022
Page 19 SI DG
Cybersecurity in Electrical Networks
Evaluation of current security status through consulting services
 Security Assessments, compliance audits
 Penetration testing
 Information Security Management System (ISMS)
Risk mitigation through implementation of security measures
 Secure products
 Secure system integration and migration
 OT-PKI with SICAM GridPass
 A solid baseline plus optional advanced security features
Continuous services to maintain the security level over time
 Cybersecurity Training
 Security patch management
 Periodic vulnerability assessments
 SIEM as a Service
Unrestricted © Siemens 2022
2022
Page 20 SI DG
Cybersecurity in Electrical Networks
Contact page
Sergio Sevileanu
Product and Solution Security Officer
SI EA CS
Mobile: +55 (11) 9.9734-8177
E-mail: sergio.sevileanu@siemens.com
www.siemens.com/gridsecurity

More Related Content

What's hot

Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Cristian Garcia G.
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questions
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist QuestionsISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questions
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questionshimalya sharma
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1TI Safe
 
Guidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxGuidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxsrinivascooldude58
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 

What's hot (20)

Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
 
Industrial_Cyber_Security
Industrial_Cyber_SecurityIndustrial_Cyber_Security
Industrial_Cyber_Security
 
Iso 27001
Iso 27001Iso 27001
Iso 27001
 
ICS security
ICS securityICS security
ICS security
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questions
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist QuestionsISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questions
ISO 27001 Checklist - Internal Audit - Clause 9.2 - 59 checklist Questions
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My Organisation
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101  NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 
Guidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxGuidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptx
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
 

Similar to Cybersecurity in Electrical Networks

Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
 
Ise 1 2-bdm-v4
Ise 1 2-bdm-v4Ise 1 2-bdm-v4
Ise 1 2-bdm-v4Danny Liu
 
Cybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksCybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksGeorge Wainblat
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Cybersecurity of powergrid
Cybersecurity of powergrid Cybersecurity of powergrid
Cybersecurity of powergrid Rajesh Sawale
 
Cyber security of power grid
Cyber security of power gridCyber security of power grid
Cyber security of power gridP K Agarwal
 
ISO 27017 – What are the Business Advantages of Cloud Security?
ISO 27017 – What are the Business Advantages of Cloud Security?ISO 27017 – What are the Business Advantages of Cloud Security?
ISO 27017 – What are the Business Advantages of Cloud Security?Alvin Integrated Services [AIS]
 
Cisco Meraki Cloud Managed Networking
Cisco Meraki Cloud Managed NetworkingCisco Meraki Cloud Managed Networking
Cisco Meraki Cloud Managed NetworkingCisco Russia
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemSchneider Electric
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver NarrTI Safe
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarMaytal Levi
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Maytal Levi
 

Similar to Cybersecurity in Electrical Networks (20)

Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security   tom hammond10. industrial networks safety and security   tom hammond
10. industrial networks safety and security tom hammond
 
PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
 
Ise 1 2-bdm-v4
Ise 1 2-bdm-v4Ise 1 2-bdm-v4
Ise 1 2-bdm-v4
 
Cybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksCybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA Networks
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
 
Ensuring your plant is secure
Ensuring your plant is secureEnsuring your plant is secure
Ensuring your plant is secure
 
Cybersecurity of powergrid
Cybersecurity of powergrid Cybersecurity of powergrid
Cybersecurity of powergrid
 
Cyber security of power grid
Cyber security of power gridCyber security of power grid
Cyber security of power grid
 
ISO 27017 – What are the Business Advantages of Cloud Security?
ISO 27017 – What are the Business Advantages of Cloud Security?ISO 27017 – What are the Business Advantages of Cloud Security?
ISO 27017 – What are the Business Advantages of Cloud Security?
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
 
Cisco Meraki Cloud Managed Networking
Cisco Meraki Cloud Managed NetworkingCisco Meraki Cloud Managed Networking
Cisco Meraki Cloud Managed Networking
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
RetrospectivaTI Safe
 
Palestra eb 02 07-19
Palestra eb 02 07-19Palestra eb 02 07-19
Palestra eb 02 07-19TI Safe
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Palestra eb 02 07-19
Palestra eb 02 07-19Palestra eb 02 07-19
Palestra eb 02 07-19
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
 

Recently uploaded

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Cybersecurity in Electrical Networks

  • 1. Cybersecurity in Electrical Networks • siemens.com/cybersecurity • Unrestricted © Siemens 2022
  • 2. Restricted © Siemens 2022 2022 Page 2 SI DG Cybersecurity in Electrical Networks Agenda  Threat Landscape  Holistic Approach for Cybersecurity  Security Standards for Energy Management  Siemens Global Setup  Siemens Secure Products  Siemens Secure Substation System  References for Substation Blueprint acc. IEC 62443-3-3  Summary
  • 3. Unrestricted © Siemens 2022 2022 Page 3 SI DG Cybersecurity in Electrical Networks Continuously Evolving Threat Landscape Increasing interconnection and integration Big Data and Internet of Things Cloud applications Collaboration in a digital environment Changing Threat Landscape* Changing Infrastructure And Processes IT standard components • Based on BSI Top10 Threats 2019 for Industrial Control Systems. • https://www.allianz-fuer-cybersicherheit.de/SharedDocs/Downloads/Webs/ACS/DE/BSI-CS/BSI- CS_005E.pdf;jsessionid=15A29323F0B1EB9026255959DFD17133.internet462?__blob=publicationFile&v=1 Infiltration of Malware Intrusion via remote access Human error, sabotage and espionage D-DOS Attacks
  • 4. Unrestricted © Siemens 2022 2022 Page 4 SI DG Cybersecurity in Electrical Networks Holistic Approach Tech- nology People Processes (Products)Technology Support of protection goals (Confidentiality, Integrity, Availability) Comply with international standards Processes Covers the whole product life-cycle Foster solution and operational requirements People Awareness and understanding of cyber security Security needs a holistic approach Product Security Solution Security Operational Security Key-Standards IEC 62443 (System Security) IEC 62351 (Communication Security) ISO/IEC 27001 (Security Mgmt)
  • 5. Unrestricted © Siemens 2022 2022 Page 5 SI DG Cybersecurity in Electrical Networks Cybersecurity Measures based on ISO/IEC 27001, IEC 62443 and IEC 62351 Technologies Organizational Preparedness Secure Development Secure Integration and Service Vulnerability and Incident Handling Secure System Architecture System Hardening Access Control and Account Management Security Logging & Monitoring Malware Protection Backup and Restore Secure Remote Access Data Protection and Integrity Privacy Security Patch Management Organizational Security & Processes People, Policies, Processes, Governance Products & Systems Cybersecurity technologies contributing to the overall security architecture Processes
  • 6. Unrestricted © Siemens 2022 2022 Page 6 SI DG Cybersecurity in Electrical Networks Standards: ISO/IEC 27001 Vocabulary standard Requirement standards Guideline standards Sector-specific guideline standard ISMS Family of standards Focus • Security Policies • Organization and info. security • Human Resource Security • Asset Management • Access Control • Cryptography • Physical and Environ. Security • Operations Security • Communications Security • System and Application • Supplier Relationship • Incident Management • Business Continuity • Compliance Domain-specific standards for adapting ISO/IEC 27002 for a specific target domain 27000 Overview and vocabulary 27001 ISMS – Requirements 27006 Requirements for bodies providing audit and certification of ISMS 27002 Code of practice for information security controls 27005 Information security risk management 27003 ISMS – Implementation guidance 27007 Guideline for ISMS auditing 27004 ISMS – Measurement 27019 ISMS – Guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry 270xx … 27017 Cloud-Services 27018 Privacy Information Security Management System (ISMS)
  • 7. Unrestricted © Siemens 2022 2022 Page 7 SI DG Cybersecurity in Electrical Networks Standards: IEC 62443 • IEC 62443 addresses organizational and technical requirements for • Operator • Integrator • Product Vendor • Enables design of security solutions for different purposes through security measures of varying strength. • Enables certification of solutions and processes. Operator Product Supplier System Integrator
  • 8. Unrestricted © Siemens 2022 2022 Page 8 SI DG Cybersecurity in Electrical Networks Standards: ISO/IEC 27001 & IEC 62443 & IEC 62351 IT Infrastructure (Office IT) ISO/IEC 27001 ISO/IEC 27002 IT Infrastructure (Office IT) IT Infrastructure (Office IT) Functional, e.g. Security level, strength of security measures ISO/IEC 27001 ISO/IEC 27019 IEC 62443-4-1 IEC 62443-4-2 IEC 62351 IEC 62443-2-4 IEC 62443-3-3 Technical, e.g. RBAC, secured communication protocols, … Station level Field level Trusted zone Switch Switch Switch Switch Switch Switch Switch DMZ Trusted zone Switch Control center Untrusted network Service PC HMI PC Station controller IEDs Protection and field devices Router Remote access Procedural, e.g. ISMS for operator, development process for integrators and product suppliers Operator Product Supplier Integrator Approach in-line with the SGTF EG2 recommendation for the Network Code on cybersecurity https://ec.europa.eu/energy/sites/ener/files/sgtf_eg2_report_final_report_2019.pdf Requirements OT Infrastructure
  • 9. Unrestricted © Siemens 2022 2022 Page 9 SI DG Cybersecurity in Electrical Networks Siemens Digital Grid Cybersecurity Trusted Partner Our solutions are based on a solid foundation: • Cybersecurity in line with international standards, certified processes • Siemens ISMS in line with ISO/IEC 27001 • Siemens operates own ProductCERT organization • Siemens CERT for own infrastructure Product Security Fully protected with interoperable products that meet the highest cybersecurity standards: • Secure development process • Cybersecurity in the supply chain • Security vulnerability management supported by Siemens ProductCERT • Conformity to standards and regulation System Security System security that allows an optimal and secure interaction of the individual components: • Expertise and knowledge of energy automation • Security-in-Depth approach based on IEC 62443-3-3: Cybersecurity in the system architecture and in the products • Security Process (IEC 62443-2-4) in the system engineering, build-up and maintenance • Security for remote access • Cybersecurity in the supply chain
  • 10. Unrestricted © Siemens 2022 2022 Page 10 SI DG Cybersecurity in Electrical Networks Siemens ProductCERT Advisories • Siemens: https://www.siemens.com/cert/advisories • ICS-CERT https://ics-cert.us-cert.gov/advisories Siemens ProductCERT and Siemens CERT The central expert teams for immediate response to security threats and issues affecting Siemens products, solutions, services, or infrastructure. Patch Information • Security Patch Compatibility Reports www.siemens.com/gridsecurity
  • 11. Unrestricted © Siemens 2022 2022 Page 11 SI DG Cybersecurity in Electrical Networks Cybersecurity functions in SIPROTEC and SICAM Products Separation of Ethernet traffic over integrated firewall & VLAN Signed software / firmware Protection against firmware/software manipulation RBAC with central user management Centrally manage users and assign roles for authorization (based on IEC 62351-8) Security Logging Nonvolatile persistence of security audit trail and transfer over Syslog Gateway Features in SICAM A8000 & PAS • VPN & TLS security • Secure IEC 80670-5-104, IEC 61850, DNP3i • Hardware-based application layer firewall in SICAM A8000 BDEW Whitepaper and IEEE 1686 conformity Fulfils recommendations for control and communication systems security Certificate Management Easy certificate management with SICAM GridPass Firewall & VLAN
  • 12. Unrestricted © Siemens 2022 2022 Page 12 SI DG Cybersecurity in Electrical Networks Cybersecurity functions in SIPROTEC 5 • SIPROTEC 5 uses key stored in onboard crypto-chip to allow only firmware signed by Siemens to load • Secure TLS communication between DIGSI 5 and the SIPROTEC 5 device • Separation of process communication from management communication in device thanks to modular communication units • Works with existing RADIUS servers e.g. Microsoft Active Directory‘s Network Policy Server (NPS) • Roles and rights adhere to standards and guidelines e.g. IEC 62351, IEEE 1686, BDEW Whitepaper • Enhanced device-local security ring buffer. Comprehensive security-relevant events and alarm logging. Central logging of Security Events over Syslog • Security logs can be transmitted to up to 2 central Syslog servers using the Syslog UDP protocol • Transparent vulnerability handling over Siemens ProductCERT
  • 13. Unrestricted © Siemens 2022 2022 Page 13 SI DG Cybersecurity in Electrical Networks IEC 62443 certified Solution Cyber security measures Access control and account management Security logging and monitoring System hardening Security patching, Backup and restore Malware protection Data protection, data integrity and system architecture Secure remote access IEC 62443 certified Solution Certified from TÜV SÜD • IEC 62443-2-4 – Integrator processes • IEC 62443-3-3 – Technical functionalities
  • 14. Unrestricted © Siemens 2022 2022 Page 14 SI DG Cybersecurity in Electrical Networks ISO/IEC 27001 and IEC 62443 Certification https://new.siemens.com/global/en/general/system-certificates/si-dg.html ISMS as foundation Secure Substation Blueprint Secure Integration Processes
  • 15. Detecção Contínua de Ameaças (NERC-CIP) Unrestricted | © Siemens 2022 | S.Sevileanu | SI EA CS | 2022-03-07 Page 15 Level 4 Corporate IT Network Level 3.5 IT/OT DMZ Zone Level 3 Operations Level 2 Process Network Level 0 Field Devices Level 1 Control Network EMC SRA (Central) Jump Box SRA (Site) Repl. Historian Patching Server CTD Server SCADA Server HMI Historian Operator Station DNS SCADA Server HMI RTU RTU PLC Pump Valve Sensor Fan Actuator Valve Pump Fan Analytic s Log Mgmt. SIE M Security Operations Center PLC CTD – Detecção Contínua de Ameaças  Inventário de Ativos  Gestão de Vulnerabilidades  Identificação de riscos  Auditoria de Riscos (Risk Assessment)  Detecção Contínua de Ameaças (IDS)  Mapear fluxos de dados e protocolos industriais em uso
  • 16. Acesso Remoto através de um sistema intermediário (NERC-CIP) Restricted | © Siemens 20XX | Author | Department | YYYY-MM-DD Page 16 Secure Remote Access (SRA)  Acesso Remoto Seguro  Gestão de Identidades  Credenciais Privilegiadas  Segurança (preserva o Modelo Purdue – Nível 4 ao Nível 3/3,5)  Autenticação unificada para usuários locais e externos  A autenticação AD local é possível  Independência do departamento de IT para gerenciar perfis e direitos de usuários de TO
  • 17. Rotina Operacional ONS para o ARCiber Confidential | © Siemens 2022 | S.Sevileanu | RC BR SI DG | 2022-07-29 Page 17 Arquitetura • Segmentação • VPN • Antimalware Governança • Gestor Responsável • Política Inventário • Ciclo de 24 meses • Hardening Gestão de Vulnerabilidades • Atualização • Varredura Gestão de Acessos • Gestão de Identidades • Credenciais Privilegiadas Monitoramento e RI • Compartilhamento de Inteligência • Notificação de Incidentes • Testes dos Planos
  • 18. Unrestricted © Siemens 2022 2022 Page 18 SI DG • Hydro-Québec, Montreal, QC, Canada • Protection and Control System with IEC 61850 • Siemens deployed the complete system with Siemens components • Cybersecurity based on the IEC 62443-3-3 certified Secure Substation solution • Secure Architecture • Hardening, • Access Control and Account Management • Security Logging • … • Non-functional security requirements • Further IEC 62443-3-3 conform substations based on the secure substation blueprint are deployed in • Europe • Middle East Cybersecurity in Electrical Networks Reference: Secure Substation for Hydro-Quebec https://new.siemens.com/ca/en/company/topic-areas/ingenuity-for-life/hydro-quebec.html
  • 19. Unrestricted © Siemens 2022 2022 Page 19 SI DG Cybersecurity in Electrical Networks Evaluation of current security status through consulting services  Security Assessments, compliance audits  Penetration testing  Information Security Management System (ISMS) Risk mitigation through implementation of security measures  Secure products  Secure system integration and migration  OT-PKI with SICAM GridPass  A solid baseline plus optional advanced security features Continuous services to maintain the security level over time  Cybersecurity Training  Security patch management  Periodic vulnerability assessments  SIEM as a Service
  • 20. Unrestricted © Siemens 2022 2022 Page 20 SI DG Cybersecurity in Electrical Networks Contact page Sergio Sevileanu Product and Solution Security Officer SI EA CS Mobile: +55 (11) 9.9734-8177 E-mail: sergio.sevileanu@siemens.com www.siemens.com/gridsecurity

Editor's Notes

  1. On the one hand, we see an increasing digitalization of operational technologies, including energy automation systems. Some examples are: an increased connectivity and integration of systems and components, due to the usage of Ethernet networks. We see more standard IT components such as Windows operating systems or virtualization technology. We see also OT environments connected with cloud applications. Remote access from outside protected networks is already common use case. And of course big data and the IOT is also becoming part of our domain. These trends provide greater flexibility to the operators, but they can also increase the attack surface of energy automation systems if they are not properly implemented. We also must consider a continually changing threat landscape. These are some examples from the from the German BSI. For example, distributed denial of service attacks are used to overload systems and make them unusable. Malware can find its way into systems via USB keys or via the network. And we even have already seen targeted malware, developed specifically for energy automation systems. We've seen intrusions via remote access solutions to OT networks. And also comprising of extranet and cloud components, human error and sabotage and also social engineering and phishing.
  2. How can we address this complex threat landscape? It is important to implement a holistic approach. This includes People Processes and Technology. Employees of involved parties must have Security Awareness and have an understanding of cyber security. Security Processes must cover the whole lifecycle and implement solution and operational requirements. The Technology must support the cyber security protection goals and comply with industry standards.   These three categories must be addressed in the used products, during the solution implementation and during operation. For example, substation automation products must provide certain cyber security features. The solution provider must build a secure solution and implement the cyber security controls. The operator must make use of the cyber security capabilities during operation. Because the cyber security chain is only as strong as its weakest link.
  3. We categorize the topic cybersecurity into 14 categories. We distinguish between organizational, or process categories, here grey and the technology categories, here green. With this approach we are also in line with the 3 P approach. The ten technical categories are always the chapter of the cybersecurity documentation. Standards uses other and in different standards different terms. Sometimes the terminology is not easy to understand. Therefore, we use these categories.
  4. ISO/IEC 27001 describes requirements for an Information Security Management System (ISMS). The implementation of the ISMS lead to a process that describes a PDCA cycle how to manage an information infrastructure in a secure manner. Like other standards is the ISO/IEC 27000 risk based. That means, the risk of breaching the security goals have to be evaluated, as well as the consequences. Based on this assessment the adequate security measures have to be implemented. 27001: requirements for ISMS 27002: guideline how to implement that requirements 27019: sector specific (energy) addition for 27002
  5. SGTF Smart Grid Task Force. EG2 Expert Group. Setup from the European Commission. We distinguish in general three types of standards: 1. Procedural 2. Functional 3. Technical Example: ISO/IEC 27001 requires a process implemented by the operator which ensures the “Need-to-Know” principle. IEC 62443-3-3 requires a technical solution for user authentication and authorization on system level. The security level of the requirement depends on whether access takes place within a secure zone or via untrusted networks. Part 8 of IEC 62351, on the other hand, describes how to implement the technical solution of RBAC (Role Based Access Control) to achieve interoperability.
  6. How address Siemens this: General Organizational setup Siemens wide Setup for Systems Setup for Products ISMS: Information Security Management System.
  7. Hydro-Québec had to replace decades-old systems with modern digital technology, complemented by cybersecurity. -Production -Transmission -Distribution