SlideShare uma empresa Scribd logo

Cybersecurity in the Era of IoT

A
Amy Daly

Watch this previously recorded webinar event with special guest Karthik Sundaram of Frost & Sullivan as he expands on his recently published research, “Cybersecurity in the Era of Industrial IoT". Leveraging insights from actual use cases, new policy initiatives, and available solutions, the research explores cybersecurity approaches, including a deep dive into the concept of “defense-in-depth” and its implications for a converged IT-OT environment in the future.

Tecnologia
1 de 26
Cyber Security in the Era of Industrial IoT Discerning implications of cyber security in a converged IT-OT environment A Joint Webinar by Frost & Sullivan & Bayshore Networks 01st June, 2017
Presenters 2 Karthik Sundaram – Frost & Sullivan Kirby Wadsworth – Bayshore Networks  9+ years of industrial experience across diverse profiles ranging from engineering, design, market research and strategy consulting.  Experience base covers a wide range of technologies, products and solutions in the industrial automation space: Core Process and Discrete Automation, Product Lifecycle Management Systems, Industrial Internet of Things Opportunity Mapping, Industry 4.0/Future of Manufacturing Scenario Analysis  Began career in real-time and high-availability systems engineering  Patented a model for validation of trusted relationships  Launched security line of business at F5 Networks, and Limelight Networks
3 Agenda Evolution of Industry 4.0 The Convergence of IT-OT Industrial Cyber Security- An Industry Viewpoint Current State of ICS Security The Way Forward The Viewpoint of Bayshore Networks Questions
4 Evolution of Industry 4.0 1st INDUSTRIAL REVOLUTION : Power Generation Mechanization | Water Power | Steam Power 2nd INDUSTRIAL REVOLUTION : Industrialization Mass production | Assembly line | Electricity 3rd INDUSTRIAL REVOLUTION : Electric Automation Computing devices | Automation 4th INDUSTRIAL REVOLUTION : Data Driven Production Cyber Physical Systems | Industrial IoT The idea of cyber-physical systems and data-driven decision making will drive the need for a well- designed industrial cyber security strategy. Cyberthreats Physicalthreats 2000s 1900s 1800s 1700s Source: Frost & Sullivan What has gone UP? • Complexity • Customization opportunities What has come DOWN? • Maintenance Costs • Reconfiguration Costs • Single Vendorship With the introduction of Industry 4.0
5 Security Reliability Resilience Security Reliability Resilience Security Reliability Resilience Safety Privacy ITEnvironment OTEnvironment Privacy SafetySolutions from IT  Technology know-how  Customer reach & marketing expertise Solutions from OT  Deep domain (industrial) knowledge  Understanding of industrial customers  Understanding of machine data Converged IT-OT Ecosystem The Convergence of IT-OT IT-OT Convergence forms the cornerstone of the next-generation enterprise ; resulting in a rapid explosion of industrial data and a greater demand for industrial cyber security and safety. Initiatives driving IT-OT co-optation  Industrial Internet Consortium  Plattform Industrie 4.0  Smart Manufacturing Leadership Coalition  Made in China 2025 Data Data Source: IIC / Frost & Sullivan
6 Benefits Risks RoI Concerns Overflowing big data IT-OT Convergence: Risks, Benefits and Opportunities Benefits from IT-OT convergence is touted to bring tremendous opportunities in manufacturing despite existing risks and challenges IoT Skills Gap Debatable Ownership & Governance Privacy & Security Concerns Interoperability Surge in Connected Industrial Devices Swell in Economic Value Advanced IIoT platforms & ecosystems Digital transformation of industries New service driven business models Higher efficiency No more unplanned downtime Reduced costs Predictive Analytics & maintenance Improved Accuracy Source: Frost & Sullivan New business models
7 Industry 4.0 and New Business Models IIoT will play an important role in making strategic shifts in monetization models for industry. Product to Services Subscription to Consumption Closed to Open Vertical to Horizontal Business models have emerged from mere product based transactions to customer service based engagements. Business models have emerged from subscription based payment models to consumer based pay-as-you-go models. Digital platforms have evolved from being closed to a more open platform, aiding interoperability for developing custom apps. Business models have transformed from offering vertical solutions to specific context based solutions for the industry. INDUSTRIAL INTERNET OF THINGS Source: Frost & Sullivan
8 $11.5 M $2.75 M $6.50 M $7.60 M $2.28 M Power Pharma Automotive Defense Industrial Industrial Cyber Security- An Industry Viewpoint Alarming rise in cyber attacks on critical infrastructure and the subsequent rise in monetary losses is a growing matter of concern for the manufacturing industry Industry Wise Average Cost of Cyber Attacks Source: Ponemon Institute / HPE / Frost & Sullivan Important events that shaped the course of industrial cyber security The Ukraine Power Station Attack December 2015 December 2014 The German Steel Mill Attack November 2011 The Duqu Attack in Iranian Nuclear Plant December 2010 The Stuxnet Attack on the Iranian Nuclear Plant January 2008 The Poland Public Tram System Hack March 2000 The Austrailian Maroochy Shire Sewage Spill
9 Decoding Industrial Cyber-attacks—Types and Motives Outsiders Cyber Attackers Primary motive of cyber threats Hijacking industrial automation & control systems (ACS) for economic and political gains Identifying weaknesses and improving system networks by “White hat” hackers (on contract) Black hat hacking such as espionage, extortion, theft, and vandalism Economic motivations such as theft of intellectual property or other economically valuable assets Inadvertent actions that are taken without malicious or harmful intent Insiders • Disgruntled employees • Thieves • Unintentional mistakes Amateurs Hackers: • Black hats • White hats Organized Attackers: • Terrorists • Hacktivists • Nation States • Criminal actors Different Categories of Hackers Cyber-security: Categories of cyber-attackers Source: Frost & Sullivan The world of industrial automation will see the entry of commercial IT vendors with industrial security solutions. Cyber-attacks have multiple motives but all of them leverage on technological loopholes that exist in industrial legacy systems
10 Morphing Cyber Attack Points in Industry Current cyber security measures may fall flat vis-à-vis broadening attack surfaces and increasing complexities of cyber attacks Cloud Networks Can be compromised if security controls like firewalls are not in place. Supply chain Can be disrupted by Distributed Denial of Service (DDoS) attacks Intellectual Property (IP) IP can be at risk if proper encryption methods are not followed Industrial Automation & Control Systems (ICS) Malware can be injected by perpetuators to disrupt ICS Government Data Nation level espionages are held that put highly confidential government data at stake Product Data & Configuration Competitor corporate espionages could steal potential product data and alter its configuration. Product components Product components could be embedded with malware that could infect any portion of the product life cycle. Handheld devices & wearables Mobiles,wearables and other handheld devices used in the industrial environment can leak out personal information. Source: Frost & Sullivan Evolutionofcyberattacks 1980 2020 Password cracking Back doors Packet spoofing Advanced scanning Denial of service Malicous codes Bots Vulnerable Attack points in manufacturing value chain
11 The difference really lies in the fact that all the sensors have Internet Protocol (IP) addresses now. This means that they can be accessed via the Internet and are going to go after 50,000 versus 100 or 1,500 devices. They have to worry about it. – Operations Director, Discrete Manufacturing “ ” The State of ICS Security—An Industry Perspective The rise of industrial connectivity with the advent of IIoT will expand the cyber security threat landscape for industry Industrial Customer Perspective We utilize defense-in-depth strategies—layering design features with safe practices and preventive measures while actively monitoring each and constantly addressing known and emerging threats. – Director, Utility Company “ ” Level of Awareness /Maturity
12 Operational Safety System Security Integrity Regulations Information Confidential ity Legacy Assets Source: Frost & Sullivan • Insecure industrial systems that were designed to operate in silos • Information silos • Difficulty in integration between organizations Integration challenges with systems • IT and security policies not designed for the industrial operating environment • IT and security personnel not familiar with the operating environment Misalignment between IT and OT security. • Confidentiality—for e.g., chemical formulas • Integrity—for e.g., smart meters • Availability—for e.g., process and control systems Managing sensitive systems Key Focus Areas in Critical Infrastructure Industries Security Challenges in Critical Infrastructure Industries Attacks on critical infrastructure industries are a major problem as the implications and costs are considerably more when compared to attacks on a manufacturing plant.
13 Security Concerns Challenges Attacks Case Example: Power Industry Power transmission and power distribution segments are considered to be more vulnerable than power generation. • Privacy of customer information is key (which could be easily compromised by a third party or the utility) • Compromising the demand- response events in the Energy Management Control System (EMCS) Targeting Availability : DDoS Attacks cause delays, blocks or corrupt communication. Targeting Integrity : Spoofing, Man-in-the-middle Attacks modify or disrupt data exchange. Targeting Confidentiality : Eavesdroppers, traffic analyzers acquire unauthorized information from network resources. • Utilities are skeptical about using anti-virus solutions to protect relay systems due to processing power and memory requirements.• Geographically wide spread segment, making it difficult to monitor and control systems. Each of the sub-stations represents a node that can be compromised, causing damage to personnel as well as equipment. • Cyber attacks in the distribution segment can cause supply failures and compromised data collection may result in incorrect reporting and decision making. • False readings due to tampered meters and attacks on the sensor networks
14 The Industrial Cyber Security Market- Key Trends While ICS security is approximately 10 years behind IT security, APTs are changing rapidly, making existing solutions obsolete. New Operating Models Partnerships will be crucial to the development of in-built security solutions for ICS, opening up opportunities for security endpoints, the network, and the edge. v Cyber Security as a Service Managed security services (MSS) and the development of a Main Cyber Security Service Contractor (MCSC) capable of assessing, implementing, monitoring, and managing the security lifecycle of the enterprise will become plausible investments. 2S Approach—Safety and Security These 2 factors have similar objectives— to protect the people, the assets, and the process. Solution providers are considering the opportunities in merging these 2 capabilities. Industry-focused solutions Data encryption, endpoint and network access management, security intelligence and forensics, and security gateways are becoming mandatory security solutions to protect the different ICS levels. Digital Engineers As the IT and OT worlds continue to converge, there is a growing requirement for a new age workforce of digital engineers who can understand and develop solutions that can be utilized to defend ICS. Source: Frost & Sullivan 1 2 3 4 5
15 0% 50% 100% Response Detection & monitoring Prevention Current State of ICS Security Security Domain State of Automation systems Adoption level Patch Management ICS software incompatibilities and resources not easily available Cyber Security Testing and Audit Testing expected to be thorough and specific to the control systems Security Breach Response and Forensics Critical response time Security Compliance and Regulation Industry-specific guidance in some sectors Physical Security Fairly strong Security Development Not an integral part of the system architecture Anti-virus Solutions Not common in control systems Firewall Security Often used as a protection device for the entire system SolutionType Adoption Level (%) Source: Frost & Sullivan High adoption Medium adoption Low adoption A majority of customers are focused on preventing solutions rather than monitoring or managing cyber security.
16 Which is why we would need to re-look our approach to security…
INDUSTRIAL CYBER PROTECTION ROADMAP Innovation Revenue Efficiency CostDetect Prevent BusinessValue Maturity Plan Organize Catalog Report • Opportunity • Proactive • Filtration • Blocking • Process • Predictive • Internal • Optimization • Risk • Reactive • Visibility • Alerting • Awareness • Learning • Concern • Education Visibility Protection Connection • Partners • Integrated • External • Transformation
INDUSTRIAL CYBER PROTECTION ROADMAP Innovation Revenue Efficiency CostDetect Prevent BusinessValue Maturity Plan Organize Catalog Report • Opportunity • Proactive • Filtration • Blocking • Process • Predictive • Internal • Optimization • Risk • Reactive • Visibility • Alerting • Awareness • Learning • Concern • Education Visibility Protection Connection • Partners • Integrated • External • Transformation All paths to the Industrial Internet of the future require industrial cyber protection of the present
BAYSHORE’S INDUSTRIAL CYBER PROTECTION PLATFORM FUNCTIONS DISCOVER • Automated asset mapping • Reports • Real-time monitoring DETECT • Anomalies and deviations • Known & zero-day intrusions PREVENT • Attacks and accidents • Enforce Policy • Segment industrial networks • Central policy management OPTIMIZE • Transform industrial protocol content • Enable business analytics • Integrate OT with SOC / SIEM INNOVATE • Managed remote access • Connect to Industrial Internet See ConnectProtect
CASE IN POINT – MANUFACTURING  Major US enterprise with 40+ installations  CISO first raised concerns  Initial Request  Discovery, visibility  Monitoring / threat detection
FIRST STEPS • Gathered cross-functional team • Plant teams • IT Security teams • Facilities / Operations teams • Situational Analysis • IT concerned about performance impact of security • OT (facility) team not aware of risk • Start small, learn fast
 Wide skepticism that apertures and risks even existed  Bayshore Automated Discovery  Initially mirror port, passive mode  Identified undocumented vulnerabilities  Physical – old and new assets, down revs, passwords  Application and data loss/theft – undocumented network connections INITIAL ASSESSMENT
 Determined normal baseline, began monitoring/alerting  Added policies to enforce acceptable access and commands  Alert on policy violation, SEIM integrated  Protect / block blacklist and critical violations  Certified solution cross- functionally  Replicated globally PILOT TO PRODUCTION
DD BAYSHORE PROTECTS INDUSTRIAL INFRASTRUCTURE SO YOU CAN CONNECT Deep, Granular Content Inspection of Industrial Protocols Automated Mapping and Reporting of Industrial Assets Enforcement of Content-Based, Context-Aware Policies Transformation of Industrial Data for Use in Business Applications
25 Cyber Security in the Era of Industrial IoT bit.ly/secureiiot RESOURCE: WHITE PAPER
26 THANK YOU! Kirby Wadsworth kwadsworth@bayshorenetworks.com Karthik Sundaram karthik@frost.com www.bayshorenetworks.com

Recomendados

Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeBlockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeKishor Datta Gupta
 

Recomendados

Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeBlockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeKishor Datta Gupta
 
What is SASE
What is SASEWhat is SASE
What is SASEAdi Ruppin
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution briefNozomi Networks
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsPECB
 
SOAR and SIEM.pptx
SOAR and SIEM.pptxSOAR and SIEM.pptx
SOAR and SIEM.pptxAjit Wadhawan
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCreekside Marketing Group, LLC
 
Extending Security to EVERY Edge
Extending Security to EVERY EdgeExtending Security to EVERY Edge
Extending Security to EVERY Edgeitnewsafrica
 
IAM Cloud
IAM CloudIAM Cloud
IAM CloudAidy Tificate
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
 

Mais conteúdo relacionado

Mais procurados

Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution briefNozomi Networks
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsPECB
 
Extending Security to EVERY Edge
Extending Security to EVERY EdgeExtending Security to EVERY Edge
Extending Security to EVERY Edgeitnewsafrica
 

Mais procurados (20)

What is SASE
What is SASEWhat is SASE
What is SASE
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptx
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
IoT security
IoT securityIoT security
IoT security
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
 
SOAR and SIEM.pptx
SOAR and SIEM.pptxSOAR and SIEM.pptx
SOAR and SIEM.pptx
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Extending Security to EVERY Edge
Extending Security to EVERY EdgeExtending Security to EVERY Edge
Extending Security to EVERY Edge
 
IAM Cloud
IAM CloudIAM Cloud
IAM Cloud
 

Semelhante a Cybersecurity in the Era of IoT

ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaJohn Kingsley
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Ulf Mattsson
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enKarel Van Isacker
 
Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Samir Kotarwar
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCSA Argentina
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Block Armour Zero Trust Cybersecurity Mesh for Oil and Gas
Block Armour Zero Trust Cybersecurity Mesh for Oil and GasBlock Armour Zero Trust Cybersecurity Mesh for Oil and Gas
Block Armour Zero Trust Cybersecurity Mesh for Oil and GasBlockArmour1
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
White Paper: IoT Security – Protecting the Networked Society
White Paper: IoT Security – Protecting the Networked SocietyWhite Paper: IoT Security – Protecting the Networked Society
White Paper: IoT Security – Protecting the Networked SocietyEricsson
 
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdf
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdfCYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdf
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdfMehedi Hasan
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksBGA Cyber Security
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report SummaryAccenture Technology
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionSMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionDale Butler
 
Cybersecurity for manufacturing - Five practical steps, by Six Degrees
Cybersecurity for manufacturing - Five practical steps, by Six DegreesCybersecurity for manufacturing - Five practical steps, by Six Degrees
Cybersecurity for manufacturing - Five practical steps, by Six DegreesSix Degrees
 

Semelhante a Cybersecurity in the Era of IoT (20)

ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_Darktrace
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_final
 
CyCron 2016
CyCron 2016CyCron 2016
CyCron 2016
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
 
Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del ciso
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Block Armour Zero Trust Cybersecurity Mesh for Oil and Gas
Block Armour Zero Trust Cybersecurity Mesh for Oil and GasBlock Armour Zero Trust Cybersecurity Mesh for Oil and Gas
Block Armour Zero Trust Cybersecurity Mesh for Oil and Gas
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
White Paper: IoT Security – Protecting the Networked Society
White Paper: IoT Security – Protecting the Networked SocietyWhite Paper: IoT Security – Protecting the Networked Society
White Paper: IoT Security – Protecting the Networked Society
 
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdf
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdfCYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdf
CYBER ATTACKS ON INDUSTRIAL AUTOMATION.pdf
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist Attacks
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report Summary
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionSMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibition
 
Cybersecurity for manufacturing - Five practical steps, by Six Degrees
Cybersecurity for manufacturing - Five practical steps, by Six DegreesCybersecurity for manufacturing - Five practical steps, by Six Degrees
Cybersecurity for manufacturing - Five practical steps, by Six Degrees
 

Último

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Último (20)

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Cybersecurity in the Era of IoT

  • 1. Cyber Security in the Era of Industrial IoT Discerning implications of cyber security in a converged IT-OT environment A Joint Webinar by Frost & Sullivan & Bayshore Networks 01st June, 2017
  • 2. Presenters 2 Karthik Sundaram – Frost & Sullivan Kirby Wadsworth – Bayshore Networks  9+ years of industrial experience across diverse profiles ranging from engineering, design, market research and strategy consulting.  Experience base covers a wide range of technologies, products and solutions in the industrial automation space: Core Process and Discrete Automation, Product Lifecycle Management Systems, Industrial Internet of Things Opportunity Mapping, Industry 4.0/Future of Manufacturing Scenario Analysis  Began career in real-time and high-availability systems engineering  Patented a model for validation of trusted relationships  Launched security line of business at F5 Networks, and Limelight Networks
  • 3. 3 Agenda Evolution of Industry 4.0 The Convergence of IT-OT Industrial Cyber Security- An Industry Viewpoint Current State of ICS Security The Way Forward The Viewpoint of Bayshore Networks Questions
  • 4. 4 Evolution of Industry 4.0 1st INDUSTRIAL REVOLUTION : Power Generation Mechanization | Water Power | Steam Power 2nd INDUSTRIAL REVOLUTION : Industrialization Mass production | Assembly line | Electricity 3rd INDUSTRIAL REVOLUTION : Electric Automation Computing devices | Automation 4th INDUSTRIAL REVOLUTION : Data Driven Production Cyber Physical Systems | Industrial IoT The idea of cyber-physical systems and data-driven decision making will drive the need for a well- designed industrial cyber security strategy. Cyberthreats Physicalthreats 2000s 1900s 1800s 1700s Source: Frost & Sullivan What has gone UP? • Complexity • Customization opportunities What has come DOWN? • Maintenance Costs • Reconfiguration Costs • Single Vendorship With the introduction of Industry 4.0
  • 5. 5 Security Reliability Resilience Security Reliability Resilience Security Reliability Resilience Safety Privacy ITEnvironment OTEnvironment Privacy SafetySolutions from IT  Technology know-how  Customer reach & marketing expertise Solutions from OT  Deep domain (industrial) knowledge  Understanding of industrial customers  Understanding of machine data Converged IT-OT Ecosystem The Convergence of IT-OT IT-OT Convergence forms the cornerstone of the next-generation enterprise ; resulting in a rapid explosion of industrial data and a greater demand for industrial cyber security and safety. Initiatives driving IT-OT co-optation  Industrial Internet Consortium  Plattform Industrie 4.0  Smart Manufacturing Leadership Coalition  Made in China 2025 Data Data Source: IIC / Frost & Sullivan
  • 6. 6 Benefits Risks RoI Concerns Overflowing big data IT-OT Convergence: Risks, Benefits and Opportunities Benefits from IT-OT convergence is touted to bring tremendous opportunities in manufacturing despite existing risks and challenges IoT Skills Gap Debatable Ownership & Governance Privacy & Security Concerns Interoperability Surge in Connected Industrial Devices Swell in Economic Value Advanced IIoT platforms & ecosystems Digital transformation of industries New service driven business models Higher efficiency No more unplanned downtime Reduced costs Predictive Analytics & maintenance Improved Accuracy Source: Frost & Sullivan New business models
  • 7. 7 Industry 4.0 and New Business Models IIoT will play an important role in making strategic shifts in monetization models for industry. Product to Services Subscription to Consumption Closed to Open Vertical to Horizontal Business models have emerged from mere product based transactions to customer service based engagements. Business models have emerged from subscription based payment models to consumer based pay-as-you-go models. Digital platforms have evolved from being closed to a more open platform, aiding interoperability for developing custom apps. Business models have transformed from offering vertical solutions to specific context based solutions for the industry. INDUSTRIAL INTERNET OF THINGS Source: Frost & Sullivan
  • 8. 8 $11.5 M $2.75 M $6.50 M $7.60 M $2.28 M Power Pharma Automotive Defense Industrial Industrial Cyber Security- An Industry Viewpoint Alarming rise in cyber attacks on critical infrastructure and the subsequent rise in monetary losses is a growing matter of concern for the manufacturing industry Industry Wise Average Cost of Cyber Attacks Source: Ponemon Institute / HPE / Frost & Sullivan Important events that shaped the course of industrial cyber security The Ukraine Power Station Attack December 2015 December 2014 The German Steel Mill Attack November 2011 The Duqu Attack in Iranian Nuclear Plant December 2010 The Stuxnet Attack on the Iranian Nuclear Plant January 2008 The Poland Public Tram System Hack March 2000 The Austrailian Maroochy Shire Sewage Spill
  • 9. 9 Decoding Industrial Cyber-attacks—Types and Motives Outsiders Cyber Attackers Primary motive of cyber threats Hijacking industrial automation & control systems (ACS) for economic and political gains Identifying weaknesses and improving system networks by “White hat” hackers (on contract) Black hat hacking such as espionage, extortion, theft, and vandalism Economic motivations such as theft of intellectual property or other economically valuable assets Inadvertent actions that are taken without malicious or harmful intent Insiders • Disgruntled employees • Thieves • Unintentional mistakes Amateurs Hackers: • Black hats • White hats Organized Attackers: • Terrorists • Hacktivists • Nation States • Criminal actors Different Categories of Hackers Cyber-security: Categories of cyber-attackers Source: Frost & Sullivan The world of industrial automation will see the entry of commercial IT vendors with industrial security solutions. Cyber-attacks have multiple motives but all of them leverage on technological loopholes that exist in industrial legacy systems
  • 10. 10 Morphing Cyber Attack Points in Industry Current cyber security measures may fall flat vis-à-vis broadening attack surfaces and increasing complexities of cyber attacks Cloud Networks Can be compromised if security controls like firewalls are not in place. Supply chain Can be disrupted by Distributed Denial of Service (DDoS) attacks Intellectual Property (IP) IP can be at risk if proper encryption methods are not followed Industrial Automation & Control Systems (ICS) Malware can be injected by perpetuators to disrupt ICS Government Data Nation level espionages are held that put highly confidential government data at stake Product Data & Configuration Competitor corporate espionages could steal potential product data and alter its configuration. Product components Product components could be embedded with malware that could infect any portion of the product life cycle. Handheld devices & wearables Mobiles,wearables and other handheld devices used in the industrial environment can leak out personal information. Source: Frost & Sullivan Evolutionofcyberattacks 1980 2020 Password cracking Back doors Packet spoofing Advanced scanning Denial of service Malicous codes Bots Vulnerable Attack points in manufacturing value chain
  • 11. 11 The difference really lies in the fact that all the sensors have Internet Protocol (IP) addresses now. This means that they can be accessed via the Internet and are going to go after 50,000 versus 100 or 1,500 devices. They have to worry about it. – Operations Director, Discrete Manufacturing “ ” The State of ICS Security—An Industry Perspective The rise of industrial connectivity with the advent of IIoT will expand the cyber security threat landscape for industry Industrial Customer Perspective We utilize defense-in-depth strategies—layering design features with safe practices and preventive measures while actively monitoring each and constantly addressing known and emerging threats. – Director, Utility Company “ ” Level of Awareness /Maturity
  • 12. 12 Operational Safety System Security Integrity Regulations Information Confidential ity Legacy Assets Source: Frost & Sullivan • Insecure industrial systems that were designed to operate in silos • Information silos • Difficulty in integration between organizations Integration challenges with systems • IT and security policies not designed for the industrial operating environment • IT and security personnel not familiar with the operating environment Misalignment between IT and OT security. • Confidentiality—for e.g., chemical formulas • Integrity—for e.g., smart meters • Availability—for e.g., process and control systems Managing sensitive systems Key Focus Areas in Critical Infrastructure Industries Security Challenges in Critical Infrastructure Industries Attacks on critical infrastructure industries are a major problem as the implications and costs are considerably more when compared to attacks on a manufacturing plant.
  • 13. 13 Security Concerns Challenges Attacks Case Example: Power Industry Power transmission and power distribution segments are considered to be more vulnerable than power generation. • Privacy of customer information is key (which could be easily compromised by a third party or the utility) • Compromising the demand- response events in the Energy Management Control System (EMCS) Targeting Availability : DDoS Attacks cause delays, blocks or corrupt communication. Targeting Integrity : Spoofing, Man-in-the-middle Attacks modify or disrupt data exchange. Targeting Confidentiality : Eavesdroppers, traffic analyzers acquire unauthorized information from network resources. • Utilities are skeptical about using anti-virus solutions to protect relay systems due to processing power and memory requirements.• Geographically wide spread segment, making it difficult to monitor and control systems. Each of the sub-stations represents a node that can be compromised, causing damage to personnel as well as equipment. • Cyber attacks in the distribution segment can cause supply failures and compromised data collection may result in incorrect reporting and decision making. • False readings due to tampered meters and attacks on the sensor networks
  • 14. 14 The Industrial Cyber Security Market- Key Trends While ICS security is approximately 10 years behind IT security, APTs are changing rapidly, making existing solutions obsolete. New Operating Models Partnerships will be crucial to the development of in-built security solutions for ICS, opening up opportunities for security endpoints, the network, and the edge. v Cyber Security as a Service Managed security services (MSS) and the development of a Main Cyber Security Service Contractor (MCSC) capable of assessing, implementing, monitoring, and managing the security lifecycle of the enterprise will become plausible investments. 2S Approach—Safety and Security These 2 factors have similar objectives— to protect the people, the assets, and the process. Solution providers are considering the opportunities in merging these 2 capabilities. Industry-focused solutions Data encryption, endpoint and network access management, security intelligence and forensics, and security gateways are becoming mandatory security solutions to protect the different ICS levels. Digital Engineers As the IT and OT worlds continue to converge, there is a growing requirement for a new age workforce of digital engineers who can understand and develop solutions that can be utilized to defend ICS. Source: Frost & Sullivan 1 2 3 4 5
  • 15. 15 0% 50% 100% Response Detection & monitoring Prevention Current State of ICS Security Security Domain State of Automation systems Adoption level Patch Management ICS software incompatibilities and resources not easily available Cyber Security Testing and Audit Testing expected to be thorough and specific to the control systems Security Breach Response and Forensics Critical response time Security Compliance and Regulation Industry-specific guidance in some sectors Physical Security Fairly strong Security Development Not an integral part of the system architecture Anti-virus Solutions Not common in control systems Firewall Security Often used as a protection device for the entire system SolutionType Adoption Level (%) Source: Frost & Sullivan High adoption Medium adoption Low adoption A majority of customers are focused on preventing solutions rather than monitoring or managing cyber security.
  • 16. 16 Which is why we would need to re-look our approach to security…
  • 17. INDUSTRIAL CYBER PROTECTION ROADMAP Innovation Revenue Efficiency CostDetect Prevent BusinessValue Maturity Plan Organize Catalog Report • Opportunity • Proactive • Filtration • Blocking • Process • Predictive • Internal • Optimization • Risk • Reactive • Visibility • Alerting • Awareness • Learning • Concern • Education Visibility Protection Connection • Partners • Integrated • External • Transformation
  • 18. INDUSTRIAL CYBER PROTECTION ROADMAP Innovation Revenue Efficiency CostDetect Prevent BusinessValue Maturity Plan Organize Catalog Report • Opportunity • Proactive • Filtration • Blocking • Process • Predictive • Internal • Optimization • Risk • Reactive • Visibility • Alerting • Awareness • Learning • Concern • Education Visibility Protection Connection • Partners • Integrated • External • Transformation All paths to the Industrial Internet of the future require industrial cyber protection of the present
  • 19. BAYSHORE’S INDUSTRIAL CYBER PROTECTION PLATFORM FUNCTIONS DISCOVER • Automated asset mapping • Reports • Real-time monitoring DETECT • Anomalies and deviations • Known & zero-day intrusions PREVENT • Attacks and accidents • Enforce Policy • Segment industrial networks • Central policy management OPTIMIZE • Transform industrial protocol content • Enable business analytics • Integrate OT with SOC / SIEM INNOVATE • Managed remote access • Connect to Industrial Internet See ConnectProtect
  • 20. CASE IN POINT – MANUFACTURING  Major US enterprise with 40+ installations  CISO first raised concerns  Initial Request  Discovery, visibility  Monitoring / threat detection
  • 21. FIRST STEPS • Gathered cross-functional team • Plant teams • IT Security teams • Facilities / Operations teams • Situational Analysis • IT concerned about performance impact of security • OT (facility) team not aware of risk • Start small, learn fast
  • 22.  Wide skepticism that apertures and risks even existed  Bayshore Automated Discovery  Initially mirror port, passive mode  Identified undocumented vulnerabilities  Physical – old and new assets, down revs, passwords  Application and data loss/theft – undocumented network connections INITIAL ASSESSMENT
  • 23.  Determined normal baseline, began monitoring/alerting  Added policies to enforce acceptable access and commands  Alert on policy violation, SEIM integrated  Protect / block blacklist and critical violations  Certified solution cross- functionally  Replicated globally PILOT TO PRODUCTION
  • 24. DD BAYSHORE PROTECTS INDUSTRIAL INFRASTRUCTURE SO YOU CAN CONNECT Deep, Granular Content Inspection of Industrial Protocols Automated Mapping and Reporting of Industrial Assets Enforcement of Content-Based, Context-Aware Policies Transformation of Industrial Data for Use in Business Applications
  • 25. 25 Cyber Security in the Era of Industrial IoT bit.ly/secureiiot RESOURCE: WHITE PAPER
  • 26. 26 THANK YOU! Kirby Wadsworth kwadsworth@bayshorenetworks.com Karthik Sundaram karthik@frost.com www.bayshorenetworks.com