Smart Grids & Dumb Security => A Guide For Business Managers

•Télécharger en tant que PPTX, PDF•

0 j'aime•459 vues

A high-level share for non-IT Managerial/Director audience a glimpse into current and emerging business threats at the OFSEC Expo 12-16 Sept in Muscat, Oman. Please feel free to use any content and share original sources were noted.

Technologie

Why SCADA, ICS
& Embedded
Devices continue
to be a threat
DUMB SECURITY & SMART GRIDSDUMB SECURITY & SMART GRIDSDUMB SECURITY & SMART GRIDS
Faris A. Al-Kharusi, MPhil, MSc., GWCBA

AGENDA
SCADA, ICS & Embedded Devices
• Evolution of theThreat
• Industry Standards vs. Residential Realities
Specific Contemporary Challenges
• The {C}oldWar
• Paradigm Shift
CybersecurityWorld-View
• Weak vs. Strong Implementations
• The Real Calculation of Risk (InformationAssurance)
Do’s & Don’t of Smart Projects
• Data Storage & Security Policy
• Knowledge & Competency
• BCP & DRP
AGENDA

The Story So Far
• Hard-Coded Passwords.
• Hard-Coded Firmware (Exploits
can not be patched!)
• Lack of belief that critical
infrastructure is internet-facing.
• Reconnaissance can be done
anonymously with low likelihood
of detection.
• Lack of skill-sets to conduct
forensics minimize reporting on
intrusions.

Evolution of theThreat: How We Got Here
– Complex interdependencies
arose …
– The IP/TCP Landscape has
opened the doors to ease of
setup since the early 80’s ...

Evolution of theThreat: GlobalView
– Bacnet (port 47808)
– DNP3 (port 20000)
– EtherNet/IP (port 44818)
– Niagara Fox (ports 1911 )
– IEC-104 (port 2404)
– Red Lion (port 789)
– Modbus (port 502)
– Siemens S7 (port 102)

AndThe Internet ofThings Grows Regionally
UPnP - UDP Port 1900
- Mobile Devices
- CCTV
- Biometric Readers
- Energy Generators
- Card Readers
- Appliances
- POS Kiosks
- Routers
- Printers
- And the list goes on …

Industry Standards
The “Perfect
Landscape” as
conveyed in our
security centric
minds …

Residential Outlook
And the current
reality …

Real-TimeOperations:Weak Implementations
Sifting through Events

Real-TimeOperations: Strong Implementations
IntelligentAlarms & Exception Based Surveillance

The Real Calculation of Risk
Risk =
Threat x
Vulnerability x
Consequence

Stop fighting yesterday’s war today . . .
The Do’s
• Understand consequence of your
vulnerabilities.
• Use Local Clouds – keep ownership
of your Data.
• Think clearly about your Data
Analytics strategy as it pertains
guarding your assets.
The Don’ts
• Stop treating your security
decision’s like it is 2005.
• Outsource all the knowledge and
competency (especially around
forensics) to a third-party.
• Expect proprietary or complex
setups to provide protection.

Contenu connexe

Tendances

Tempered Networks’ CEO, Jeff Hussey, explains how enterprise organizations can rapidly provision secure identity-based overlay networks that enable you to: • Cloak or remove the IP footprint of any device from the underlying network to minimize network attack surfaces; significantly reducing vulnerability to externally mounted attacks. • Transform vulnerable IP-enabled devices—even those that cannot protect themselves--into hardened, invisible assets. • Rapidly deploy any number of secure overlay networks through centralized orchestration of policies, which allow for easy micro-segmentation of any communications to trusted entities.

Cloaking is the new perimeter

Tempered

The design and implementation of intelligent campus security tracking system ...

impulsetechembedded12

UMC FTSG Software

kphodel

Airport as a Smartcity - Naftemporiki IoT 2016

Manolis Nikiforakis

SODA-IIoT4Factory: Blockchain to keep the A.I. of your Intrusion Detection Sy...

Nabil Bouzerna

Context: Internet of Things • Huge number of devices with full or limited connectivity to the Internet • By 2030, around 30 billions of devices will exchange hundred of zettabytes of data • Massive deployment -> more vulnerabilities -> need for a universal software update infrastructure Idea: why not use a blockchain for updates sharing between manufacturers and their devices? Blockchain provides updates availability thanks to its persistence in time, its history provision and its resistance to Denial of Services attacks Blockchain provides updates innocuousness by extending it with dedicated nodes carrying on updates binaries checking against vulnerabilities and known attacks Blockchain stores devices acknowledgments of updates installation IRT SystemX Prototype: • Use of Multichain, a permissioned blockchain • Use of Bitcoin blockchain for Multichain bootstrap • Blockchain update infrastructure deployed on VMs • Devices implemented physically (tens of raspberry pi) or virtually (up to 800 VMs per server) • PGP keys usage for updates encryption and signature Publication at: IEEE Security & privacy on the Blockchain 2017 (IEEE S&B 2017) - 29 April 2017

Towards Better Availability and Accountability for IoT Updates by means of a ...

Nabil Bouzerna

Microcontrollers disruption v9.0

Jim Nicholas

Tendances (7)

Cloaking is the new perimeter

The design and implementation of intelligent campus security tracking system ...

UMC FTSG Software

Airport as a Smartcity - Naftemporiki IoT 2016

SODA-IIoT4Factory: Blockchain to keep the A.I. of your Intrusion Detection Sy...

Towards Better Availability and Accountability for IoT Updates by means of a ...

Microcontrollers disruption v9.0

Similaire à Smart Grids & Dumb Security => A Guide For Business Managers

Stories from the Trainyard!

Patrick Kelley

Encryption in industrial control systems; Is the juice worth the squeeze?

Brian Proctor - GICSP, CISSP, CRISC

2012 02 14 Afcom Presentation

Eric Gallant

Gus Hunt's Work-Bench Enterprise Security Summit Keynote

Work-Bench

Cyber Security Lecture at Rah Rah 7

Filip Maertens

Dragos and CyberWire: ICS Ransomware

Dragos, Inc.

An introduction to SOC (Security Operation Center)

Ahmad Haghighi

Introducing the concept of SLEx (Substation Life Extension) and Intelligent Sensing at teh Edge when it comes to Smart Grid activities. This is a novel concept on truly using sensors to extend substation life, and then dealing with the Big Data that has just been introduced by using state of the art sensing technology. Both SLEx and Intelligent Sensing at the Edge are concepts that have been introduced by Brett Sargent who is CTO and VP/GM of Products at an innovative sensor company located in Silicon Valley.

Big Data for Big Power: How smart is the grid if the infrastructure is stupid?

OReillyStrata

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba

Angeloluca Barba

CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...

TI Safe

CCTV in the CLOUD

Riccardo Mazzurco

Background scenario drivers and critical issues with a focus on technology ...

bdemchak

Cyber as WMD- April 2015- GFSU

Mohit Rampal

"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Lead Security Architect At Lloyds Bank Group Watch more from Data Natives Berlin 2016 here: http://bit.ly/2fE1sEo Visit the conference website to learn more: www.datanatives.io Follow Data Natives: https://www.facebook.com/DataNatives https://twitter.com/DataNativesConf Stay Connected to Data Natives by Email: Subscribe to our newsletter to get the news first about Data Natives 2017: http://bit.ly/1WMJAqS About the Author: Anish has been working in the security and cryptography area for the past 15 years, as a researcher and as a consultant. His first brush with payments systems was 15 years ago when he was involved in building a micropayments system for Ericsson. He has spent half his career researching cryptographic algorithms and protocols at three different research groups including Microsoft Research. He also has published multiple papers in the area of security and cryptography and contributed to thought leadership in security space, through guides, POV, white papers and talks. He has also worked as a strategy consultant for Accenture and Capgemini. Most recently he has been involved in the Blockchain ecosystem as one of the founding members of UKDCA . He is also on the advisory board for Ripple Labs, IEET, EA ventures, Adjoint and Chain of Things. These days he works for large UK bank where he is lead security architect.

"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...

Dataconomy Media

CSO Magazine Confab 2013 Atlanta - Cyber Security

Phil Agcaoili

DataBeers Malaga #20 especial datos y ciberseguridad- Fundamentals of Data Se...

Databeers Malaga

Ot ics cyberattaques dans les organisations industrielles

Cisco Canada

2012 Reenergize the Americas 3B: Angel Avila

Reenergize

Transformation From Today To Tomorrow - Market and Product Strategy 2018

Jiunn-Jer Sun

Big data, security, and the cloud

Pano Xinos

Similaire à Smart Grids & Dumb Security => A Guide For Business Managers (20)

Stories from the Trainyard!

Encryption in industrial control systems; Is the juice worth the squeeze?

2012 02 14 Afcom Presentation

Gus Hunt's Work-Bench Enterprise Security Summit Keynote

Cyber Security Lecture at Rah Rah 7

Dragos and CyberWire: ICS Ransomware

An introduction to SOC (Security Operation Center)

Big Data for Big Power: How smart is the grid if the infrastructure is stupid?

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba

CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...

CCTV in the CLOUD

Background scenario drivers and critical issues with a focus on technology ...

Cyber as WMD- April 2015- GFSU

"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...

CSO Magazine Confab 2013 Atlanta - Cyber Security

DataBeers Malaga #20 especial datos y ciberseguridad- Fundamentals of Data Se...

Ot ics cyberattaques dans les organisations industrielles

2012 Reenergize the Americas 3B: Angel Avila

Transformation From Today To Tomorrow - Market and Product Strategy 2018

Big data, security, and the cloud

Dernier

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Exploring Multimodal Embeddings with Milvus

Zilliz

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

DBX First Quarter 2024 Investor Presentation

Dropbox

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

Dernier (20)

Strategies for Landing an Oracle DBA Job as a Fresher

MS Copilot expands with MS Graph connectors

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Six Myths about Ontologies: The Basics of Formal Ontology

WSO2's API Vision: Unifying Control, Empowering Developers

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Platformless Horizons for Digital Adaptability

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Exploring Multimodal Embeddings with Milvus

Why Teams call analytics are critical to your entire business

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

presentation ICT roal in 21st century education

CNIC Information System with Pakdata Cf In Pakistan

DBX First Quarter 2024 Investor Presentation

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

AWS Community Day CPH - Three problems of Terraform

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Smart Grids & Dumb Security => A Guide For Business Managers

2. Why SCADA, ICS & Embedded Devices continue to be a threat DUMB SECURITY & SMART GRIDSDUMB SECURITY & SMART GRIDSDUMB SECURITY & SMART GRIDS Faris A. Al-Kharusi, MPhil, MSc., GWCBA

3. AGENDA SCADA, ICS & Embedded Devices • Evolution of theThreat • Industry Standards vs. Residential Realities Specific Contemporary Challenges • The {C}oldWar • Paradigm Shift CybersecurityWorld-View • Weak vs. Strong Implementations • The Real Calculation of Risk (InformationAssurance) Do’s & Don’t of Smart Projects • Data Storage & Security Policy • Knowledge & Competency • BCP & DRP AGENDA

4. The Story So Far • Hard-Coded Passwords. • Hard-Coded Firmware (Exploits can not be patched!) • Lack of belief that critical infrastructure is internet-facing. • Reconnaissance can be done anonymously with low likelihood of detection. • Lack of skill-sets to conduct forensics minimize reporting on intrusions.

5. Evolution of theThreat: How We Got Here – Complex interdependencies arose … – The IP/TCP Landscape has opened the doors to ease of setup since the early 80’s ...

6. Evolution of theThreat: GlobalView – Bacnet (port 47808) – DNP3 (port 20000) – EtherNet/IP (port 44818) – Niagara Fox (ports 1911 ) – IEC-104 (port 2404) – Red Lion (port 789) – Modbus (port 502) – Siemens S7 (port 102)

7. AndThe Internet ofThings Grows Regionally UPnP - UDP Port 1900 - Mobile Devices - CCTV - Biometric Readers - Energy Generators - Card Readers - Appliances - POS Kiosks - Routers - Printers - And the list goes on …

8. Industry Standards The “Perfect Landscape” as conveyed in our security centric minds …

9. Residential Outlook And the current reality …

10. The {C}oldWar

11. Paradigm Shift

12. Real-TimeOperations:Weak Implementations Sifting through Events

13. Real-TimeOperations: Strong Implementations IntelligentAlarms & Exception Based Surveillance

14. The Real Calculation of Risk Risk = Threat x Vulnerability x Consequence

15. Stop fighting yesterday’s war today . . . The Do’s • Understand consequence of your vulnerabilities. • Use Local Clouds – keep ownership of your Data. • Think clearly about your Data Analytics strategy as it pertains guarding your assets. The Don’ts • Stop treating your security decision’s like it is 2005. • Outsource all the knowledge and competency (especially around forensics) to a third-party. • Expect proprietary or complex setups to provide protection.

16. ThankYou & Feel FreeTo Ask Questions

Notes de l'éditeur

Courtesy Threat Toons
Courtesy Threat Toons
Image courtesy of Mark Fabro
Image courtesy of SHODAN 2014
Courtesy of SHODAN 2015
Image courtesy of ATOS Origin
Courtesy of Norton (2013)
Courtesy of Google Images
Courtesy of PlanX
Courtesy of Mark Fabro

Smart Grids & Dumb Security => A Guide For Business Managers

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (7)

Similaire à Smart Grids & Dumb Security => A Guide For Business Managers

Similaire à Smart Grids & Dumb Security => A Guide For Business Managers (20)

Dernier

Dernier (20)

Smart Grids & Dumb Security => A Guide For Business Managers

Notes de l'éditeur