SlideShare une entreprise Scribd logo

Contributing to the Development and Application of Cybersecurity Standards

Y
Yokogawa1

As security threats evolve and adapt, so too must organizations’ responses to them. The development and application of cybersecurity standards in support of current and new generation industrial automation and control systems (IACS) are of fundamental importance. This presentation will provide practical and useful information on how cybersecurity standards are progressing and how they are applied. The initial focus will be on current activities in the development of the IEC 62443 IACS cybersecurity standards, and implications to the various stakeholders. An illustration will describe how to use the standards to frame the development of secure-by-design products and services, both current and future. Thereafter, the focus will shift to how IEC 62443 standards are used by other industry standards and securing IIoT and associated cloud systems. This is of particular importance in the context of the Open Process Automation Standard (O-PAS).

Technologie
1  sur  15
Télécharger pour lire hors ligne
Camilo Gomez Global Cybersecurity Strategist Yokogawa USTC November 10, 2020 Contributing to the Development and Application of Cybersecurity Standards
Agenda 1. Overview of ICS Cybersecurity Standards Development Activities 2. Using the Standards 3. Applying and Adopting the Standards to the New and Emerging
Development Activities Overview
ISA/IEC 62443 Series Roadmap Certification Development SeriesConsistency
ISA/IEC 62443 Use Grouping Dependent of IACS Environment Independent of IACS Environment Asset Owner Service Provider Integration Service Provider Maintenance Product Supplier Industrial Automation and Control Systems (IACS) Operational Policies and Procedures Automation Solution Essential Functions Safety Functions Control Functions Complementary Functions Products Components Embedded Device Host Device Network Device Software Application System Existing New 62443-1-1 62443-2-1 62443-3-2 62443-2-3 62443-2-4 62443-3-1 62443-3-3 62443-3-3 62443-4-1 62443-4-2 62443-1-3 62443-1-4 62443-2-2 62443-2-5 62443-1-3 62443-2-2 Focus Securing the IACS How to Guidance and Visibility Components Embedded Device Host Device Network Device Software Application Components Embedded Device Host Device Network Device Software Application Accountable Operates Designs and Deploys Maintains Develops and Supports
ISA/IEC 62443 Available Certifications Dependent of IACS Environment Independent of IACS Environment Asset Owner Service Provider Integration Service Provider Maintenance Product Supplier Industrial Automation and Control Systems (IACS) Operational Policies and Procedures Automation Solution Essential Functions Safety Functions Control Functions Complementary Functions Products Components Embedded Device Host Device Network Device Software Application System Existing New 62443-1-1 62443-2-1 62443-3-2 62443-2-3 62443-2-4 62443-3-1 62443-3-3 62443-3-3 62443-4-1 62443-4-2 62443-1-3 62443-1-4 62443-2-2 62443-2-5 62443-1-3 62443-2-2 Focus Securing the Supply Chain Components Embedded Device Host Device Network Device Software Application Components Embedded Device Host Device Network Device Software Application Accountable Operates Designs and Deploys Maintains Develops and Supports
Using the Standards—Securing the Organization
■ Methodology for developing quantitative metrics and KPIs from requirements in the standards ■ Understanding the objective and context of requirements ■ Deriving performance metrics from process and technical requirements ■ Differentiating Performance metrics from Conformance metrics ■ Building Key Performance Indicators WG12: 62443-1-3 Performance Metrics How to measure performance and effectiveness of security controls in operation?
■ Methodology for combining the evaluation of organizational and technical security measures ■ Results expressed in numerical values (SPRs) ■ SPR values are derived from rating the security level provided by capabilities of security measures used and the maturity levels of the organization operating the IACS ■ Based on maturity levels defined in 62443-2-1, 62443-2-4 and 62443-4-1 and security levels defined in 62433-3-3 WG3TG3: 62443-2-2 Security Program Ratings Evaluating the actual level of protection of an IACS cybersecurity program in operation
Applying the Standards to the New and Emerging
■ Examine whether the standards are appropriate and sufficient for IIoT in the context of “secure-by-design” objects as a prelude to possible certification ■ Focus on data classification, edge data collection and processing, and data transmission to the cloud via gateways ■ Relevance of zone and conduits concept Applying ISA/IEC 62443 to Industrial IoT ISA99 WG9-TR ■ Project towards an IIoT certification in progress ■ Applicability of CSA Certification ■ Differentiating IIoT device vs IIoT solution ■ Study of potential gaps in certification requirements and 62443 ISASecure roadmap
■ Responding to market need for intrinsically secure automation components and systems ■ Adopted 62443 as the guiding standard for secure-by-design of O-PAS™ products ■ Both software applications and physical platform ■ Mapped for the first-time other OT and IT functional standards such as OPC UA and Redfish to 62443 ■ Established collaborative agreement with ISASecure for security testing of O-PAS™ products based on ISA/IEC 62443 and relevant O-PAS™ specifications Adopting ISA/IEC 62443—OPAF Example O-PAS™ a standards based, open, secure, and interoperable process control architecture O-PAS™ Standard is a registered trademark of The Open Group.
Using the standards - Securing the Supply Chain
Standards based secure development lifecycle and support of products and services – secure by design ■ Policy ◆ Group Quality Management Policy ■ Knowhow ◆ Engineering standards ◆ Guidelines & tools ■ Assurance Framework ■ Training ■ Product Certification Yokogawa’s case Adopting Standards Servicing our Customers Standards based lifecycle management services for plant cybersecurity
The names of corporations, organizations, products and logos herein are either registered trademarks or trademarks of Yokogawa Electric Corporation and their respective holders. Thank You! There is more than just having standards when they are set to work.

Recommandé

Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsSean R. Bouchard, P.Eng
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 

Recommandé

Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsSean R. Bouchard, P.Eng
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)International Electrotechnical Commission (IEC)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionJim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Jiunn-Jer Sun
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2David Spinks
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCreekside Marketing Group, LLC
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohiveKappa Data
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperKappa Data
 

Contenu connexe

Tendances

Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionJim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Jiunn-Jer Sun
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 

Tendances (20)

IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...Effective Network Security Against Cyber Threats - Network Segmentation Techn...
Effective Network Security Against Cyber Threats - Network Segmentation Techn...
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
 

Similaire à Contributing to the Development and Application of Cybersecurity Standards

Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohiveKappa Data
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperKappa Data
 
Cross standard and scheme composition - A needed cornerstone for the European...
Cross standard and scheme composition - A needed cornerstone for the European...Cross standard and scheme composition - A needed cornerstone for the European...
Cross standard and scheme composition - A needed cornerstone for the European...Javier Tallón
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsYusuf Hadiwinata Sutandar
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security TrainingBryan Len
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET Journal
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentationPIACERE
 
Information Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual FrameworkInformation Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual FrameworkJames W. De Rienzo
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
 
operational-telecom-network-connected-pipeline-design-guide.pdf
operational-telecom-network-connected-pipeline-design-guide.pdfoperational-telecom-network-connected-pipeline-design-guide.pdf
operational-telecom-network-connected-pipeline-design-guide.pdfVishalKashyap15069
 
Industrial Networking Systems Secure Integration | Cisco & Polestar Case Study
Industrial Networking Systems Secure Integration | Cisco & Polestar Case StudyIndustrial Networking Systems Secure Integration | Cisco & Polestar Case Study
Industrial Networking Systems Secure Integration | Cisco & Polestar Case StudyPolestar IIoT
 
Google GCP-PCSE Certificate Is Your Best Choice
Google GCP-PCSE Certificate Is Your Best ChoiceGoogle GCP-PCSE Certificate Is Your Best Choice
Google GCP-PCSE Certificate Is Your Best ChoiceAmaaira Johns
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart ManufacturingCSA Group
 
Chapter 5
Chapter 5 Chapter 5
Chapter 5 ali raza
 
Module 1- Introduction-CCA.pptx
Module 1- Introduction-CCA.pptxModule 1- Introduction-CCA.pptx
Module 1- Introduction-CCA.pptxSabaFatima350242
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemSchneider Electric
 
SAFIRE Security Concept at EFFRA Event
SAFIRE Security Concept at EFFRA EventSAFIRE Security Concept at EFFRA Event
SAFIRE Security Concept at EFFRA EventSebastian Scholze
 

Similaire à Contributing to the Development and Application of Cybersecurity Standards (20)

Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohive
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda Whitepaper
 
Cross standard and scheme composition - A needed cornerstone for the European...
Cross standard and scheme composition - A needed cornerstone for the European...Cross standard and scheme composition - A needed cornerstone for the European...
Cross standard and scheme composition - A needed cornerstone for the European...
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentation
 
SecureCloud Project
SecureCloud ProjectSecureCloud Project
SecureCloud Project
 
Information Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual FrameworkInformation Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual Framework
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
ISA Toronto Chapter Presentation-March 2017
ISA Toronto Chapter Presentation-March 2017ISA Toronto Chapter Presentation-March 2017
ISA Toronto Chapter Presentation-March 2017
 
operational-telecom-network-connected-pipeline-design-guide.pdf
operational-telecom-network-connected-pipeline-design-guide.pdfoperational-telecom-network-connected-pipeline-design-guide.pdf
operational-telecom-network-connected-pipeline-design-guide.pdf
 
Industrial Networking Systems Secure Integration | Cisco & Polestar Case Study
Industrial Networking Systems Secure Integration | Cisco & Polestar Case StudyIndustrial Networking Systems Secure Integration | Cisco & Polestar Case Study
Industrial Networking Systems Secure Integration | Cisco & Polestar Case Study
 
Google GCP-PCSE Certificate Is Your Best Choice
Google GCP-PCSE Certificate Is Your Best ChoiceGoogle GCP-PCSE Certificate Is Your Best Choice
Google GCP-PCSE Certificate Is Your Best Choice
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart Manufacturing
 
Chapter 5
Chapter 5 Chapter 5
Chapter 5
 
Module 1- Introduction-CCA.pptx
Module 1- Introduction-CCA.pptxModule 1- Introduction-CCA.pptx
Module 1- Introduction-CCA.pptx
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
SAFIRE Security Concept at EFFRA Event
SAFIRE Security Concept at EFFRA EventSAFIRE Security Concept at EFFRA Event
SAFIRE Security Concept at EFFRA Event
 

Plus de Yokogawa1

Data, Data, Everywhere...GA10 Brings It All Together
Data, Data, Everywhere...GA10 Brings It All TogetherData, Data, Everywhere...GA10 Brings It All Together
Data, Data, Everywhere...GA10 Brings It All TogetherYokogawa1
 
202102 attaining proficiency in industrial pressure measurement r7
202102 attaining proficiency in industrial pressure measurement r7202102 attaining proficiency in industrial pressure measurement r7
202102 attaining proficiency in industrial pressure measurement r7Yokogawa1
 
Chromatography Basics 2021
Chromatography Basics 2021Chromatography Basics 2021
Chromatography Basics 2021Yokogawa1
 
An Economic X-ray of Digital Transformation
An Economic X-ray of Digital TransformationAn Economic X-ray of Digital Transformation
An Economic X-ray of Digital TransformationYokogawa1
 
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...Using A Unique, Next Generation APC Solution To Address Common Problems In Th...
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...Yokogawa1
 
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...Yokogawa1
 
The Value-driven Approach to Digitalizing Assets and their Supply Chains
The Value-driven Approach to Digitalizing Assets and their Supply ChainsThe Value-driven Approach to Digitalizing Assets and their Supply Chains
The Value-driven Approach to Digitalizing Assets and their Supply ChainsYokogawa1
 
The Role And Evolution Of Advanced Analytics In The Process Industries
The Role And Evolution Of Advanced Analytics In The Process IndustriesThe Role And Evolution Of Advanced Analytics In The Process Industries
The Role And Evolution Of Advanced Analytics In The Process IndustriesYokogawa1
 
The Digital Twin For Production Optimization
The Digital Twin For Production OptimizationThe Digital Twin For Production Optimization
The Digital Twin For Production OptimizationYokogawa1
 
Multi-Site Optimization To Drive Value Creation In Chevron
Multi-Site Optimization To Drive Value Creation In ChevronMulti-Site Optimization To Drive Value Creation In Chevron
Multi-Site Optimization To Drive Value Creation In ChevronYokogawa1
 
Keeping PACE with Advanced Process Control
Keeping PACE with Advanced Process ControlKeeping PACE with Advanced Process Control
Keeping PACE with Advanced Process ControlYokogawa1
 
Yokogawa’s DX and Smart Manufacturing Vision for Building our Future
Yokogawa’s DX and Smart Manufacturing Vision for Building our FutureYokogawa’s DX and Smart Manufacturing Vision for Building our Future
Yokogawa’s DX and Smart Manufacturing Vision for Building our FutureYokogawa1
 
Business Model Disruption - The Step-wise Transition to Remote Operations
Business Model Disruption - The Step-wise Transition to Remote OperationsBusiness Model Disruption - The Step-wise Transition to Remote Operations
Business Model Disruption - The Step-wise Transition to Remote OperationsYokogawa1
 
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...Yokogawa1
 
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...Shift team effectiveness: Don't bother if you can't change "shop floor" shift...
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...Yokogawa1
 
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...Yokogawa1
 
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...Yokogawa1
 
Transforming Decision Making in Scheduling of Terminal Operations
Transforming Decision Making in Scheduling of Terminal OperationsTransforming Decision Making in Scheduling of Terminal Operations
Transforming Decision Making in Scheduling of Terminal OperationsYokogawa1
 
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...Yokogawa1
 
Achieving the Autonomous Terminal
Achieving the Autonomous TerminalAchieving the Autonomous Terminal
Achieving the Autonomous TerminalYokogawa1
 

Plus de Yokogawa1 (20)

Data, Data, Everywhere...GA10 Brings It All Together
Data, Data, Everywhere...GA10 Brings It All TogetherData, Data, Everywhere...GA10 Brings It All Together
Data, Data, Everywhere...GA10 Brings It All Together
 
202102 attaining proficiency in industrial pressure measurement r7
202102 attaining proficiency in industrial pressure measurement r7202102 attaining proficiency in industrial pressure measurement r7
202102 attaining proficiency in industrial pressure measurement r7
 
Chromatography Basics 2021
Chromatography Basics 2021Chromatography Basics 2021
Chromatography Basics 2021
 
An Economic X-ray of Digital Transformation
An Economic X-ray of Digital TransformationAn Economic X-ray of Digital Transformation
An Economic X-ray of Digital Transformation
 
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...Using A Unique, Next Generation APC Solution To Address Common Problems In Th...
Using A Unique, Next Generation APC Solution To Address Common Problems In Th...
 
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...
Open Process Automation: Status of the O-PAS™ Standard, Conformance Certifica...
 
The Value-driven Approach to Digitalizing Assets and their Supply Chains
The Value-driven Approach to Digitalizing Assets and their Supply ChainsThe Value-driven Approach to Digitalizing Assets and their Supply Chains
The Value-driven Approach to Digitalizing Assets and their Supply Chains
 
The Role And Evolution Of Advanced Analytics In The Process Industries
The Role And Evolution Of Advanced Analytics In The Process IndustriesThe Role And Evolution Of Advanced Analytics In The Process Industries
The Role And Evolution Of Advanced Analytics In The Process Industries
 
The Digital Twin For Production Optimization
The Digital Twin For Production OptimizationThe Digital Twin For Production Optimization
The Digital Twin For Production Optimization
 
Multi-Site Optimization To Drive Value Creation In Chevron
Multi-Site Optimization To Drive Value Creation In ChevronMulti-Site Optimization To Drive Value Creation In Chevron
Multi-Site Optimization To Drive Value Creation In Chevron
 
Keeping PACE with Advanced Process Control
Keeping PACE with Advanced Process ControlKeeping PACE with Advanced Process Control
Keeping PACE with Advanced Process Control
 
Yokogawa’s DX and Smart Manufacturing Vision for Building our Future
Yokogawa’s DX and Smart Manufacturing Vision for Building our FutureYokogawa’s DX and Smart Manufacturing Vision for Building our Future
Yokogawa’s DX and Smart Manufacturing Vision for Building our Future
 
Business Model Disruption - The Step-wise Transition to Remote Operations
Business Model Disruption - The Step-wise Transition to Remote OperationsBusiness Model Disruption - The Step-wise Transition to Remote Operations
Business Model Disruption - The Step-wise Transition to Remote Operations
 
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...
A New Digital Maintenance Platform in a Large Petrochemical Facility to Ident...
 
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...Shift team effectiveness: Don't bother if you can't change "shop floor" shift...
Shift team effectiveness: Don't bother if you can't change "shop floor" shift...
 
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...
Adversity Drives Innovation and Enterprise Resilience to Best Leverage a Hist...
 
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...
Improved Upstream Production Efficiency with Remote Optimization Centers, Fie...
 
Transforming Decision Making in Scheduling of Terminal Operations
Transforming Decision Making in Scheduling of Terminal OperationsTransforming Decision Making in Scheduling of Terminal Operations
Transforming Decision Making in Scheduling of Terminal Operations
 
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...
Asia NOC Bridges Business-wide Performance Objectives and KPIs through an Adv...
 
Achieving the Autonomous Terminal
Achieving the Autonomous TerminalAchieving the Autonomous Terminal
Achieving the Autonomous Terminal
 

Dernier

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 

Dernier (20)

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 

Contributing to the Development and Application of Cybersecurity Standards

  • 1. Camilo Gomez Global Cybersecurity Strategist Yokogawa USTC November 10, 2020 Contributing to the Development and Application of Cybersecurity Standards
  • 2. Agenda 1. Overview of ICS Cybersecurity Standards Development Activities 2. Using the Standards 3. Applying and Adopting the Standards to the New and Emerging
  • 4. ISA/IEC 62443 Series Roadmap Certification Development SeriesConsistency
  • 5. ISA/IEC 62443 Use Grouping Dependent of IACS Environment Independent of IACS Environment Asset Owner Service Provider Integration Service Provider Maintenance Product Supplier Industrial Automation and Control Systems (IACS) Operational Policies and Procedures Automation Solution Essential Functions Safety Functions Control Functions Complementary Functions Products Components Embedded Device Host Device Network Device Software Application System Existing New 62443-1-1 62443-2-1 62443-3-2 62443-2-3 62443-2-4 62443-3-1 62443-3-3 62443-3-3 62443-4-1 62443-4-2 62443-1-3 62443-1-4 62443-2-2 62443-2-5 62443-1-3 62443-2-2 Focus Securing the IACS How to Guidance and Visibility Components Embedded Device Host Device Network Device Software Application Components Embedded Device Host Device Network Device Software Application Accountable Operates Designs and Deploys Maintains Develops and Supports
  • 6. ISA/IEC 62443 Available Certifications Dependent of IACS Environment Independent of IACS Environment Asset Owner Service Provider Integration Service Provider Maintenance Product Supplier Industrial Automation and Control Systems (IACS) Operational Policies and Procedures Automation Solution Essential Functions Safety Functions Control Functions Complementary Functions Products Components Embedded Device Host Device Network Device Software Application System Existing New 62443-1-1 62443-2-1 62443-3-2 62443-2-3 62443-2-4 62443-3-1 62443-3-3 62443-3-3 62443-4-1 62443-4-2 62443-1-3 62443-1-4 62443-2-2 62443-2-5 62443-1-3 62443-2-2 Focus Securing the Supply Chain Components Embedded Device Host Device Network Device Software Application Components Embedded Device Host Device Network Device Software Application Accountable Operates Designs and Deploys Maintains Develops and Supports
  • 8. ■ Methodology for developing quantitative metrics and KPIs from requirements in the standards ■ Understanding the objective and context of requirements ■ Deriving performance metrics from process and technical requirements ■ Differentiating Performance metrics from Conformance metrics ■ Building Key Performance Indicators WG12: 62443-1-3 Performance Metrics How to measure performance and effectiveness of security controls in operation?
  • 9. ■ Methodology for combining the evaluation of organizational and technical security measures ■ Results expressed in numerical values (SPRs) ■ SPR values are derived from rating the security level provided by capabilities of security measures used and the maturity levels of the organization operating the IACS ■ Based on maturity levels defined in 62443-2-1, 62443-2-4 and 62443-4-1 and security levels defined in 62433-3-3 WG3TG3: 62443-2-2 Security Program Ratings Evaluating the actual level of protection of an IACS cybersecurity program in operation
  • 10. Applying the Standards to the New and Emerging
  • 11. ■ Examine whether the standards are appropriate and sufficient for IIoT in the context of “secure-by-design” objects as a prelude to possible certification ■ Focus on data classification, edge data collection and processing, and data transmission to the cloud via gateways ■ Relevance of zone and conduits concept Applying ISA/IEC 62443 to Industrial IoT ISA99 WG9-TR ■ Project towards an IIoT certification in progress ■ Applicability of CSA Certification ■ Differentiating IIoT device vs IIoT solution ■ Study of potential gaps in certification requirements and 62443 ISASecure roadmap
  • 12. ■ Responding to market need for intrinsically secure automation components and systems ■ Adopted 62443 as the guiding standard for secure-by-design of O-PAS™ products ■ Both software applications and physical platform ■ Mapped for the first-time other OT and IT functional standards such as OPC UA and Redfish to 62443 ■ Established collaborative agreement with ISASecure for security testing of O-PAS™ products based on ISA/IEC 62443 and relevant O-PAS™ specifications Adopting ISA/IEC 62443—OPAF Example O-PAS™ a standards based, open, secure, and interoperable process control architecture O-PAS™ Standard is a registered trademark of The Open Group.
  • 13. Using the standards - Securing the Supply Chain
  • 14. Standards based secure development lifecycle and support of products and services – secure by design ■ Policy ◆ Group Quality Management Policy ■ Knowhow ◆ Engineering standards ◆ Guidelines & tools ■ Assurance Framework ■ Training ■ Product Certification Yokogawa’s case Adopting Standards Servicing our Customers Standards based lifecycle management services for plant cybersecurity
  • 15. The names of corporations, organizations, products and logos herein are either registered trademarks or trademarks of Yokogawa Electric Corporation and their respective holders. Thank You! There is more than just having standards when they are set to work.