SANS ICS Security Survey Report 2016

•Descargar como PPTX, PDF•

0 recomendaciones•748 vistas

Presentation on findings of the annual survey of ICS Security professionals. Includes participant demographics, greatest ICS security threats, and security initiatives.

Tecnología

Security in Industrial Control
Systems Today:
A SANS Survey Webcast
Sponsored by Anomali, Arbor Networks, Belden, and Carbon Black
© 2016 The SANS™ Institute – www.sans.org
Survey and Report Authors:
• Derek Harp, SANS Director, ICS Security
• Bengt Gregory-Brown, SANS Analyst

© 2016 The SANS™ Institute – www.sans.org
Industries Represented
2
0%
5%
10%
15%
20%
25%
30%
35%
69%
14%
17%
U.S.
Europe
Everywhere
Else
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Current Threat Level of ICS
3
24%
43%
23%
8%
Severe/Critical
High
Moderate
Low
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Top ICS Threat Vectors
4
0% 10% 20% 30% 40% 50% 60% 70%
External hacktivists, nation states
Internal-Unintentional
Malware
Phishing
IT/OT Integration
Internal-Intentional
Supply chain/Partners
First Second Third
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Lack of Visibility into ICS Networks
5
26.6%
13.0%
52.0%
3.4%
5.1%
Have your control system cyber assets and/or control system
network ever been infected or infiltrated?
Yes
No, we’re sure we haven’t been
infiltrated
Not that we know of
We’ve had suspicions but were
never able to prove it
We don’t know and have no
suspicions
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Recent ICS Security Breaches
6
0.0%
5.0%
10.0%
15.0%
20.0%
25.0%
30.0%
35.0%
40.0%
45.0%
1 to 2 3 to 5 6 to 10 11 to 25 26 + Unknown
How many times did such events occur in the past 12 months?
2014 2015 2016
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Most Recent ICS Security Assessment
7
26%
42%
31%
In past 3 months
in past 4-12 months
More than 1 year
ago/Never
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Security Standards Mapping
8
47%
37%34%
27%
24%
Select all cybersecurity standards you use
NIST Guide to SCADA and
Industrial Control Systems
Security
20 Critical Security Controls
NERC CIP
ISO 27000 series including
27001 and others
ISA99 (Industrial
Automation and Control
Systems Security)
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Top ICS Security Initiatives
9
0% 10% 20% 30% 40% 50%
Implementation of greater controls over
mobile devices/wireless communications
Acquisition of additional skilled staff
Implementation of intrusion detection tools
Implementation of anomaly detection tools
Staff training and certification
Security assessment
Security awareness training
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
ICS Security Certification
10
66%
28%
12%
10%
6%
Please indicate what certifications you hold.
Select all that apply.
Industrial Cyber Security
Certification (GICSP)
ISA99 Cybersecurity
Fundamentals Specialist
Certificate
IACRB Certified SCADA
Security Architect (CSSA)
ISA Security Compliance
Institute (ISCI) System Security
Assurance (SSA) Certification
ISA Security Compliance
Institute (ISCI) Embedded
Device Security Assurance
(EDSA) Certification
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
ICS Components at Greatest Risk
11
0% 20% 40% 60%
Computer assets running commercial OS
Connections to business systems
Network devices
Connections to field SCADA network
Wireless devices/protocols
Control system communication protocols
Control system applications
For the full report, see: http://bit.ly/SANSICSSecRep2016

© 2016 The SANS™ Institute – www.sans.org
Top ICS Security Tools/Technologies
12
In Use Planned
Tool Used By Tool Planned By
Anti-malware/ Antivirus 80% Anomaly detection tools 35%
Physical controls for
access to control
systems and networks
73%
Control system
enhancements/Upgrade
services
33%
Use of zones or network
segmentation
71% Application whitelisting 32%
Monitoring and log
analysis
65% Vulnerability scanning 31%
Technical access
controls
63%
Intrusion prevention
tools on control systems
and networks
29%
For the full report, see: http://bit.ly/SANSICSSecRep2016

ICS Security Annual Survey 2016 Report: http://bit.ly/SANSICSSecRep2016
ICS Security Survey 2016 Report Webcast: http://bit.ly/SANSICSSecCast2016
Upcoming ICS Webcasts
Sep 7: Incorporating ICS Cybersecurity Into Water Utility Master Planning
with Jason Dely
Sep 28: The GICSP: A Keystone ICS Security Certification
with Mike Assante, Derek Harp, Scott Cassity, et al
Oct 4: ICS Cyber Security as a Business Investment
with Austin Scott
Nov 2: Securing OT in an IT World
with Derek Harp and Bengt Gregory-Brown
Sponsored by Wurldtech/GE
Dec 6: Advanced Persistent Trickery in ICS Defense
with Bryce Galbraith

Más contenido relacionado

La actualidad más candente

This presentation was given at BSides Las Vegas 2015. The modern times that we live in, the gentle shift that we are making towards the Internet of Things (IoT) is slowly but surely getting a grip on our day to day lives. The same goes for securing our Industrial Control Systems (ICS). We see that the demand for ICS security is raising and governmental regulations are being established and implement. However, this also means that the need for ICS security professionals is raising as well. More and more security professionals/firms are starting to perform security assessments such as penetration testing on an ICS level. Two years ago I got the question if I was up for the challenge, converting myself from a ‘normal’ security professional to a ICS specific security professional. The purpose of this talk would be to provide a starting point for security professionals that want to make the shift towards ICS Security, just like I did two years ago. While the term starting point might be a bit misleading, the goal would be to provide an ICS 001 talk instead in contrast to an ICS 101 talk.

The journey to ICS - Extended

Larry Vandenaweele

Nozomi Fortinet Accelerate18

Nozomi Networks

Nozomi Networks SCADAguardian - Data-Sheet

Nozomi Networks

Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).

Nozomi Networks Q1_2018 Company Introduction

Nozomi Networks

The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.

Robust Cyber Security for Power Utilities

Nir Cohen

This webinar will help you get more informed on PenTesting in SCADA and also best practices and methods used on risk assessment. Learning about the criticality in industry, makes you more flexible to boost the skills. Main points covered: • The SCADA ICS function in critical infrastructure industry • Risk exposure of IT vs. SCADA ICS from Cyber Security Perspective • Do's and don’ts of Vulnerability Assessment and Penetration Testing in SCADA ICS Environment Presenter: This webinar was presented by Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS, and PECB Certified Trainer. Link of the recorded session published on YouTube: https://youtu.be/icq-RTwusZ8

Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...

PECB

Presented at the OPC Foundation's "The Information Revolution 2014" in Redmond, WA August 5-6, 2014 This presentation discusses the modes and methodologies an attacker may use against an industrial control system in order to create a complex process attack. The presentation then discusses some specific examples, both real and hypothetical. The presentation finishes with a description of some common ways in which an organization could defend itself against these types of attacks.

Cyber & Process Attack Scenarios for ICS

Jim Gilsinn

Securing SCADA

Jeffrey Wang , P.Eng

Securing Industrial Control Systems

Eric Andresen

The Future of ICS Security Products

Digital Bond

The Department of Homeland Security (DHS) has become more concerned with cyber attacks on infrastructure such as supervisory control and data acquisition (SCADA) systems. An attack in Iran has proven that the landscape of cyber warfare is continually evolving. As the SCADA systems are the systems that autonomously monitor and adjust switching among other processes within critical infrastructures such as nuclear plants, and power grids DHS has become concerned about these systems as they are unmanned frequently and remotely accessed. A vulnerability such as remote access could allow anyone to take control of assets to critical infrastructure remotely. There has been increasing mandates, and directives to ensure any system deployed meets stringent requirements. As the Stuxnet worm has become a reality, future attacks could be malicious code directly targeting specific locations of critical infrastructure. This paper will address methods to protect infrastructure from cyber attacks using a hybrid of certification & accreditation (C&A) processes and information assurance (IA) controls.

Protecting Infrastructure from Cyber Attacks

Maurice Dawson

Cybersecurity for modern industrial systems

Itex Solutions

IT vs. OT: ICS Cyber Security in TSOs

Community Protection Forum

Nozomi networks-solution brief

Nozomi Networks

Every time a new information technology finds its way into production, it seems as though we end up repeating the same process – security vulnerabilities will be discovered and disclosed in that technology, and users and vendors will deny that the risks are significant. Only after major attacks occur do we really start to see efforts to address the inherent risks in a systematic way. We’re falling into this exact same trap again with Industrial Control and SCADA systems, but in this case the problem is worse, because the inherent nature of control systems prevents us from applying many of the strategies that have been used to protect other kinds of computer networks. Join Lancope’s Director of Security Research, Tom Cross, for a look at the five stages of grief that organizations seem to pass through as they come to terms with security risks, and how far we’ve come regarding Industrial Control Systems. Hear about: The state of Control Systems security vulnerabilities Attack activity that is prompting a change in perspective The unique, long-term challenges associated with protecting SCADA networks How anomaly detection can play a key role in protecting SCADA systems now

SCADA Security: The Five Stages of Cyber Grief

Lancope, Inc.

Should I Patch My ICS?

Digital Bond

ICS Cybersecurity training is intended for security professionals and control system designs in order to give them propelled cybersecurity aptitudes and learning in order to ensure the Industrial Control System (ICS) and keep their mechanical task condition secure against digital dangers. Audience: Control engineers, integrators and architects System administrators, engineers Information Technology (IT) professionals Security Consultants Managers who are responsible for ICS Researchers and analysts working on ICS security Vendors, Executives and managers Information technology professionals, security engineers, security analysts, policy analysts Investors and contractors Technicians, operators, and maintenance personnel Price: $3,999.00 Length: 4 Days Training Objectives: Understand fundamentals of Industrial Control Systems (ICS) Recognize the security architecture for ICS Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers Learn about active defense and incident response for ICS Learn the essentials for NERC Critical Infrastructure Protection (CIP) Understand policies and procedures for NERC critical infrastructure protection (CIP) List strategies for NERC CIP version 5/6 Apply risk management techniques to ICS Describe ICS Active Defense and Incident Response Describe techniques for defending against the new ICS threat matrix Assess and audit risks for ICS Apply IEC standard to network and system security of ICS Implement the ICS security program step by step Protect the ICS network from vulnerabilities Understand different types of servers in ICS and protect them against attacks Apply security standards to SCADA systems based on NIST SP 800-82 Detect different types of attacks to SCADA systems Tackle all the security challenges related to ICS cybersecurity Training Outline: ICS Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need: Fundamentals of Industrial Control Systems (ICS) ICS Security Architecture Common ICS Vulnerabilities ICS Threat Intelligence NERC Critical Infrastructure Protection (CIP) Risk Management and Risk Assessment ICS Auditing and Assessment IEC 62443: Network and System Security for ICS Implementation of ICS Security Program Development ICS Incident Response Network Protection for ICS ICS Server Protection SCADA Security Policies and Standards Detection of Cyber Attacks on SCADA Systems Our instructors at Tonex will assist you with mastering every one of the ICS Cybersecurity plan strategies by presenting the hazard administration framework, chance evaluation methods, episode reaction, constant monitoring, SCADA security change, and network security approaches for ICS. ICS Cyber security Training https://www.tonex.com/training-courses/ics-cybersecurity-training/

ICS (Industrial Control System) Cybersecurity Training

Tonex

Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...

promediakw

CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...

TI Safe

ICS Security 101 by Sandeep Singh

OWASP Delhi

La actualidad más candente (20)

The journey to ICS - Extended

Nozomi Fortinet Accelerate18

Nozomi Networks SCADAguardian - Data-Sheet

Nozomi Networks Q1_2018 Company Introduction

Robust Cyber Security for Power Utilities

Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...

Cyber & Process Attack Scenarios for ICS

Securing SCADA

Securing Industrial Control Systems

The Future of ICS Security Products

Protecting Infrastructure from Cyber Attacks

Cybersecurity for modern industrial systems

IT vs. OT: ICS Cyber Security in TSOs

Nozomi networks-solution brief

SCADA Security: The Five Stages of Cyber Grief

Should I Patch My ICS?

ICS (Industrial Control System) Cybersecurity Training

Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...

CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...

ICS Security 101 by Sandeep Singh

Destacado

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...

Ahmed Al Enizi

Scada Security & Penetration Testing

Ahmed Sherif

PT-DTS SCADA Security using MaxPatrol

Shah Sheikh

Abstract: Modern day cyber threats are ever increasing in sophistication and evasiveness against Process Control Networks. Organizations in the industry are facing a constant challenge to adopt modern techniques to proactively monitor the security posture within the SCADA infrastructure whilst keeping cyber attackers and threat actors at bay. In this presentation we will cover the fundamental building blocks of building a SCADA cyber security operations center with key responsibilities such as Incident Response Management, Vulnerability and Patch Management, Secure-by-design Architecture, Security Logging and Monitoring and how such security domains drive accountability and act as a line of authority across the PCN.

Building a Cyber Security Operations Center for SCADA/ICS Environments

Shah Sheikh

Overcoming Cyber Attacks

Inuit AB

The traditional security industry has somehow decided that they are the white knights who are going to save everyone from the horror of insecure powergrids, pipelines, chemical plants, and cookie factories. Suddenly, every consultant is an expert and every product is loudly advertising how it solves SCADA SECURITY AND COMPLIANCY ISSUES!!! And because they don't know what the hell they're talking about - 'fake it till ya make it' doesn't work - they're making all of us look stupid. Let's sit down for a little fireside chat and discuss all things SCADA and ICS with an eye towards increasing our knowledge to the point where we can confidently say: "I'm not an expert at everything, I can help some, may we work together on a solution?" It's time to stop being a Cyber Idiot and start being a positive contributor. Learn some truth, look behind the curtain, bust some FUD, Oh - and make government agents have kittens. That's fun for everyone.

BlackHat Europe 2010: SCADA and ICS for Security Experts

James Arlen

120213 cateura grenoble em smart grid toward which business models

Olivier CATEURA, PhD

Cyber security of smart grid communication: Risk analysis and experimental te...

sidhota

The traditional security industry has somehow decided that they are the white knights who are going to save everyone from the horror of insecure powergrids, pipelines, chemical plants, and cookie factories. Suddenly, every consultant is an expert and every product fixes SCADA. And because they don't know what the hell they're talking about -- 'fake it till ya make it' doesn't work -- they're making all of us look stupid. Attendees will gain a practical level of knowledge sufficient to keep them from appearing foolish should they choose to opine on any of the various real issues stemming from Industrial Control or SCADA systems. Attendees will also feel embarrassed for something they've said, empowered to call out charlatans, and much less worried about cyberhackers unleashing cyberattacks which cybercause cyberpipelines and cybermanufacturing plants to cybergonuts and cybertakeovertheplanet using cybercookiesofdeath.

Notacon 7 - SCADA and ICS for Security Experts

James Arlen

Cyber Security Threats to Industrial Control Systems

David Spinks

Managing The Security Risks Of Your Scada System, Ahmad Alanazy, 2012

Ahmed Al Enizi

ICS security

Ahmed Shitta

Using Assessment Tools on ICS (English)

Digital Bond

Improving SCADA Security

Narinrit Prem-apiwathanokul

Introduction to ICS/SCADA security

Cysinfo Cyber Security Community

CYBER SECURITY IN THE SMART GRID

Siva Sasthri

SCADA deep inside: protocols and security mechanisms

Aleksandr Timorin

Your SCADA system has a vulnerability, now what? I shortly summarize the DNP3 vulnerabilities (and other ICS protocols too). Then I focus on the different mitigations that an ICS owner can do to mitigate these types of protocol implementation vulnerabilities even if there is no patch or patches can't be installed. I also show the importance of doing Network Security Monitoring to help detect and respond to anomalies in ICS/SCADA networks.

BSidesAugusta ICS SCADA Defense

Chris Sistrunk

Monitoring ICS Communications

Digital Bond

Active Directory in ICS: Lessons Learned From The Field

Digital Bond

Destacado (20)

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...

Scada Security & Penetration Testing

PT-DTS SCADA Security using MaxPatrol

Building a Cyber Security Operations Center for SCADA/ICS Environments

Overcoming Cyber Attacks

BlackHat Europe 2010: SCADA and ICS for Security Experts

120213 cateura grenoble em smart grid toward which business models

Cyber security of smart grid communication: Risk analysis and experimental te...

Notacon 7 - SCADA and ICS for Security Experts

Cyber Security Threats to Industrial Control Systems

Managing The Security Risks Of Your Scada System, Ahmad Alanazy, 2012

ICS security

Using Assessment Tools on ICS (English)

Improving SCADA Security

Introduction to ICS/SCADA security

CYBER SECURITY IN THE SMART GRID

SCADA deep inside: protocols and security mechanisms

BSidesAugusta ICS SCADA Defense

Monitoring ICS Communications

Active Directory in ICS: Lessons Learned From The Field

Similar a SANS ICS Security Survey Report 2016

SANS Report: The State of Security in Control Systems Today

SurfWatch Labs

Security and Accountability in the Cloud (in partnership with SANS)

Bitglass

How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...

Kaspersky

As the SOC Manager with Cisco Active Threat Analytics (ATA), Gawel is responsible for building, growing and operating Cisco Managed Security Services SOC in Krakow, Poland and Tokyo, Japan. Before that, Gawel spent half a decade in various Architect and Consulting Security roles at Cisco. He holds numerous industry certificates, including CCIE #24987, CISSP-ISSAP, CISA, C|EH and SFCE. Gawel is a frequent speaker at IT events, such as Cisco Live! Europe/Australia, PLNOG, EuroNOG, Security B-Sides, CONFidence, Cisco Connect, Cisco Expo and Cisco Forum. Before Gawel has joined Cisco, he was a UNIX System Administrator and a Systems Engineer with one of the leading system integrators in Poland. He was also a Cisco Networking Academy Instructor. Gawel graduated from Warsaw University of Technology with degree in Telecommunications.

[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...

PROIDEA

About this webinar: Today’s electronic systems are more intelligent, more connected, and more at risk than ever before. A single vulnerability can lead to widespread system-of-systems compromises. Organizations participating in security-critical industries like Aerospace and Defense (A&D) are especially at risk. In this webinar, Christopher Rommel from VDC and Joe Jarzombek from Synopsys will discuss the results from a recent report highlighting issues facing these organizations. They will also identify what considerations need to be made for the security of software that enables and controls system functionality. https://www.brighttalk.com/webcast/11447/268705

Webinar: Systems Failures Fuel Security-Focused Design Practices

Synopsys Software Integrity Group

Three Secrets to Becoming a Mobile Security Superhero

Skycure

In this presentation, we discuss about the trend on application, cloud and cyber security. We analyze surveys on several hundred of companies to show the trend on security concerns, threats, and what controls companies are looking to do. It also introduce Pactera's cybersecurity capabilities in providing end-to-end managed services for application security testing, secure code review, penetration testing, application security - secure coding practice training, third-party supplier security risk assessment, data governance and ISO 27001 based assessments.

Pactera - Cloud, Application, Cyber Security Trend 2016

Kyle Lai

Splunk Discovery Day Dubai 2017 - Security Keynote

Splunk

Isday 2017 - Atelier Cisco

Inforsud Diffusion

Tonight, March 5th – Class 7 (last class) your “test” on ICS 210W (6,7). (100 pts) March 12 – no class research assignment due ICS210W (9,10) final cert (100, total 400) - enter the all pdfs for all 10 sessions! © 2016 Applied Control Engineering, Inc. NIST 800-82 Rev 2. 5. ICS Security Architecture 6. Applying Security Controls to ICS © 2016 Applied Control Engineering, Inc. ICS Security Architecture Network Segmentation and Segregation Logical network separation enforced by encryption or network device-enforced partitioning VLANS, Encrypted Virtual Private Networks (VPNs), Unidirectional gateways. Physical network separation to completely prevent any interconnectivity of traffic between domains. Network traffic filtering, Network layer filtering, State‐based filtering Port and/or protocol level filtering Application filtering including application-level firewalls, proxies, and content-based filters. © 2016 Applied Control Engineering, Inc. ICS Security Architecture Network Segmentation and Segregation Four common themes that implement the concept of defense-in-depth by providing for good network segmentation and segregation: Apply technologies at more than just the network layer. Each system and network should be segmented and segregated, where possible, from the data link layer up to and including the application layer. Use the principles of least privilege and need‐to‐know. If a system doesn’t need to communicate with another system, it should not be allowed to. If a system needs to talk only to another system on a specific port or protocol and nothing else–or it needs to transfer a limited set of labeled or fixed-format data, it should be restricted as such. Separate information and infrastructure based on security requirements. This may include using different hardware or platforms based on different threat and risk environments in which each system or network segment operates. The most critical components require more strict isolation from other components. In addition to network separation, the use of virtualization could be employed to accomplish the required isolation. Implement whitelisting instead of blacklisting; that is, grant access to the known good, rather than denying access to the known bad. The set of applications that run in ICS is essentially static. Look at the details and examples from section 5. This is important to your final paper! © 2016 Applied Control Engineering, Inc. 5.1 Network Segmentation and Segregation 5-1 5.2 Boundary Protection .5-3 5.3 Firewalls .5-4 5.4 Logically Separated Control Network 5-6 5.5 Network Segregation 5-7 5.5.1 Dual-Homed Computer/Dual Network Interface Cards (NIC) 5-7 5.5.2 Firewall between Corporate Network and Control Network 5-7 5.5.3 Firewall and Router between Corporate Network and Control Network 5-9 5.5.4 Firewall with DMZ between Corporate Network and Control Network . 5-10 5.5.5 Paired Firewalls between Corporate Network and Control ...

Tonight, March 5th – Class 7 (last class) your test” on ICS.docx

turveycharlyn

No one source can provide all of the data necessary for security monitoring. To be truly effective, organizations need more data, and they need it faster. Early detection of infiltration and compromise are key to response and recovery. Endpoint records are not fully network aware, and network packets can’t detail activities on host-based threats, so security professionals need both. These slides - based on the webinar featuring David Monahan, research director of security and risk management at leading IT analyst firm Enterprise Management Associates (EMA) - provides findings on how organizations are using these data types, their largest drivers for integrations and their greatest challenges in integrating the data. He will also discuss rampant bravado in network and security programs concerning their organizational maturity.

Achieving Hi-Fidelity Security by Combining Packet and Endpoint Data

Enterprise Management Associates

If you’re responsible for an application that depends on the data or functionality of various IoT endpoints—either sensors or devices—your brand reputation depends on the security, reliability, and compliance of its many integrated parts. If your application fails to deliver the expected business results, your customers and partners won't care if that failure stems from the code you developed or from a component that you integrated. What can you do to ensure that the endpoints work as expected and enhance your brand? Wayne Ariola outlines a multiphase strategy: validate each endpoint against your expectations; vet each new endpoint vs. your internal policy for security, performance, and availability; integrate simulated behavior into a test lab; simulate behavior to expand the scope of your end-to-end testing; validate it against use cases; run end-to-tests for security, functionality, performance; and manage changes with version control for test environments. Leave with guidelines for validating IoT integrity for end to end and everything in between.

IoT Integrity: A Guide to Robust Endpoint Testing

Josiah Renaudin

What kept your CISO up last night? What market forces and threats are most impactful to your peers? How will these shape the future of enterprise security? Bill Burns, Informatica CISO and former Scale Venture Partners Executive-in-Residence, formed an InfoSec investment thesis by combining his 20+ years of domain expertise with over 100 CISO peer interviews and online survey responses. In this session Bill will share his results and perspectives on what's ahead for practical enterprise security.

Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst

Bill Burns

Security in the cloud is fundamentally different. Not so much due to the technology--though there's plenty of differences there--but more with respect to the way that security is applied and how it's run. Over the past few years, we've seen a radical shift in how development and operational teams work together. Security teams have been left out in the cold and are still viewed as the "No" team. It doesn't have to be that way. Cloud technologies have enabled new work flows and models for businesses and other teams...security is no different. We just have to wake up and take advantage of the new ecosystem. When security teams embrace change, the boundaries start to dissolve and security can finally be built in instead of bolted on. In this session, we'll look at some of the challenges involved in this shift, how it impacts your teams, your skill set, and how a modern approach to defence will improve your security posture. Presented at BC Aware Day, 31-Jan-2017

Security Teams & Tech In A Cloud World

Mark Nunnikhoven

Secure Mobility from GGR Communications

GGR Communications

Estratégia de segurança da Cisco (um diferencial para seus negócios)

Cisco do Brasil

Check point response to Cisco NGFW competitive

Moti Sagey מוטי שגיא

Unveiling the most influential cloud security insights from the latest CSA and AlgoSec research. Hear what thousands of global cloud security experts are saying about their cloud and hybrid network infrastructure, responsibilities, security incidents, common pitfalls and vulnerability and risk management in the cloud. Join John Yeoh, Global Vice President of Research from the Cloud Security Alliance (CSA) and Omer Ganot from AlgoSec to find out: What companies are doing in the cloud Top security concerns and challenges faced by survey research respondents Who is ACTUALLY responsible for managing security in the cloud How organizations are managing risk and vulnerabilities The REAL contributors to network incidents in the cloud

The state of the cloud csa survey webinar

AlgoSec

Securing SCADA

Jeffrey Wang , P.Eng

How PCI And PA DSS will change enterprise applications

Ben Rothke

Similar a SANS ICS Security Survey Report 2016 (20)

SANS Report: The State of Security in Control Systems Today

Security and Accountability in the Cloud (in partnership with SANS)

How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...

[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...

Webinar: Systems Failures Fuel Security-Focused Design Practices

Three Secrets to Becoming a Mobile Security Superhero

Pactera - Cloud, Application, Cyber Security Trend 2016

Splunk Discovery Day Dubai 2017 - Security Keynote

Isday 2017 - Atelier Cisco

Tonight, March 5th – Class 7 (last class) your test” on ICS.docx

Achieving Hi-Fidelity Security by Combining Packet and Endpoint Data

IoT Integrity: A Guide to Robust Endpoint Testing

Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst

Security Teams & Tech In A Cloud World

Secure Mobility from GGR Communications

Estratégia de segurança da Cisco (um diferencial para seus negócios)

Check point response to Cisco NGFW competitive

The state of the cloud csa survey webinar

Securing SCADA

How PCI And PA DSS will change enterprise applications

Último

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Increase engagement and revenue with Muvi Live Paywall! In this presentation, we will explore the five key benefits of using Muvi Live Paywall to monetize your live streams. You'll learn how Muvi Live Paywall can help you: Monetize your live content easily: Set up pay-per-view access to your live streams and start generating revenue from your content. Increase audience engagement: Provide exclusive, premium content behind the paywall to keep your viewers engaged. Gain valuable viewer insights: Track viewer data and analytics to better understand your audience and tailor your content accordingly. Reduce content piracy: Muvi Live Paywall's security features help protect your content from unauthorized distribution. Streamline your workflow: The all-in-one platform simplifies the process of managing and monetizing your live streams. With Muvi Live Paywall, you can take control of your live stream monetization and create a sustainable business model for your content. Learn more about Muvi Live Paywall and start generating revenue from your live streams today!

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Roshan Dwivedi

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Scaling API-first – The story of a global engineering organization

Radu Cotescu

SANS ICS Security Survey Report 2016

1. Security in Industrial Control Systems Today: A SANS Survey Webcast Sponsored by Anomali, Arbor Networks, Belden, and Carbon Black © 2016 The SANS™ Institute – www.sans.org Survey and Report Authors: • Derek Harp, SANS Director, ICS Security • Bengt Gregory-Brown, SANS Analyst

4. © 2016 The SANS™ Institute – www.sans.org Top ICS Threat Vectors 4 0% 10% 20% 30% 40% 50% 60% 70% External hacktivists, nation states Internal-Unintentional Malware Phishing IT/OT Integration Internal-Intentional Supply chain/Partners First Second Third For the full report, see: http://bit.ly/SANSICSSecRep2016

5. © 2016 The SANS™ Institute – www.sans.org Lack of Visibility into ICS Networks 5 26.6% 13.0% 52.0% 3.4% 5.1% Have your control system cyber assets and/or control system network ever been infected or infiltrated? Yes No, we’re sure we haven’t been infiltrated Not that we know of We’ve had suspicions but were never able to prove it We don’t know and have no suspicions For the full report, see: http://bit.ly/SANSICSSecRep2016

6. © 2016 The SANS™ Institute – www.sans.org Recent ICS Security Breaches 6 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 1 to 2 3 to 5 6 to 10 11 to 25 26 + Unknown How many times did such events occur in the past 12 months? 2014 2015 2016 For the full report, see: http://bit.ly/SANSICSSecRep2016

7. © 2016 The SANS™ Institute – www.sans.org Most Recent ICS Security Assessment 7 26% 42% 31% In past 3 months in past 4-12 months More than 1 year ago/Never For the full report, see: http://bit.ly/SANSICSSecRep2016

8. © 2016 The SANS™ Institute – www.sans.org Security Standards Mapping 8 47% 37%34% 27% 24% Select all cybersecurity standards you use NIST Guide to SCADA and Industrial Control Systems Security 20 Critical Security Controls NERC CIP ISO 27000 series including 27001 and others ISA99 (Industrial Automation and Control Systems Security) For the full report, see: http://bit.ly/SANSICSSecRep2016

9. © 2016 The SANS™ Institute – www.sans.org Top ICS Security Initiatives 9 0% 10% 20% 30% 40% 50% Implementation of greater controls over mobile devices/wireless communications Acquisition of additional skilled staff Implementation of intrusion detection tools Implementation of anomaly detection tools Staff training and certification Security assessment Security awareness training For the full report, see: http://bit.ly/SANSICSSecRep2016

10. © 2016 The SANS™ Institute – www.sans.org ICS Security Certification 10 66% 28% 12% 10% 6% Please indicate what certifications you hold. Select all that apply. Industrial Cyber Security Certification (GICSP) ISA99 Cybersecurity Fundamentals Specialist Certificate IACRB Certified SCADA Security Architect (CSSA) ISA Security Compliance Institute (ISCI) System Security Assurance (SSA) Certification ISA Security Compliance Institute (ISCI) Embedded Device Security Assurance (EDSA) Certification For the full report, see: http://bit.ly/SANSICSSecRep2016

11. © 2016 The SANS™ Institute – www.sans.org ICS Components at Greatest Risk 11 0% 20% 40% 60% Computer assets running commercial OS Connections to business systems Network devices Connections to field SCADA network Wireless devices/protocols Control system communication protocols Control system applications For the full report, see: http://bit.ly/SANSICSSecRep2016

12. © 2016 The SANS™ Institute – www.sans.org Top ICS Security Tools/Technologies 12 In Use Planned Tool Used By Tool Planned By Anti-malware/ Antivirus 80% Anomaly detection tools 35% Physical controls for access to control systems and networks 73% Control system enhancements/Upgrade services 33% Use of zones or network segmentation 71% Application whitelisting 32% Monitoring and log analysis 65% Vulnerability scanning 31% Technical access controls 63% Intrusion prevention tools on control systems and networks 29% For the full report, see: http://bit.ly/SANSICSSecRep2016

13.

14. ICS Security Annual Survey 2016 Report: http://bit.ly/SANSICSSecRep2016 ICS Security Survey 2016 Report Webcast: http://bit.ly/SANSICSSecCast2016 Upcoming ICS Webcasts Sep 7: Incorporating ICS Cybersecurity Into Water Utility Master Planning with Jason Dely Sep 28: The GICSP: A Keystone ICS Security Certification with Mike Assante, Derek Harp, Scott Cassity, et al Oct 4: ICS Cyber Security as a Business Investment with Austin Scott Nov 2: Securing OT in an IT World with Derek Harp and Bengt Gregory-Brown Sponsored by Wurldtech/GE Dec 6: Advanced Persistent Trickery in ICS Defense with Bryce Galbraith

SANS ICS Security Survey Report 2016

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (20)

Similar a SANS ICS Security Survey Report 2016

Similar a SANS ICS Security Survey Report 2016 (20)

Último

Último (20)

SANS ICS Security Survey Report 2016