Post on 09-Jun-2018
transcript
© ABB GroupJanuary 16, 2013 | Slide 1
Cyber Security SeminarCyber Security fingerprints
Per Larsen, ABB, Skovlunde og Fredericia januar 2013
© ABB GroupJanuary 16, 2013 | Slide 2
ABB ServicePortSecure portal at customer site that delivers:
Configuration toolsDiagnostic applicationsImprovement activitiesScheduled optimizationCondition monitoringRemote tools
SupportLineSolutionsBankBenefits
Secure access to diagnosticsReduces time and costs for on-site serviceFast access to ABB experts
ABB Process Automation ServicesRemote-enabled services through ABB ServicePortTM
© ABB GroupJanuary 16, 2013 | Slide 3
ABB Process Automation ServicesRemote-enabled services through ABB ServicePortTM
© ABB GroupJanuary 16, 2013 | Slide 4
Cyber Security FingerprintDiagnose, implement and sustain
System Potential
Time
Manage Performance Gap
Diagnose Implement Sustain
© ABB GroupJanuary 16, 2013 | Slide 5
Cyber Security FingerprintService with a defined scope
Benefits:Consistent – same everywhereHigh and even qualityRepeatableBased on best practicies
• Data
• Collect
• Store
• View
• Analyze
• Interpret
• Report
© ABB GroupJanuary 16, 2013 | Slide 6
Cyber Security FingerprintWhat does the fingerprint do?
Provides a comprehensive view of your site’s cyber security status
Identifies strengths and weaknesses for defending against an attack within your plant’s control systems
Reduces potential for system and plant disruptions
Increases plant and community protection
Supplies a solid foundation from which to build a sustainable cyber security strategy
It does NOT make the system completely secure.
© ABB GroupJanuary 16, 2013 | Slide 7
Antivirus SolutionsSecurity UpdatesAccount ManagementComputer PoliciesMicrosoft FirewallProcedures and PoliciesPhysical Security
Cyber Security FingerprintSecurity in depth
© ABB GroupJanuary 16, 2013 | Slide 8
Cyber Security FingerprintKey Performance Indicators
© ABB GroupJanuary 16, 2013 | Slide 9
Cyber Security Fingerprint
No installation
No license
Only collect data
All collected data is encrypted
Data supports interviews with key plant personnel
Security Logger Data Collection Tool
© ABB GroupJanuary 16, 2013 | Slide 10
Cyber Security Fingerprint
Browse all collected dataGenerate reportThe only tool that can read the encrypted fileHelp during hardening
Security Analyzer Tool
© ABB GroupJanuary 16, 2013 | Slide 11
Cyber Security Fingerprint
After raw data is collected with the security logger, it’s compared to the Control System Master Profile to determine where recommendations are needed. If the customer’s data shows the setting to be below standard, the description and recommendation are included in the report
Data collection
Setting Description RecommendationMinimum password age
There should be a predetermined amount of days a password must be used before the user is allowed to change it. The number of days can vary between 1 and 998 days, or the user can input 0 to change the password immediately. If a user does not set a minimum password age, he or she can use passwords repeatedly.
Set the minimum password age value greater than or equal to one day.
© ABB GroupJanuary 16, 2013 | Slide 12
Cyber Security FingerprintReport with recommendations and action plan
© ABB GroupJanuary 16, 2013 | Slide 13
Cyber Security Fingerprint
While the Fingerprint is an indicator of your security status at a given time, any system, no matter how many precautions are taken, can be compromised.
Report: Risk Profile
© ABB GroupJanuary 16, 2013 | Slide 14
Cyber Security FingerprintSchedule of activities
Analysis (off-site)
Delivery (off-site)
Day 1 - 3Project introduction meetingSet up data collection softwareInterview key plant personnel
Check data and make configurations accordingly
Complete data collection
Day 4Data Analysis
Day 5Complete reportExpert reviewPresent findings and recommended actions
Information Gathering
© ABB GroupJanuary 16, 2013 | Slide 15
Data sheetSchedule of activities
© ABB GroupJanuary 16, 2013 | Slide 16