Assuring Operational Continuity Assuring operational continuity is harder than ever Cyber Threats...

Assuring Operational

Continuity

CyberShieldTM

AnD for SCADA(Analysis & Detection)

Neri Zin

Vice President, Asia Pacific

Cyberbit Commercial Solutions

www.cyberbitc.com

CYBERBIT Proprietary DETECT ANALYZE RESPOND

So many concerns…

Assuring operational continuity is harder than ever

ThreatsHuman

Errors

Tampering

Attempts

System

Malfunctions

CYBERBIT Proprietary DETECT ANALYZE RESPOND3

With So Many Built-in

Challenges

Old unsecured

technology

Geographically

dispersed sites

Increasing network

connectivity

Exacerbating

Regulation Multiple vendors

and protocols

Exponential growth in Number of Industrial Cyber Attacks

Norwegian oil

companies

September 2014

More than 50 companies

Black Energy

November 2014

America’s power grids,

nuclear plants and oil

pipelines have been

targeted by Russian hackers

Who Will Be

Hit Next?

STUXNET

Affected 233M

Night Dragon

Large Scale APT

targeting the

energy sector

Shamoon

Largest Wipe Attack

targeting the energy

sector

Industrial Control System

Remote Access Trojan

Worm targeting ICS

Ukrainian power grid

December 2015

Larges scale attack on

the Ukrainian power grid

and supporting factories

In todays reality, the only way to regain

control over your operations and minimize

downtime is consistently inspecting and

analyzing all network transmissions.

Old technologies cannot be trusted.

Security Use Cases

• Unauthorized communications between two devices (PLC/PLC, PLC/RTU)

• Unauthorized actions (device performing write when permitted read only)

• Unknown/ Unauthorized devices in network

• Unauthorized maintenance activity 7

C&C to Field

Corporate to Field

Maintenance

Corporate to

Control Center

Operational Use Cases• Malformed packets:

causes system breakdown

• Error code identification:

know failures when they occur

• Reset commands and crash messages:

sent over the network to an operational unit

• Changes in network volumes/speeds/rates:

to indicate exceptional behaviors

CyberShieldTM AnD – Trustworthy SCADA

Refineries AirportsPower Plants Water Supply Distribution systems

Network detection and response – providing visibility, discovery and security of ICS networks

non-intrusive plug & play

network DPI sensor protocol and hardware agnostic

alerts, forensics &

mapping

The New Operational Toolbox

Industrial

Control Systems

CyberShieldTM AnD

for SCADA

• Real network map

• Overview of all network communications

• Security and malfunction alarms

• “Keep alive” monitoring

• Alarm investigation and analysis

• Network forensics

• unreliable network schematic representation (manual update)

• Alarm handling

• Meter readings

• Remote configuration

server

Historian

PLCs/RTUs Blackbox Netmap

AlerterInsight

CyberShieldTM AnD for SCADA Application

Typical Deployment

Corporate LAN

HMI HMI

AnD server (FMS)

Syslog \ SNMP

NMS Server

SIEMTypical Substation

Switch

RTU IED PLC

AnD Blackbox

Vlan\Inline\Separate

Physical Network

AnD Components

Existing System

SCADA Network

Historian FEP SCADA Server

Mirror\Tapping port

Ethernet\Serial

Communication Links

First TIER European Power Utility Secures its OT Network

with CyberShield AnD for SCADA

Selected Solution: Cyber Shield MnR

IDS and IPS mode

Deployed in country-

wide OT transmission

network

visibility of the OT

network, full network

communications in-

depth analysis, and

enhanced security

A major European

power utility (power

generation and

transmission)

4 Steps for Assuring Operational Continuity

Identify system malfunctions &

human errors before damage

occurs

Obtain reliable and

genuine network

Conduct forensics &

investigations for root cause

analysis

Detect and respond

to cyber threats

Minimize downtime Minimize time to response

Thank YouNeri Zin

Vice President, Asia Pacific

Cyberbit Commercial Solutions

www.cyberbitc.com

Assuring Operational Continuity Assuring operational continuity is harder than ever Cyber Threats...

Documents

Transcript of Assuring Operational Continuity Assuring operational continuity is harder than ever Cyber Threats...

Continuity is… delivering on our promises Andrew Wright Global Managing Director, Marine & Aviation Amlin plc Thursday 22 nd October 2015.

Assuring the Internet of Things

IndiaFirst Assuring Change - CFO Connectcfo-connect.com/images/article/cs-indiafirst-assuring-change-sep13.pdf · IndiaFirst Assuring Change 24 CFOCONNECT ...

ASSURING FOOD SAFETY AND QUALITY:

Quality Assuring a Science Curriculum

Assuring PNT for all

Assuring Healthy Caregivers - cdc.gov

Assuring quality at La Trobe

African Barrick Gold plc (the “Company” or “ABG”)/media/Files/A/Acacia/press-release/2012/... · African Barrick Gold plc (the “Company” or “ABG”) ... team and continuity

Testing Code and Assuring Quality

2 Quality Assuring Final

Assuring destruction forever: 2015 EDITION

Medication Safety: Assuring Safe Outcomes

Assuring sterility – A CMOs approach

Strategy for Assuring Financial Empowerment (SAFE) · PDF fileStrategy for Assuring Financial Empowerment (SAFE) Report ... The Strategy for Assuring Financial Empowerment ... practical

MT-1000 Multitest Continuity Tester Product Manualcontent.amprobe.com/manualsA/Multitest-1000_Continuity-Tester...MEASUREMENT PROCEDURE FOR "3P" TEST MODE ... new concept assuring

Guidelines for Assuring Quality of Food and Water ... · Guidelines for Assuring Quality of Food ... Example of Shelf Life Validation (1) ... Guidelines for Assuring Quality of Food

Assuring Project Quality

Assuring the safety of botanicals

Detailing Continuity in Building Enclosure Systemsmcgrawimages.buildingmedia.com/.../Detailing_Continuity.pdf · 2019. 11. 11. · Assuring Continuity of Assembly •Seams of integrated