SlideShare une entreprise Scribd logo

Scada security webinar 2012

Télécharger en tant que PPTX, PDF
AVEVA
AVEVA

SCADA security webinar in January 2012 with InduSoft

Technologie
1  sur  30
Identify all SCADA network connections • Conduct a thorough risk analysis to assess the risk and necessity of each connection to the SCADA network. • Develop a comprehensive understanding of all connections to the SCADA network, and how well these connections are protected. • Identify and evaluate the following types of connections: – Internal local area and wide area networks, including business networks – The Internet – Wireless network devices, including satellite uplinks – Modem or dial-up connections – Connections to business partners, vendors or regulatory agencies
Disconnect unnecessary connections • Isolate the SCADA network from other network connections to as great a degree as possible. – Any connection to another network introduces security risks, particularly if the connection creates a pathway from or to the Internet. – Connections with other networks may allow important information to be passed efficiently and conveniently, but are they worth the risk? • Use “demilitarized zones” (DMZs) and gateways to facilitate the secure transfer of data from the SCADA network to business networks.
Evaluate and strengthen any remaining connections • Conduct penetration testing and vulnerability analysis to evaluate the risk associated with these connections. • Use this information in conjunction with risk management processes to develop a robust protection strategy for any pathways to the SCADA network. • Implement firewalls and other appropriate security measures. – Configure firewall rules to prohibit access from and to the SCADA network. – Be specific when permitting approved connections. • Strategically place intrusion detection systems at each entry point to alert security personnel of potential breaches of network security.
Remove and/or disable unnecessary services • Remove or disable unused services and network daemons to reduce the risk of direct attack. – Email services – Internet access. – Remote maintenance. • Perform a thorough risk assessment of the consequences of allowing and service or feature – Benefits should far outweigh the potential for vulnerability exploitation. • Work with your SCADA vendor to identify secure configurations and coordinate any and all changes to operational systems to ensure that removing or disabling services does not cause downtime, interruption of service, or loss of support.
Password management • Users routinely pick simple passwords that are found in dictionaries and susceptible to brute force attacks and often used over and over again so the successful guess of a single password means that numerous other devices can be exploited. • Administrators must provide explicit guidance on how a password should be chosen. – Should not contain a word that could be found in a dictionary, a product name, or other key word – Should include a mix of upper and lower case letters, numbers, and special characters. • Passwords used for weak systems or weak protocols should not be the same as the passwords used for stronger systems.
Proprietary protocols will not protect your system • SCADA systems often use unique, proprietary protocols for communications between field devices and servers. • Often the security of SCADA systems is based solely on the secrecy of these protocols. • Bad idea. Obscure protocols provide very little “real” security. • Demand that vendors disclose any backdoors or vendor interfaces to your SCADA systems, and expect them to provide systems that are capable of being secured.
Implement the security features provided by device and system vendors • Most older SCADA systems have no security features whatsoever. • Newer SCADA devices are shipped with basic security features, but these are usually disabled to ensure ease of installation. • Additionally, factory default security settings (such as in computer network firewalls) are often set to provide maximum usability, but minimal security. • Analyze each SCADA device to determine whether security features are present. Set all security features to provide the maximum level of security. • Allow settings below maximum security only after a thorough risk assessment of the consequences. • Insist that your system vendor implement security features in the form of product patches or upgrades.
Establish strong controls over any backdoor into the SCADA network • Strong authentication must be implemented to ensure secure communications. • Require secure, encrypted connections. • Modems, wireless, and wired networks used for communications and maintenance represent a significant vulnerability to the SCADA network and remote sites. • Successful attacks could allow an attacker to bypass all other controls and have direct access to the SCADA network or resources. • To minimize the risk of such attacks, disable inbound access. All connections should be initiated by the SCADA system.
Implement internal and external intrusion detection systems and notification • Establish an intrusion detection strategy that includes alerting network administrators of malicious network activity originating from internal or external sources. • Intrusion detection system monitoring is essential 24 hours a day; this capability can be easily set up through a pager. • Additionally, incident response procedures must be in place to allow an effective response to any attack. • To complement network monitoring, enable logging on all systems and audit system logs daily to detect suspicious activity as soon as possible.
Perform technical audits to identify security concerns • Many commercial and open-source security tools are available that allow system administrators to conduct audits of their systems and networks to identify active services, patch level, and common vulnerabilities. • Analyze identified vulnerabilities to determine their significance, and take corrective actions as appropriate. • Track corrective actions and analyze this information to identify trends. • Retest systems after corrective actions have been taken to ensure that vulnerabilities were actually eliminated. • Scan non-production environments actively to identify and address potential problems.
Conduct physical security surveys and assess all remote sites to evaluate their security • Conduct a physical security survey and inventory access points at each facility that has a connection to the SCADA system. • Identify and assess any source of information including, – remote telephone, network, fiber optic cables that could be tapped – radio and microwave links that are exploitable – computer terminals that could be accessed – wireless local area network access points. • Identify and eliminate single points of failure. • The security of the site must be adequate to detect or prevent unauthorized access. • Do not allow “live” network access points at remote, unguarded sites simply for convenience.
Establish SCADA “Red Teams” to identify and evaluate possible attack scenarios • Establish a “Red Team” to identify potential attack scenarios and evaluate potential system vulnerabilities. • Use a variety of people who can provide insight into weaknesses of the overall network, SCADA systems, physical systems, and security controls. • Ensure that the risk from a malicious insider is fully evaluated, given that this represents one of the greatest threats to an organization. • Feed information resulting from the “Red Team” evaluation into risk management processes to assess the information and establish appropriate protection strategies.
Clearly define cyber security roles, responsibilities, and authorities • Organization personnel need to understand the specific expectations associated with protecting information technology resources through the definition of clear and logical roles and responsibilities. • Key personnel need to be given sufficient authority to carry out their assigned responsibilities. • Establish a cyber security organizational structure that defines roles and responsibilities and clearly identifies how cyber security issues are escalated and who is notified in an emergency.
Document network and systems that serve critical functions or contain sensitive information • Documenting the information security architecture and its components is critical to understanding the overall protection strategy, and identifying single points of failure. • Develop and document a robust information security architecture as part of a process to establish an effective protection strategy. • It is essential that organizations design their networks with security in mind and continue to have a strong understanding of their network architecture throughout its lifecycle. • Of particular importance, an in-depth understanding of the functions that the systems perform and the sensitivity of the stored information is required.
Establish a rigorous, ongoing risk management process • A thorough understanding of the risks to network computing resources from attacks and the vulnerability of sensitive information to compromise is essential to an effective cyber security program. • Risk assessments form the technical basis of this understanding and are critical to formulating effective strategies to mitigate vulnerabilities and preserve the integrity of computing resources. – Perform a baseline risk analysis based on a current threat assessment to use for developing a network protection strategy. – Due to rapidly changing technology and the emergence of new threats on a daily basis, an ongoing risk assessment process is needed so that routine changes can be made to the protection strategy to ensure it remains effective.
Establish a network protection strategy based on the principle of defense-in- depth • A fundamental principle that must be part of any network protection strategy is defense-in-depth. • Defense-in-depth must be considered early in the design phase of the development process, and must be an integral consideration in all technical decision-making associated with the network. • Utilize technical and administrative controls to mitigate threats from identified risks to as great a degree as possible at all levels of the network. • Single points of failure must be avoided, and cyber security defense must be layered to limit and contain the impact of any security incidents. • Additionally, each layer must be protected against other systems at the same layer.
Clearly identify cyber security requirements • Organizations and companies need structured security programs with mandated requirements to establish expectations and allow personnel to be held accountable. • Formalized policies and procedures are typically used to establish and institutionalize a cyber security program. • A formal program is essential for establishing a consistent, standards- based approach to cyber security throughout an organization and eliminates sole dependence on individual initiative. • Policies and procedures also inform employees of their specific cyber security responsibilities, provide guidance regarding actions to be taken during a cyber security incident, promote efficient and effective actions during a time of crisis, and the consequences of failing to meet those responsibilities. • Establish requirements to minimize the threat from malicious insiders, including the need for conducting background checks and limiting network privileges to those absolutely necessary.
Establish effective configuration management processes • Configuration management is a fundamental management process needed to maintain a secure network. • Needs to cover both hardware configurations and software configurations. • Changes to hardware or software can easily introduce vulnerabilities that undermine network security. • Processes are required to evaluate and control any change to ensure that the network remains secure. • Configuration management begins with well-tested and documented security baselines for your various systems.
Conduct routine self-assessments • Robust performance evaluation processes are needed to provide organizations with feedback on the effectiveness of cyber security policy and technical implementation. • A sign of a mature organization is one that is able to self- identify issues, conduct root cause analyses, and implement effective corrective actions that address individual and systemic problems. • Self-assessment processes that are normally part of an effective cyber security program include routine scanning for vulnerabilities, automated auditing of the network, and self- assessments of organizational and individual performance.
Establish system backups and disaster recovery plans • Establish a disaster recovery plan that allows for rapid recovery from any emergency (including a cyber attack). • System backups are an essential part of any plan and allow rapid reconstruction of the network. • Routinely exercise disaster recovery plans to ensure that they work and that personnel are familiar with them. • Make appropriate changes to disaster recovery plans based on lessons learned from exercises.
Senior leadership should establish expectations and accountability • It is essential that senior management establish an expectation for strong cyber security and communicate this to their subordinate managers throughout the organization. • It is also essential that senior organizational leadership establish a structure for implementation of a cyber security program, promote consistent implementation, and sustain a strong cyber security program. • All individuals need to be held accountable for their performance as it relates to cyber security, including managers, system administrators, technicians, and operators.
Minimize the inadvertent disclosure of sensitive information • Release data related to the SCADA network only on a strict, need- to-know basis, and only to persons explicitly authorized to receive such information. • “Social engineering” is often the first step in a malicious attack on computer networks. – The more information revealed about a computer or computer network, the more vulnerable the computer/network is. – Never divulge data related to a SCADA network over telephones or to personnel unless they are explicitly authorized to receive such information. – Any requests for information by unknown persons need to be sent to a central network security location for verification and fulfillment. • Conduct training and information awareness campaigns to ensure that personnel remain diligent in guarding sensitive network information, particularly their passwords.
Email (US) info@indusoft.com (Brazil) info@indusoft.com.br (Germany) info@indusoft-germany.de USA Support support@indusoft.com Web site (English) www.indusoft.com (Portuguese) www.indusoft.com.br (German) www.indusoft-germany.de Brazil Phone (512) 349-0334 (US) +55-11-3293-9139 (Brazil) +49 (0) 6227-732510 (Germany) Germany Toll-Free 877-INDUSOFT (877-463-8763) Fax (512) 349-0375

Recommandé

SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 

Recommandé

SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review ChecklistEberly Wilson
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Priyanka Aash
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMarina Krotofil
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourKasper de Waard
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system UrmilasSrinivasan
 
Network design consideration
Network design considerationNetwork design consideration
Network design considerationlavanya marichamy
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01EduclentMegasoftel
 

Contenu connexe

Tendances

PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review ChecklistEberly Wilson
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Priyanka Aash
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMarina Krotofil
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourKasper de Waard
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system UrmilasSrinivasan
 

Tendances (20)

PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review Checklist
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control Systems
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviour
 
ICS security
ICS securityICS security
ICS security
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systems
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
 

Similaire à Scada security webinar 2012

Network design consideration
Network design considerationNetwork design consideration
Network design considerationlavanya marichamy
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcingNicholas Davis
 
Dncybersecurity
DncybersecurityDncybersecurity
DncybersecurityAnne Starr
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANSJeffrey Reed
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopPriyanka Aash
 
Mitigating worm attacks
Mitigating worm attacksMitigating worm attacks
Mitigating worm attacksdkaya
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkNathan Wallace, PhD, PE
 
Wireless Network Assessment | Network Security
Wireless Network Assessment | Network SecurityWireless Network Assessment | Network Security
Wireless Network Assessment | Network SecurityCyber Security Experts
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Schneider Electric
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)Zara Nawaz
 
Part 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxPart 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxdanhaley45372
 

Similaire à Scada security webinar 2012 (20)

Network design consideration
Network design considerationNetwork design consideration
Network design consideration
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANS
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
 
Mitigating worm attacks
Mitigating worm attacksMitigating worm attacks
Mitigating worm attacks
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
Wireless Network Assessment | Network Security
Wireless Network Assessment | Network SecurityWireless Network Assessment | Network Security
Wireless Network Assessment | Network Security
 
Fore scout nac-datasheet
Fore scout nac-datasheetFore scout nac-datasheet
Fore scout nac-datasheet
 
How To Protect Your Network with Firewall Security?
How To Protect Your Network with Firewall Security?How To Protect Your Network with Firewall Security?
How To Protect Your Network with Firewall Security?
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)
 
Part 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxPart 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docx
 
6. Cybersecurity for Industrial Ethernet - Dr Paul Comerford
6. Cybersecurity for Industrial Ethernet - Dr Paul Comerford6. Cybersecurity for Industrial Ethernet - Dr Paul Comerford
6. Cybersecurity for Industrial Ethernet - Dr Paul Comerford
 

Plus de AVEVA

What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAWhat's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAAVEVA
 
What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2AVEVA
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...AVEVA
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...AVEVA
 
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1AVEVA
 
Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1AVEVA
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioAVEVA
 
Graphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioGraphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioAVEVA
 
What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1AVEVA
 
Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1AVEVA
 
What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1AVEVA
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...AVEVA
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...AVEVA
 
Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017AVEVA
 

Plus de AVEVA (20)

What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVAWhat's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
What's New In InduSoft Web Studio 8.1 + SP5 from AVEVA
 
What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4What's New In InduSoft Web Studio 8.1 + SP4
What's New In InduSoft Web Studio 8.1 + SP4
 
Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5Introduction to InduSoft Web Studio 8.1 + SP5
Introduction to InduSoft Web Studio 8.1 + SP5
 
What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3What's New In InduSoft Web Studio 8.1 + SP3
What's New In InduSoft Web Studio 8.1 + SP3
 
Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3Introduction to InduSoft Web Studio 8.1 + SP3
Introduction to InduSoft Web Studio 8.1 + SP3
 
Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2Introduction to InduSoft Web Studio 8.1 + SP2
Introduction to InduSoft Web Studio 8.1 + SP2
 
What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2What's New In InduSoft Web Studio 8.1 + SP2
What's New In InduSoft Web Studio 8.1 + SP2
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - Indu...
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
 
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1Introduction to InduSoft Web Studio 8.1 + Service Pack 1
Introduction to InduSoft Web Studio 8.1 + Service Pack 1
 
What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1What's New In InduSoft Web Studio 8.1 + SP1
What's New In InduSoft Web Studio 8.1 + SP1
 
Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1Introduction to InduSoft Web Studio 8.1 + SP1
Introduction to InduSoft Web Studio 8.1 + SP1
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
Graphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web StudioGraphical Interface Scaling in InduSoft Web Studio
Graphical Interface Scaling in InduSoft Web Studio
 
What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1What's New In InduSoft Web Studio 8.1
What's New In InduSoft Web Studio 8.1
 
Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1Introduction to InduSoft Web Studio 8.1
Introduction to InduSoft Web Studio 8.1
 
What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1What’s coming in InduSoft Web Studio 8.1
What’s coming in InduSoft Web Studio 8.1
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
 
Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017Tips and Tricks for InduSoft Web Studio-August 2017
Tips and Tricks for InduSoft Web Studio-August 2017
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Scada security webinar 2012

  • 1.
  • 2.
  • 3.
  • 4. Identify all SCADA network connections • Conduct a thorough risk analysis to assess the risk and necessity of each connection to the SCADA network. • Develop a comprehensive understanding of all connections to the SCADA network, and how well these connections are protected. • Identify and evaluate the following types of connections: – Internal local area and wide area networks, including business networks – The Internet – Wireless network devices, including satellite uplinks – Modem or dial-up connections – Connections to business partners, vendors or regulatory agencies
  • 5. Disconnect unnecessary connections • Isolate the SCADA network from other network connections to as great a degree as possible. – Any connection to another network introduces security risks, particularly if the connection creates a pathway from or to the Internet. – Connections with other networks may allow important information to be passed efficiently and conveniently, but are they worth the risk? • Use “demilitarized zones” (DMZs) and gateways to facilitate the secure transfer of data from the SCADA network to business networks.
  • 6. Evaluate and strengthen any remaining connections • Conduct penetration testing and vulnerability analysis to evaluate the risk associated with these connections. • Use this information in conjunction with risk management processes to develop a robust protection strategy for any pathways to the SCADA network. • Implement firewalls and other appropriate security measures. – Configure firewall rules to prohibit access from and to the SCADA network. – Be specific when permitting approved connections. • Strategically place intrusion detection systems at each entry point to alert security personnel of potential breaches of network security.
  • 7. Remove and/or disable unnecessary services • Remove or disable unused services and network daemons to reduce the risk of direct attack. – Email services – Internet access. – Remote maintenance. • Perform a thorough risk assessment of the consequences of allowing and service or feature – Benefits should far outweigh the potential for vulnerability exploitation. • Work with your SCADA vendor to identify secure configurations and coordinate any and all changes to operational systems to ensure that removing or disabling services does not cause downtime, interruption of service, or loss of support.
  • 8. Password management • Users routinely pick simple passwords that are found in dictionaries and susceptible to brute force attacks and often used over and over again so the successful guess of a single password means that numerous other devices can be exploited. • Administrators must provide explicit guidance on how a password should be chosen. – Should not contain a word that could be found in a dictionary, a product name, or other key word – Should include a mix of upper and lower case letters, numbers, and special characters. • Passwords used for weak systems or weak protocols should not be the same as the passwords used for stronger systems.
  • 9. Proprietary protocols will not protect your system • SCADA systems often use unique, proprietary protocols for communications between field devices and servers. • Often the security of SCADA systems is based solely on the secrecy of these protocols. • Bad idea. Obscure protocols provide very little “real” security. • Demand that vendors disclose any backdoors or vendor interfaces to your SCADA systems, and expect them to provide systems that are capable of being secured.
  • 10. Implement the security features provided by device and system vendors • Most older SCADA systems have no security features whatsoever. • Newer SCADA devices are shipped with basic security features, but these are usually disabled to ensure ease of installation. • Additionally, factory default security settings (such as in computer network firewalls) are often set to provide maximum usability, but minimal security. • Analyze each SCADA device to determine whether security features are present. Set all security features to provide the maximum level of security. • Allow settings below maximum security only after a thorough risk assessment of the consequences. • Insist that your system vendor implement security features in the form of product patches or upgrades.
  • 11. Establish strong controls over any backdoor into the SCADA network • Strong authentication must be implemented to ensure secure communications. • Require secure, encrypted connections. • Modems, wireless, and wired networks used for communications and maintenance represent a significant vulnerability to the SCADA network and remote sites. • Successful attacks could allow an attacker to bypass all other controls and have direct access to the SCADA network or resources. • To minimize the risk of such attacks, disable inbound access. All connections should be initiated by the SCADA system.
  • 12. Implement internal and external intrusion detection systems and notification • Establish an intrusion detection strategy that includes alerting network administrators of malicious network activity originating from internal or external sources. • Intrusion detection system monitoring is essential 24 hours a day; this capability can be easily set up through a pager. • Additionally, incident response procedures must be in place to allow an effective response to any attack. • To complement network monitoring, enable logging on all systems and audit system logs daily to detect suspicious activity as soon as possible.
  • 13. Perform technical audits to identify security concerns • Many commercial and open-source security tools are available that allow system administrators to conduct audits of their systems and networks to identify active services, patch level, and common vulnerabilities. • Analyze identified vulnerabilities to determine their significance, and take corrective actions as appropriate. • Track corrective actions and analyze this information to identify trends. • Retest systems after corrective actions have been taken to ensure that vulnerabilities were actually eliminated. • Scan non-production environments actively to identify and address potential problems.
  • 14. Conduct physical security surveys and assess all remote sites to evaluate their security • Conduct a physical security survey and inventory access points at each facility that has a connection to the SCADA system. • Identify and assess any source of information including, – remote telephone, network, fiber optic cables that could be tapped – radio and microwave links that are exploitable – computer terminals that could be accessed – wireless local area network access points. • Identify and eliminate single points of failure. • The security of the site must be adequate to detect or prevent unauthorized access. • Do not allow “live” network access points at remote, unguarded sites simply for convenience.
  • 15. Establish SCADA “Red Teams” to identify and evaluate possible attack scenarios • Establish a “Red Team” to identify potential attack scenarios and evaluate potential system vulnerabilities. • Use a variety of people who can provide insight into weaknesses of the overall network, SCADA systems, physical systems, and security controls. • Ensure that the risk from a malicious insider is fully evaluated, given that this represents one of the greatest threats to an organization. • Feed information resulting from the “Red Team” evaluation into risk management processes to assess the information and establish appropriate protection strategies.
  • 16.
  • 17. Clearly define cyber security roles, responsibilities, and authorities • Organization personnel need to understand the specific expectations associated with protecting information technology resources through the definition of clear and logical roles and responsibilities. • Key personnel need to be given sufficient authority to carry out their assigned responsibilities. • Establish a cyber security organizational structure that defines roles and responsibilities and clearly identifies how cyber security issues are escalated and who is notified in an emergency.
  • 18. Document network and systems that serve critical functions or contain sensitive information • Documenting the information security architecture and its components is critical to understanding the overall protection strategy, and identifying single points of failure. • Develop and document a robust information security architecture as part of a process to establish an effective protection strategy. • It is essential that organizations design their networks with security in mind and continue to have a strong understanding of their network architecture throughout its lifecycle. • Of particular importance, an in-depth understanding of the functions that the systems perform and the sensitivity of the stored information is required.
  • 19. Establish a rigorous, ongoing risk management process • A thorough understanding of the risks to network computing resources from attacks and the vulnerability of sensitive information to compromise is essential to an effective cyber security program. • Risk assessments form the technical basis of this understanding and are critical to formulating effective strategies to mitigate vulnerabilities and preserve the integrity of computing resources. – Perform a baseline risk analysis based on a current threat assessment to use for developing a network protection strategy. – Due to rapidly changing technology and the emergence of new threats on a daily basis, an ongoing risk assessment process is needed so that routine changes can be made to the protection strategy to ensure it remains effective.
  • 20. Establish a network protection strategy based on the principle of defense-in- depth • A fundamental principle that must be part of any network protection strategy is defense-in-depth. • Defense-in-depth must be considered early in the design phase of the development process, and must be an integral consideration in all technical decision-making associated with the network. • Utilize technical and administrative controls to mitigate threats from identified risks to as great a degree as possible at all levels of the network. • Single points of failure must be avoided, and cyber security defense must be layered to limit and contain the impact of any security incidents. • Additionally, each layer must be protected against other systems at the same layer.
  • 21. Clearly identify cyber security requirements • Organizations and companies need structured security programs with mandated requirements to establish expectations and allow personnel to be held accountable. • Formalized policies and procedures are typically used to establish and institutionalize a cyber security program. • A formal program is essential for establishing a consistent, standards- based approach to cyber security throughout an organization and eliminates sole dependence on individual initiative. • Policies and procedures also inform employees of their specific cyber security responsibilities, provide guidance regarding actions to be taken during a cyber security incident, promote efficient and effective actions during a time of crisis, and the consequences of failing to meet those responsibilities. • Establish requirements to minimize the threat from malicious insiders, including the need for conducting background checks and limiting network privileges to those absolutely necessary.
  • 22. Establish effective configuration management processes • Configuration management is a fundamental management process needed to maintain a secure network. • Needs to cover both hardware configurations and software configurations. • Changes to hardware or software can easily introduce vulnerabilities that undermine network security. • Processes are required to evaluate and control any change to ensure that the network remains secure. • Configuration management begins with well-tested and documented security baselines for your various systems.
  • 23. Conduct routine self-assessments • Robust performance evaluation processes are needed to provide organizations with feedback on the effectiveness of cyber security policy and technical implementation. • A sign of a mature organization is one that is able to self- identify issues, conduct root cause analyses, and implement effective corrective actions that address individual and systemic problems. • Self-assessment processes that are normally part of an effective cyber security program include routine scanning for vulnerabilities, automated auditing of the network, and self- assessments of organizational and individual performance.
  • 24. Establish system backups and disaster recovery plans • Establish a disaster recovery plan that allows for rapid recovery from any emergency (including a cyber attack). • System backups are an essential part of any plan and allow rapid reconstruction of the network. • Routinely exercise disaster recovery plans to ensure that they work and that personnel are familiar with them. • Make appropriate changes to disaster recovery plans based on lessons learned from exercises.
  • 25. Senior leadership should establish expectations and accountability • It is essential that senior management establish an expectation for strong cyber security and communicate this to their subordinate managers throughout the organization. • It is also essential that senior organizational leadership establish a structure for implementation of a cyber security program, promote consistent implementation, and sustain a strong cyber security program. • All individuals need to be held accountable for their performance as it relates to cyber security, including managers, system administrators, technicians, and operators.
  • 26. Minimize the inadvertent disclosure of sensitive information • Release data related to the SCADA network only on a strict, need- to-know basis, and only to persons explicitly authorized to receive such information. • “Social engineering” is often the first step in a malicious attack on computer networks. – The more information revealed about a computer or computer network, the more vulnerable the computer/network is. – Never divulge data related to a SCADA network over telephones or to personnel unless they are explicitly authorized to receive such information. – Any requests for information by unknown persons need to be sent to a central network security location for verification and fulfillment. • Conduct training and information awareness campaigns to ensure that personnel remain diligent in guarding sensitive network information, particularly their passwords.
  • 27.
  • 28.
  • 29.
  • 30. Email (US) info@indusoft.com (Brazil) info@indusoft.com.br (Germany) info@indusoft-germany.de USA Support support@indusoft.com Web site (English) www.indusoft.com (Portuguese) www.indusoft.com.br (German) www.indusoft-germany.de Brazil Phone (512) 349-0334 (US) +55-11-3293-9139 (Brazil) +49 (0) 6227-732510 (Germany) Germany Toll-Free 877-INDUSOFT (877-463-8763) Fax (512) 349-0375