SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY

tel.: +7 (495) 980 67 76http://www.DialogNauka.ru

yad@dials.ru

Dmitry Yarushevskiy | CISA | CISMHead of ICS Cyber security departmentJSC DialogueScience

2

JSC DialogueScience

JSC DialogueScience, established in 1992 is a system integrator in the information security field, one of the leading Russian provider of IT security services, products and solutions.

We have good experience in designing, development and implementation of cybersecurity systems and solutions on critical infrastructure and industrial objects, including power generation and power distribution sector.

.

SOMETHING INTANGIBLE, BUT REAL

I. LACK OF EXPERTISE AND COMMUNICATION

5

LACK OF EXPERTISE

First issue is LACK OF EXPERTISE AND COMMUNICATION

Automation don’t understand security

Security don’t understand automation

6

7

Cyber security is a serious business!

ICS Cyber Security is too complicated to be managed by only security personnel or only but automation engineers

Only well-balanced team of experts in different fields of knowledge could be effective in cyber security

Before starting cyber security program or implementing security system, ask yourself “Who will manage it?”

II. LACK OF RIGHTS TO ACT

9

Lack of rights to act

When cyber security staff finds that malicious activity or attack, perhaps, happening right now…

What they can do?

• Lack of well-studied scenarios• Not clear understandable consequences• Hard to calculate likelihood

10

Who will be responsible

Shutting down power grid control center because of feeling “that something going wrong” can be a definitely bad idea.

OR NOT?

vs

11

Lack of rights to act

To be effective cyber security staff, should clearly understand which actions and measures are allowed to apply and when, and which are not. And which actions are vital

Management and automation engineers also

Usually they all do not

(Risk analysis and BCP could help)

III. Focus on too sophisticated solutions

13

Focus on too sophisticated solutions instead of using embedded features

14

Modern PLC are far away from their roots

15

Embedded security features

There are a lot of “common” security features are embedded in some PLC now:

• Access control with strong authentication;• RADIUS• Logging and SNMP• Firewall• VPN client

CONCLUSION

17

At least three interesting question

There are at least three questions, that you should ask during establishing cyber security program:

• Who will manage it?

• What they are allowed to do, and what the must do in case they suspect an attack?

• Are there some cool security features already embedded in your PLC or SCADA?

Thanks for your time!

Dmitry Yarushevskiy CISA, CISM

Head of ICS Cyber security departmentJSC DialogueScience

Dmitry.yarushevskiy@dialognauka.ruyad@dials.ru

Cell: +7 (916) 677 3763