Managing and Maintaining Implemented Security Measures is ......Automation Perimeter Firewalls •...

Managing and Maintaining Implemented Security Measures

is Critical when Building a Cyber Defense Program Harry Brian and Florian Forster

Manufacturing in America │ March 20-21, 2019

Unrestricted © Siemens 2019

Unrestricted

for

Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.

Challenges for our Customers Productivity, Cost Pressure and Regulations

Protect Productivity

Reduce cost

Comply to regulations

• Externally caused incidents

through increasing connectivity

• Internal misbehavior

• The evolving Threat Landscape

• For qualified personnel

• For essential Security

Technologies

• Reporting Requirements

• Minimum Standards

• Security Know-how

Protect

against

Costs

Comply

to

Page 2 V4.0


The ever-changing threat landscape

Cybersecurity laws and

Regulations Internet of

Things

Professional

Hackers Vulnerabilities

§

§ §

§

Page 3 V4.0


Evolution of the cyber threat landscape

Digital Information Processing Digital Connectivity Digital Automation and Intelligence

1950s – 1960s 1980s 2015 1999 2010s 1970s 1991 1990s 2020s 2000s

Home computer is introduced

Computers make their way

into schools, homes, business

and industry

Digital enhancement of

electrification and automation

The World Wide Web becomes

publicly accessible

The globe is connected

by the internet

Mobile flexibility

Cloud computing enters the

mainstream

Internet of Things, Smart

and autonomous systems,

Artificial Intelligence, Big Data

Industry 4.0

Military, governments and other

organizations implement

computer systems

AOHell

Cryptovirology

Level Seven Crew hack

Denial of service attacks

Cloudbleed

sl1nk SCADA hacks Infineon/TPM

Meltdown/Spectre

AT&T Hack

Blue Boxing

Morris Worm Phishing Targeting Critical

Infrastructure

NotPetya

Industroyer/Chrashoverride

WannaCry Cyberwar

Stuxnet

The threat landscape keeps growing and

changing and attackers are targeting industrial

and critical infrastructures

Page 4 V4.0


Challenges are similar but reality is very different in IT and Industrial

(OT) Security

IT Security Industrial Security

3-5 years

Forced migration (e.g. PCs, smart phone)

High (> 10 “agents” on office PCs)

Low (~2 generations, Windows 7 and 10)

Standards based (agents & forced patching)

20-40 years

Usage as long as spare parts available

Low (old systems w/o “free” resources)

High (from Windows 95 up to 10)

Case and risk based

Asset lifecycle

Software lifecycle

Options to add security SW

Mix of Operating Systems

Main protection concept

Page 5 V4.0


Conventional malware/virus outbreaks

Ransomware attacks

Data leaks & spying

Hardware failure

Sabotage from internal or external actors

Employee errors/unintentional actions

Connected devices security incidents

Industrial software errors

Threats from third parties, such as supply chain or partners

Challenges and drivers Most critical threats to Industrial Control systems

Operating systems

End of Support1

Windows NT 4.0 30. June 2004

Windows XP 08. April 2014

Windows 7 14. January 2020

Windows 10 14. October 2025

Page 6 V4.0

1 Source © Microsoft


Solutions Mitigating Industrial Control System Threats

Page 7 V4.0

Assess Implement Manage

Evaluation of the current security

status of an ICS environment

Risk mitigation through

implementation of

security measures

Comprehensive security through

monitoring and vulnerability

management



Page 8 V4.0


Gain transparency of current threats/vulnerabilities

Check against the best security standards

Prioritize suitable security measures

Inventory the assets and software versions used in automation environment



Page 9 V4.0


Security Awareness Training

• Create security awareness to shop-floor personnel

Automation Perimeter Firewalls

• First line of defense against highly developed threats

Application Whitelisting

• Protection of outdated Windows systems – no need for pattern or signature updates

Antivirus

• Protection against viruses, worms, rootkits, trojans and other malware threats

Anomaly Detection

• Continuous & proactive identification of changes (anomalies) in the system



Page 10 V4.0


Vulnerability Tracking

• Efficiently manage vulnerabilities to maximize production availability

Patch Management

• Regular and prompt installation of approved security patches are a vital element of a

comprehensive security concept


Assess Security

Evaluation of the current security

status of an ICS environment

Implement Security

Risk mitigation through

implementation of

security measures

Manage Security

Comprehensive security through

monitoring and vulnerability

management

Page 11 V4.0

Industrial Security Services Solution portfolio


Industrial Security Services Solution portfolio

• Industrial Security Monitoring

• Industrial Vulnerability Manager

• Patch Management

• Remote Incident Handling

• Security Awareness Training

• Industrial Security Consulting

• Automation Firewall

• Application Whitelisting

• Antivirus

• Industrial Anomaly Detection

• Industrial Security Monitoring

Solution

• Industrial Security Check

• IEC 62443 Assessment

• ISO 27001 Assessment

• Risk & Vulnerability Assessment

• Scanning Services

Page 12 V4.0


For our Customers

Siemens …

We offer a complete portfolio of Industrial Security products and services

Our processes and products are proven and certified

… is the partner to drive secure Digitalization

We understand

Digitalization

We have industry Know-how

We understand Industrial Communication

Digitalization without security is not possible!

Page 13 V4.0


Questions?

Harry Brian

Business Development, Industrial Security Services

Johnson City, TN

Phone: 423-213-0577

E-mail: [email protected]

Florian Forster

Business Development & Regional Management, Industrial

Security Services

Erlangen, DE

Phone: +49 172 5809072

E-mail: [email protected]


Security Information

Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems,

machines and networks.

In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously

maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a

concept.

Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and

components should only be connected to the enterprise network or the internet if and to the extent necessary and with

appropriate security measures (e.g. use of firewalls and network segmentation) in place.

Additionally, Siemens’ guidance on appropriate security measures should be taken into account. For more information about

industrial security, please visit http://www.siemens.com/industrialsecurity.

Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to

apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no

longer supported, and failure to apply latest updates may increase customer’s exposure to cyber threats.

To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under

http://www.siemens.com/industrialsecurity.

Page 15 V4.0

http://www.siemens.com/industrialsecurity

http://www.siemens.com/industrialsecurity

Date post:	30-Aug-2020
Category:	Documents
Upload:	others
View:	5 times
Download:	0 times

Managing and Maintaining Implemented Security Measures is ......Automation Perimeter Firewalls •...

Documents