Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

I rs0006-prs-c10167748 d-beijaflore-secway-leaflet-offer-industrial it cyber_security_en

552 vues

Publié le

Wonder how to protect live industrial control systems? Have a project to design and build a new facility relying on control systems?

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

I rs0006-prs-c10167748 d-beijaflore-secway-leaflet-offer-industrial it cyber_security_en

  1. 1. RISK &SECURITY Industrial cyber security • Evaluate your industrial control system (ICS) exposure to cyber attacks and its consequences OUR VISION > 7 fundamentals for securing industrial control systems Industrial systems, due to rising interconnection and standardization, become more exposed to cyberattacks leading to potentially disastrous consequences affecting safety, production and environment. With our offer, you will identify your systems’ vulnerabilities, categorize them according to operational impact, and select the security measures adapted to your industry. REMOTE MAINTENANCE ENHANCED CONTROL > Cyber security risk management during engineering, construction and operation Risk analysis, risk governance and cyber security policies for ICS and production line components, security specifications and whitelists, project and operations team training to IS, network and cyber security > Vendor, EPC, and industrial control systems audits Cyber security audit/FAT/SAT, attack simulation on programmable logic controllers, and post-incident analysis > Cyber security assistance for large industrial programs Integration of cyber security in complex industrial programs using consistent risk monitoring, design of specialized security solutions, and implementation of security requirements OUR BELIEFS Multiplication of external factors and adoption of new technologies amplify exposure of Industrial information systems to threats. Industrial information systems are based on an increasing number of equipment such as black box” services, operating for several decades: typical security solutions must be adapted. Availability and integrity of industrial processes are critical, particularly for safety functions which need to be a priority. HARDENING OF SYSTEMS AND PROGRAMMABLE LOGIC CONTROLLERS OPERATIONAL SECURITY MANAGEMENT RESTRICTION OF OPERATOR, ENGINEER AND MAINTENANCE ACCESS RIGHTS IEC 62443 LAYERS SEGREGATION ALIGNMENT WITH PHYSICAL SECURITY APPLICATION WHITELISTING OUR OFFER ICSS ICS SCADA DCS # • Design innovative and reliable cyber security solutions with operation constraints • Maintain a sustained security level on your industrial systems throughout a long lifecycle
  2. 2. RISK SECURITY # Industrial cyber security YOUR STAKES OUR STRENGTHS Manage your cyber security risks • Personnel safety through vital equipment control • Long term availability of critical systems • Integrity of the control parameters of the industrial process • Virus attacks, safety functions failures and cyber hijacking prevention SECWAY BEIJAFLORE, one of a kind partnership • Our offer combines both a solid and practical technical expertise in SCADA / ICS and a recognized proficiency in the design of risk management systems and efficient security policies • Our commitment to quality recognized through our ISO9001 certification on Industrial Cyber Security Services SUCCESS STORIES For a water treatment company (Operation phase) Improvement of ICS reliability to ensure a sustainable service for water transportation and treatment Objectives • Identify security measures to guarantee an acceptable risk level for water transportation network monitoring system • Backup site capacity assessment to ensure continuity in the event of a main monitoring system failure Achievements • Identification of major business threats, classification of information and resources in terms of Confidentiality, Integrity and Availability • Execution of technical penetration tests • Risk assessment for ICS security • Definition of the associated 3 year risk reduction plan Obtained gains 45main threats identified Raised business and management awareness of industrial system security risks Risk reduction plan endorsed by top management Paris office and headquarters Pavillon Bourdan 11-13 avenue du Recteur Poincaré 75016 Paris Tel. no: +33 1 44 30 90 00 Maxime de Jabrun Vice President|Head of Risk Security 11-13 avenue du Recteur Poincaré 75016 Paris Tel. no: +33 1 44 30 91 95 mdejabrun410@beijaflore.com Manage Industrial systems specificities and constraints • Addressing the gap between the long industrial lifecycle and rapid evolution of IS technologies • Industrial IS hastily adopting new technologies and interconnecting with enterprise networks A community of experts • Our RD center provides a practical and up-to-date knowledge of the main standards: IEC 62443 (ISA99), NIST SP 800- 32/39/82, ISO27001/2/5, ISO15408, ISO61508, WIB, ISF SoGP and ISF IRAM Ensure global protection consistency • Consistency of the cyber security and safety approaches •Management of industrial projects complexity and supplier subcontractor diversity ICS environment expertise • Our experience in cyber security of Control Systems is based on a hundred audits of system from the main providers around the world • Our in-depth knowledge of industrial systems and solutions allows us to bring applicable solutions to industrial IS minimizing operations impacts For a major OG company (Project) Definition of cyber security specifications Implementation management and audit of 83 suppliers of the industrial system for a major platform (several billion US$) Objectives • Strengthen project cyber security related to economic and safety issues • Educate users, protect systems against virus attacks and optimize procedures Achievements • Design of the body of cyber security policies, procedures and hardening guidelines for industrial control and safety systems • Audit of various offshore and onshore facilities at different stages of the project ( 2000 devices) • Management and control of cyber security of all suppliers systems from design phase to commissioning at site • Identification, assessment and monitoring of cyber security risks for the whole industrial system ( 4200 risks amongst all systems) Obtained gains Highlighting of the vulnerabilities of industrial systems and design of corrective and preventive action plans Cyber security awareness of project’s stakeholders ( 100) Decrease of industrial systems risks exposure following on site recommendation www.beijaflore.com • http://blogrisqueetsecurite.beijaflore.com