Presentation is loading. Please wait.

Presentation is loading. Please wait.

Map.norsecorp.com If possible I like starting off with a view of a live attack screen. Very effective means of conveying the compelling need for cybersecurity.

Published byDaniella Farmer Modified over 9 years ago

Similar presentations

Presentation on theme: "Map.norsecorp.com If possible I like starting off with a view of a live attack screen. Very effective means of conveying the compelling need for cybersecurity."— Presentation transcript:

1 map.norsecorp.com If possible I like starting off with a view of a live attack screen. Very effective means of conveying the compelling need for cybersecurity. If I’m using my PC I can set this up easily.

2

3 NC AWWA-WEA Automation Committee Don Dickinson Phoenix Contact USA

4 Agenda Growing need for cybersecurity Protecting critical infrastructure Key Standards & Guidance for Cybersecurity AWWA G430-14 Security Practices for Operation & Management NIST SP 800-82 Guide to Industrial Control System (ICS) Security ISA 62443-2-1 Security for Industrial Automation & Control Systems (IACS) Why a business case is needed How to develop a business case NC AWWA-WEA Automation Committee

5 Security breaches are inevitable… Mandiant – A FireEye ™ Company Being a headline is not ®

6 Tough questions after attack… Could you have done more to prevent this attack? Will I lose my job? What is the impact on public safety? What is the environmental impact? How will this impact your requests for funding? What are the expected costs of fines and litigation? How will this impact the public’s confidence in your utility?

7 the Cyber end is near Easy to sound like an alarmist… NC AWWA-WEA Automation Committee

8 JPMorgan Chase

9 Nation-State Attacks (by Russia, China, N Korea, many others including US) Extortion (Sony) Data Destruction (Sony, Saudi Aramco) Bank Card & Personal Data Breaches (US Office of Personnel Mgmt (22M affected), Anthem Health (80M), Premera Blue Cross (11M), JP Morgan Chase (76M), Home Depot (56M), Target (40M), many others) Third-Party Breaches (Target - HVAC connection, Home Depot – stolen vendor credentials) Critical Infrastructure (Telvent, Saudi Aramco, Iranian Nuclear Facilities, others) Security Threats NC AWWA-WEA Automation Committee

10 Attacks double on SCADA in 2014 source: 2015 Dell Security Annual Threat Report

11 “Everyone knows the threats are real and the consequences dire, so we can no longer blame lack of awareness for the attacks that succeed.” Patrick Sweeney, Executive Director Dell Security NC AWWA-WEA Automation Committee

12 Why isn’t security a bigger focus? NBC Los Angeles: NewsChopper4 captures geyser blowing through Sunset Boulevard, flooding UCLA campus July 29, 2014

13 More pressing concerns…

14 Protecting Critical Infrastructure Presidential Policy Directive – Critical Infrastructure Security and Resilience ( PPD-21, February 12, 2013 ) Cyber threat to critical infrastructure continues to grow One of the most serious national security challenges for the US Critical infrastructure must be secure and able to withstand and rapidly recover from all hazards NC AWWA-WEA Automation Committee

15 Key Security Standards & Guidance ANSI / AWWA G430-14 Security Practices for Operation and Management NIST Special Publication 800-82 rev 2: Guide to Industrial Control Systems (ICS) Security ANSI / ISA-62443-2-1 Security for Industrial Automation and Control Systems: Establishing an IACS Security Program NC AWWA-WEA Automation Committee

16 Pur pose is to define the minimum requirements for protective security program for a water or wastewater utility that will promote the protection of employee safety, public health, public safety, and public confidence. NC AWWA-WEA Automation Committee ANSI / AWWA G430-14 Security Practices for Operation and Management

17 Requirements: Section 4.0 4.1 Explicit commitment to securit y 4.1.1 Explicit and visible commitment of senior leadership to security. The utility shall establish an explicit, visible, easily communicated, enterprise-wide commitment to security. This shall be represented by the development of a security plan, by policies, and by other documents that make security a part of daily operations visible to employees and customers. NC AWWA-WEA Automation Committee ANSI / AWWA G430-14 Security Practices for Operation and Management

18 NIST SP 800-82 Rev 2 Guide to Industrial Control Systems (ICS) Security Purpose is to provide guidance for securing industrial control systems (ICS), including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other systems performing control functions. NC AWWA-WEA Automation Committee

19 4.1 Business Case for Security The first step in implementing an information security program for ICS is to develop a compelling business case for the unique needs of the organization. The business case provides the business impact and financial justification for creating an integrated information security program. NC AWWA-WEA Automation Committee NIST SP 800-82 Rev 2 Guide to Industrial Control Systems (ICS) Security

20 ANSI/ISA–62443-2-1 (99.02.01) – 2009 Establishing an Industrial Automation and Control Systems Security Program  Describes the elements of a Cyber Security Management System (CSMS)  Elements relate to policy, procedures, practices and personnel ISA-62443 Security for Industrial Automation and Control Systems (IACS) NC AWWA-WEA Automation Committee

21 4.2.2 DESCRIPTION: A business rationale is based on the nature and magnitude of financial, health, safety, environmental, and other potential consequences should IACS cyber events occur. RATIONALE: Establishing a business rationale is essential for an organization to maintain management buy-in to an appropriate level of investment for the IACS cybersecurity program. ISA 62443-2-1 Develop a business rationale NC AWWA-WEA Automation Committee

22 ISA 62443-2-1 Develop a business rationale 4.2.2.1 REQUIREMENTS: Develop a business rationale The organization should develop a high-level business rationale as a basis for its effort to manage IACS cyber security, which addresses the unique dependence of the organization on IACS. NC AWWA-WEA Automation Committee

23 Annex A (informative) Guidance for developing the elements of a CSMS Description of element Element-specific information Supporting practices Baseline practices Additional practices Resources used ISA 62443-2-1 Develop a business rationale NC AWWA-WEA Automation Committee

24 A.2.2.3 Key components of business rationale Prioritize business consequences – What events would have the greatest impact on the organization? Prioritize threats – Which are the most credible? Estimated annual business impact – What is the business impact, if possible, in financial terms? Cost – What is the estimated cost of the human effort and technical countermeasures that the business rationale intends to justify? ISA 62443-2-1 Develop a business rationale NC AWWA-WEA Automation Committee

25 Answers for tough questions… Could you have done more to prevent this attack? Just 2 years till retirement! Because we have a comprehensive security plan we were able to detect the cyber activity early and implement countermeasures quickly to mitigate it. As a result the impact on public safety, the environment and our operations were minimized.

26 Key points on cybersecurity Security is a process not a task! Journey not a destination! Security is not an absolute! It’s a matter of degree. Neither practical nor feasible to fully mitigate all risks. Must allocate available resources as efficiently as possible. The responsibility of protecting IACS from cyber events belongs to the people who operate and maintain these systems. Goal: Risk management for critical infrastructure. NC AWWA-WEA Automation Committee

27 Easy questions for me? NC AWWA-WEA Automation Committee

28 Don Dickinson Senior Business Development Manager – Water Sector Phoenix Contact USA Contact information: e-mail: ddickinson@phoenixcon.comddickinson@phoenixcon.com Phone: 800-888-7388, ext 3868 White Paper: Making a Business Case for Cybersecurity Presenter NC AWWA-WEA Automation Committee

Download ppt "Map.norsecorp.com If possible I like starting off with a view of a live attack screen. Very effective means of conveying the compelling need for cybersecurity."

Similar presentations

How Will it Help Me Do My Job?

How Will it Help Me Do My Job?
Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
Module N° 7 – SSP training programme

Module N° 7 – SSP training programme
Module N° 4 – ICAO SSP framework

Module N° 4 – ICAO SSP framework
CDCs 21 Goals. CDC Strategic Imperatives 1. Health impact focus: Align CDCs people, strategies, goals, investments & performance to maximize our impact.

CDCs 21 Goals. CDC Strategic Imperatives 1. Health impact focus: Align CDCs people, strategies, goals, investments & performance to maximize our impact.
Department of Homeland Security Site Assistance Visit (SAV)

Department of Homeland Security Site Assistance Visit (SAV)
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 

Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
National Infrastructure Protection Plan

National Infrastructure Protection Plan
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.

Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
Reliability Centered Maintenance From a Data Center Perspective March 2013.

Reliability Centered Maintenance From a Data Center Perspective March 2013.
Greg Shaw 202-994-6736 How do we turn private sector preparedness into an investment rather than a cost of doing.

Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
The Need for an Integrated View of Water Quality Modeling and Monitoring Bruce Kiselica USEPA, Region 2 Second Workshop on Advanced Technologies in Real.

The Need for an Integrated View of Water Quality Modeling and Monitoring Bruce Kiselica USEPA, Region 2 Second Workshop on Advanced Technologies in Real.
Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Similar presentations

Ads by Google