industry information live
play

Industry Information Live Beskyt produktiviteten med Industrial - PowerPoint PPT Presentation

Nov 24, 2022 •165 likes •905 views

Industry Information Live Beskyt produktiviteten med Industrial Security www.siemens.dk/di-webinarer Dagens vrter Morten Kromann Technology Specialist Lars Peter Hansen Per Christiansen Technology Specialist Manager Q&A Jesper

  1. Industry Information Live Beskyt produktiviteten med Industrial Security www.siemens.dk/di-webinarer

  2. Dagens værter Morten Kromann Technology Specialist Lars Peter Hansen Per Christiansen Technology Specialist Manager Q&A Jesper Kristiansen Kim Meyer Jacobsen Q&A Moderator

  3. Agenda Beskyt produktiviteten med Industrial Security • Who are we? • How do we start? • The standard • Operational guidelines • Getting specific

  4. Way more information – NO spam …! Web meeting Webinar Training Topic #1 Web meeting Services Topic #2 YouTube Web meeting Topic #n

  5. Who are we? What do we do?

  6. Taking cyber threats seriously With > 30 million automated systems, > 75 million contracted smart meters and > one million Cloud connected products in the field”

  7. Charter of Trust Leading global companies and organizations working together to make the digital world of tomorrow safer More info: www. charter-of-trust.com

  9. NATO Cooperative Cyber Defense Centre of Excellence More info: https://ccdcoe.org/exercises/locked-shields/

  10. So… How do we start?

  11. Caught between regulation , requirements , and standards NERC CIP BDSG NIS directive WIB ISO 27032 ISA 99 NIST IEC 62443 ANSSI

  13. IEC 62443

  14. IEC 62443 gives us the ability to communicate in an unambiguous way

  15. IEC 62443 based on a holistic Defense in depth concept

  16. IEC 62443 Defense in depth Plant security Network security System integrity

  17. Plant security Plant Physical access protection Processes and guidelines Security service protecting production plants

  18. Network security Segmentation Cell protection, DMZ and remote access Firewall and VPN Asset and Network Management

  19. System integrity System hardening Authentication and user administration Patch management Logging and Monitoring Detection of attacks

  20. IEC 62443 Focus on the interfaces between all stakeholders Operator , Integrators , and Manufacturers

  21. IEC 62443 Is scalable Page 21

  22. IEC 62443 provides system design guidelines

  23. IEC 62443 Addresses the entire life cycle

  24. IEC 62443 provides a complete Cyber Security Management System

  25. Risk analysis Business rationale Risk identification classification and assessment Review, improve and maintain the CSMS Conformance Monitoring and improving the CSMS

  26. Risk methods and frameworks “A good overview” More info : https://www.ncsc.gov.uk/collection/risk-management-collection/component-system-driven-approaches/understanding-component-driven-risk-management

  27. Getting started The IEC62443/ISO27001 based method Development and Risk Implementation of Assessment Protection Concept Identification and Definition of Definition of Business Impact Assessment Scope Target Level

  28. Cybersecurity Life Cycle Assess phase 1. High-level Cyber Risk Assessment 2. Allocation of IACS Assets to Zones or Conduits 3. Detailed Cyber Risk Assessment

  29. Cybersecurity Life Cycle Develop & implement phase 4. Cybersecurity Requirements Specification 5. Design and Engineering of countermeasures or other means of risk reduction 6. Installation, commissioning and validation of countermeasures

  30. Cybersecurity Life Cycle Maintain phase 7. Maintenance, Monitoring and Management of change 8. Incident Response and Recovery

  31. The… Standard

  32. The structure of IEC 62443? 1-2 Master glossary 1-4 IACS General 1-1 Terminology, 1-3 System security of terms and security lifecycle and use- compliance metrics concepts and models abbreviations cases Policies and procedures 2-4 Security program 2-1 Security program 2-3 Patch 2-2 IACS security requirements for IACS service requirements for IACS asset management in the program ratings providers owners IACS environment 3-3 System security System 3-2 Security risk assessment 3-1 Security technologies for requirements and security and system design IACS levels Definition and metrics 4-2 Technical security 4-1 Secure product Compo- nents requirements for IACS Processes / procedures development lifecycle components requirements Functional requirements

  33. Protection Levels are the key criteria and cover security functionalities and processes Security process Security functions • Based on IEC 62443-2-4 • Based on IEC 62443-3-3 Protection Level and ISO27001 • Security Level 1 - 4 • Maturity Level 1 - 4 (PL)

  34. Protection Levels are the key criteria and cover security functionalities and processes PL 1 4 Maturity Level PL 2 3 PL 3 2 PL 4 1 Security Level

  35. Protection Levels PL 1 Protection against casual or coincidental violation Protection against intentional violation using simple means PL 2 with low resources, generic skills and low motivation Protection against intentional violation using sophisticated PL 3 means with moderate resources, IACS specific skills and moderate motivation Protection against intentional violation using sophisticated PL 4 means with extended resources, IACS specific skills and high motivation

  36. Consequences – Some randomly selected points Use of VLAN, network hardening, managed switches and PL 1 capability to backup are mandatory … A distributed Firewalls concept has to be implemented PL 2 Inventory and Network Management are mandatory Capability to automate the backup are mandatory … PL 3 Even more… PL 4 Even way more…

  37. IEC 62443-3-3 Defines security 7 Foundational Requirements requirements for FR 1 – Identification and authentication control industrial FR 2 – Use control control systems FR 3 – System integrity FR 4 – Data confidentiality FR 5 – Restricted data flow FR 6 – Timely response to events FR 7 – Resource availability

  38. FR 1 – Identification and authentication control System Requirement Overview (Part 1) SRs und REs SL 1 SL 2 SL 3 SL 4     SR 1.1 – Human user identification and authentication    SR 1.1 RE 1 – Unique identification and authentication   SR 1.1 RE 2 – Multifactor authentication for untrusted networks  SR 1.1 RE 3 – Multifactor authentication for all networks    SR 1.2 – Software process and device identification and authentication   SR 1.2 RE 1 – Unique identification and authentication     SR 1.3 – Account management   SR 1.3 RE 1 – Unified account management     SR 1.4 – Identifier management     SR 1.5 – Authenticator management   SR 1.5 RE 1 – Hardware security for software process identity credentials     SR 1.6 – Wireless access management    SR 1.6 RE 1 – Unique identification and authentication

  39. FR 1 – Identification and authentication control System Requirement Overview (Part 2) SRs und REs SL 1 SL 2 SL 3 SL 4     SR 1.7 – Strength of password-based authentication   SR 1.7 RE 1 – Password generation and lifetime restrictions for human users  SR 1.7 RE 2 – Password lifetime restrictions for all users    SR 1.8 – Public key infrastructure certificates    SR 1.9 – Strength of public key authentication   SR 1.9 RE 1 – Hardware security for public key authentication     SR 1.10 – Authenticator feedback     SR 1.11 – Unsuccessful login attempts     SR 1.12 – System use notification     SR 1.13 – Access via untrusted networks    SR 1.13 RE 1 – Explicit access request approval

  40. FR 2 – Use control System Requirement Overview (Part 1) SRs und REs SL 1 SL 2 SL 3 SL 4     SR 2.1 – Authorization enforcement    SR 2.1 RE 1 – Authorization enforcement for all users    SR 2.1 RE 2 – Permission mapping to roles   SR 2.1 RE 3 – Supervisor override  SR 2.1 RE 4 – Dual approval     SR 2.2 – Wireless use control   SR 2.2 RE 1 – Identify and report unauthorized wireless devices     SR 2.3 – Use control for portable and mobile devices   SR 2.3 RE 1 – Enforcement of security status of portable and mobile devices     SR 2.4 – Mobile code   SR 2.4 RE 1 – Mobile code integrity check     SR 2.5 – Session lock

  41. FR 2 – Use control System Requirement Overview (Part 2) SRs und REs SL 1 SL 2 SL 3 SL 4    SR 2.6 – Remote session termination   SR 2.7 – Concurrent session control     SR 2.8 – Auditable events   SR 2.8 RE 1 – Centrally managed, system-wide audit trail     SR 2.9 – Audit storage capacity   SR 2.9 RE 1 – Warn when audit record storage capacity threshold reached     SR 2.10 – Response to audit processing failures    SR 2.11 – Timestamps   SR 2.11 RE 1 – Internal time synchronization  SR 2.11 RE 2 – Protection of time source integrity   SR 2.12 – Non-repudiation  SR 2.12 RE 1 – Non-repudiation for all users

Recommend

Industry Information Live Fremtidens visualiseringsplatform WinCC Unified Vrter: Kim

Industry Information Live Fremtidens visualiseringsplatform WinCC Unified Vrter: Kim

Industry Information Live Fremtidens visualiseringsplatform WinCC Unified Vrter: Kim Meyer-Jacobsen og Per Mller Hemmingsen Siemens Digital Industrien Velkommen Side 2 April 2020 Industry Information Live Fremtidens

720 views • 46 slides
Industry Information Live Maskinsikkerhed med TIA-portalen integreret og skalerbart Vrter

Industry Information Live Maskinsikkerhed med TIA-portalen integreret og skalerbart Vrter

Industry Information Live Maskinsikkerhed med TIA-portalen integreret og skalerbart Vrter Ole Dyval og Kim Meyer-Jacobsen Siemens Digital Industries Dagens vrter Kim Meyer-Jacobsen - Technology Specialist Ole Dyval - Technology

922 views • 54 slides
Industry Information Live Spar tid og penge med Simatic Robot Integrator Vrter: Sren Jakobsen

Industry Information Live Spar tid og penge med Simatic Robot Integrator Vrter: Sren Jakobsen

Industry Information Live Spar tid og penge med Simatic Robot Integrator Vrter: Sren Jakobsen og Simon Sonne Siemens Digital Industrien Webinar Spar tid og penge med Simatic Robot Integration Hvorfor Robot integration i Simatic?

747 views • 46 slides
Industry 4.0 - the way we live, work and relate to one another. In its scale, scope and

Industry 4.0 - the way we live, work and relate to one another. In its scale, scope and

We stand on the brink of technological revolution that will fundamentally alter Industry 4.0 - the way we live, work and relate to one another. In its scale, scope and Opportunities and complexity, the transformation will be Challenges for

282 views • 16 slides
How Commerce & Industry Shaped the Mails The U.S. Special Handling Service: Live

How Commerce & Industry Shaped the Mails The U.S. Special Handling Service: Live

How Commerce & Industry Shaped the Mails The U.S. Special Handling Service: Live Chicks And so much more Require First Class Treatment Friday, September 16, 2011 Robert G. Rufe, President Brandyw ine Valley Stamp Club

796 views • 52 slides
#1 Go Live Date Christina Kim 2 1 10/4/18 GO LIVE INFORMATION DECEMBER 1, 2019 New

#1 Go Live Date Christina Kim 2 1 10/4/18 GO LIVE INFORMATION DECEMBER 1, 2019 New

10/4/18 USP <800> THE TOP 10 THINGS YOU NEED TO KNOW Christina Coleman Kim, PharmD University of New Mexico Hospitals #1 Go Live Date Christina Kim 2 1 10/4/18 GO LIVE INFORMATION DECEMBER 1, 2019 New Mexico Board of

544 views • 23 slides
Offic e r I nvo lve d Bla c k live s ma tte r, Blue live s ma tte r, All live s ma tte r

Offic e r I nvo lve d Bla c k live s ma tte r, Blue live s ma tte r, All live s ma tte r

APNA 30th Annual Conference Session 3046: October 21, 2016 Assumptio ns T his to pic c a n b ring up a lo t o f e mo tio ns Offic e r I nvo lve d Bla c k live s ma tte r, Blue live s ma tte r, All live s ma tte r Altho ug h the

328 views • 8 slides
MEDIA PROJECT. THE LAUNCH We live in an age of information and the saying He who possesses

MEDIA PROJECT. THE LAUNCH We live in an age of information and the saying He who possesses

MEDIA PROJECT. THE LAUNCH We live in an age of information and the saying He who possesses information owns the world defi- Broadcasting of the Big Asia channel and bigasia.ru website began on June 1, nitely reflects todays

165 views • 12 slides
ENTERTAINMENT FACILITY STUDY August 14, 2018 City Council Briefing David Stone, Stone Pla n ning

ENTERTAINMENT FACILITY STUDY August 14, 2018 City Council Briefing David Stone, Stone Pla n ning

ENTERTAINMENT FACILITY STUDY August 14, 2018 City Council Briefing David Stone, Stone Pla n ning LIVE MUSIC/ ENTERTAINMENT INDUSTRY TRENDS 2 LIVE MUSIC/ ENTERTAINMENT INDUSTRY TRENDS THE TOURING EVENTS INDUSTRY The live entertainment

373 views • 9 slides
WAFarmers General Discussion regarding 2018 Live Sheep Export Crisis Relation of crisis to WA

WAFarmers General Discussion regarding 2018 Live Sheep Export Crisis Relation of crisis to WA

WAFarmers General Discussion regarding 2018 Live Sheep Export Crisis Relation of crisis to WA Shearing Industry Who am I Agronomy, Agribusiness focus Approximately 25 years working in the agricultural industry Last Role Area

524 views • 7 slides
Information meeting for industry vendors January 21 2020 Agenda Industry vendor meeting 1.

Information meeting for industry vendors January 21 2020 Agenda Industry vendor meeting 1.

Information meeting for industry vendors January 21 2020 Agenda Industry vendor meeting 1. Welcome and introduction 2. Overall status and roadmap 3. Preliminary recommendations 4. Q&A Side 2 Fotograf: yvind Eide Citizen Doctor

373 views • 19 slides
ABBREVIATION LISTING Petroleum Information INFORMATION SPECIALISTS TO THE ENERGY INDUSTRY. A

ABBREVIATION LISTING Petroleum Information INFORMATION SPECIALISTS TO THE ENERGY INDUSTRY. A

ABBREVIATION LISTING Petroleum Information INFORMATION SPECIALISTS TO THE ENERGY INDUSTRY. A Subsid1ary oi A C. Nielsen Company r~aryl PETROLEUr~ TWO LETTER STATE ABBREVIATIONS Al - Alabama MT - Montana AK - Alaska NE - Nebraska AZ - Arizona

423 views • 20 slides
The Information Industry, Distant Use Value and the Exxon Valdez Scott Farrow and Douglas

The Information Industry, Distant Use Value and the Exxon Valdez Scott Farrow and Douglas

The Information Industry, Distant Use Value and the Exxon Valdez Scott Farrow and Douglas Larson UMBC UC Davis Outline Motivation: the Information industry and welfare measures Distant use valueEvents Application: Valdez

228 views • 19 slides
Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass

Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass

Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass production, Automation, Internet of things, steam power, assembly line, computers, networks. weaver loom. electrical energy. electronics.

296 views • 3 slides
WEST VIRGINIA STREET DRAGS ALL OUT Live Season 3 ALL OUT Live is the first Live and Televised

WEST VIRGINIA STREET DRAGS ALL OUT Live Season 3 ALL OUT Live is the first Live and Televised

WEST VIRGINIA STREET DRAGS ALL OUT Live Season 3 ALL OUT Live is the first Live and Televised Drag Racing Game show! The ALL OUT grassroots racers battle it out in front of the cameras while fans play along for cash and prizes on the Instant

271 views • 11 slides
UBIS (ASIA) PLC. OPPORTUNITY DAY MARCH 11, 2010. Ubis (Asia) Public Company Limited Industry

UBIS (ASIA) PLC. OPPORTUNITY DAY MARCH 11, 2010. Ubis (Asia) Public Company Limited Industry

UBIS (ASIA) PLC. OPPORTUNITY DAY MARCH 11, 2010. Ubis (Asia) Public Company Limited Industry Information Company Operation Future and Opportunity Industry Information Industry Information Canned Food Export during 2005-2009

552 views • 23 slides
Recruiting staff from the Live Register. Information for Employers We have been given a mandate

Recruiting staff from the Live Register. Information for Employers We have been given a mandate

Recruiting staff from the Live Register. Information for Employers We have been given a mandate to change and we are changing. Put simply, no -one who loses his/her job should be allowed to drift, with no support, into long term

368 views • 19 slides
Custom-made medical devices Information for the dental industry Valerie Mercer Director Medical

Custom-made medical devices Information for the dental industry Valerie Mercer Director Medical

Custom-made medical devices Information for the dental industry Valerie Mercer Director Medical Devices Information and Education Medical Devices Branch Therapeutic Goods Administration ADIA industry briefing 12-13 July 2016 Discussion topics

534 views • 28 slides
Love Where We Live Project Love Where We Live Project Love Where We Live Introduction The group

Love Where We Live Project Love Where We Live Project Love Where We Live Introduction The group

Judith Smith Horizon Church and Neil Lovesey - LBS Community Wellbeing Team Love Where We Live Project Love Where We Live Project Love Where We Live Introduction The group will be working across the St Helier and Wandle Valley areas with

249 views • 9 slides
Presenting a live 90-minute webinar with interactive Q&A Responding to EPA Information Request

Presenting a live 90-minute webinar with interactive Q&A Responding to EPA Information Request

Presenting a live 90-minute webinar with interactive Q&A Responding to EPA Information Request Letters: Mitigating Further Agency Scrutiny Assessing Response Options, Meeting Confidentiality Requirements While Demonstrating Compliance With

749 views • 60 slides
Parent and Student Information (2018-2019) Learn. Share. Live. What is happening ? Thanks

Parent and Student Information (2018-2019) Learn. Share. Live. What is happening ? Thanks

Cape Fear Center for Inquiry Parent and Student Information (2018-2019) Learn. Share. Live. What is happening ? Thanks to all of the efforts around Great Art, the Manna Fundraiser, Grants and State Funding, CFCI has: Introduced iPads

361 views • 13 slides
Parent and Student Information (2017 2018) Learn. Share. Live. What is happening ?

Parent and Student Information (2017 2018) Learn. Share. Live. What is happening ?

Cape Fear Center for Inquiry Parent and Student Information (2017 2018) Learn. Share. Live. What is happening ? Thanks to all of the efforts around Great Art, the Manna Fundraiser, Grants and State Funding, CFCI has: Introduced

467 views • 13 slides
1 We live to provide services for several hundreds of thousands of customers every day

1 We live to provide services for several hundreds of thousands of customers every day

1 We live to provide services for several hundreds of thousands of customers every day RETHMANN-Group A group with a turnover of more than 12.4 bn* and a workforce of 66,000* Water- and Lifecycle Logistics Bio-Industry Public Private

198 views • 7 slides
In Industry ry and the Operational Environment of f the Future By Vincent H. ONeil Outline

In Industry ry and the Operational Environment of f the Future By Vincent H. ONeil Outline

The In Information Disruption In Industry ry and the Operational Environment of f the Future By Vincent H. ONeil Outline Executive Summary Introduction The Expanding Information Disruption Industry Ramifications for the

507 views • 27 slides

More recommend