6. afal leszczyna - enisa recommendations on ics security
TRANSCRIPT
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
1/13
www.enisa.europa.eu
ENISA RECOMMENDATIONS ON ICSSECURITY
Rafa Leszczyna
Resilience and CIIP Program, ENISA
Barcelona, 16 September, 2011
2011-09-16 [email protected]
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
2/13
www.enisa.europa.eu
The Aim and Scope of the Study
2011-04-11 [email protected]
ICS Security panorama
Threats, risks, challenges
National and pan-European initiatives
Identification of gaps
Recommendations
Follow-upDialogue between thestakeholders
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
3/13
www.enisa.europa.eu
The Approach in Short
2011-04-11 [email protected]
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
4/13
www.enisa.europa.eu
R1: National and Pan-European ICS
Security Strategies
2011-04-11 [email protected]
The lack of initiatives on ICS security
EU level policies for CIP and CIP
None of them addressing ICS specifically
COM(2011) 163 recognising the advent of the newthreats (Stuxnet mentioned explicitly)
US DHS established the Control Systems Security
Program (CSSP) as a cohesive effort betweengovernment and industry to improve the securityposture of control systems within the nation's criticalinfrastructure
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
5/13
www.enisa.europa.eu
R1: National and Pan-European ICS
Security Strategies
2011-04-11 [email protected]
Active collaboration between the ICT security sector and ICS Manufacturers,essential to improve ICS security
Interest in sharing initiatives
Excessive size, constraints or private interests are the main disadvantages andrisks of sharing initiatives
Unbalanced interest in cooperation between each group of stakeholders
Bilateral cooperation preferred to multilateral
PPP sharing initiatives demanded by most stakeholders
National or European funded security programs to be improved
Trust is an essential ingredient for the success of sharing initiatives
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
6/13
www.enisa.europa.eu
R2: Good Practices Guide for ICS
Security
2011-04-11 [email protected]
Good Practices and Standards are considered to be the most effective measures
The lack of a Common Reference in Europe
Not all sectors are being targeted by EU policies
Current documents, usually generic
Energy, the sector with a larger number of specific guidelines
Lack of coordination among European countries
The most valued characteristics of security standards: a holistic approach, risk managementguidance and businessorientation
Too technical standards less valued
Implementation of non European regulations, standards or good practices in industrialenvironments
Mistrust of guidelines causing heterogeneity
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
7/13
www.enisa.europa.eu
R3: ICS Security Plan Templates
2011-04-11 [email protected]
Need for an Operator/Infrastructure level security plantemplate
Sections to be included in the Operator/Infrastructure levelsecurity plan
Risk Management to be included in the ICS security plan
Awareness topic to be included in the ICS security plan
Security plans need to be adapted for every operator
Developing security programs, too costly for operators
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
8/13
www.enisa.europa.eu
R4: Awareness and Training
2011-04-11 [email protected]
Space for improvement in Dissemination andAwareness Forums
High interest in participating in Dissemination andAwareness Forums
Quality of ICS security events lowrated
Top Management awareness to be fostered
ICS providers are not aware of security good practicesof the ICT world
The security by obscurity debate
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
9/13
www.enisa.europa.eu
R5: Common Test Bed or ICS Security
Certification Framework
2011-04-11 [email protected]
Need for independent evaluations and tests of ICSsecurity products
Interest in creating a common test bed
PPP, a European scope and supported by Academiathe desired characteristics of the common test bed
Concerns regarding a European common test bed
A security reference model as an alternative to aEuropean common test bed
ICS providers are not aware of security good practicesof the ICT world
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
10/13
www.enisa.europa.eu
R6: National ICSCERTs
2011-04-11 [email protected]
Creation of an ICSCERT
PPP as a desired characteristic of an
ICSCERT
Characteristics of the ICSCERT
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
11/13
www.enisa.europa.eu
R7: Research in ICS Security
2011-04-11 [email protected]
Current research lines
Future research lines
Future threats a research topic
Adaptive Persistent Adversaries as the threat of thefuture
ICS importing the ICT solutions and the ICT problems
Regular ICT solutions need to be adapted further to
the ICSModular approach to builtin security requested bymost onfield stakeholders
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
12/13
www.enisa.europa.eu
Seven ENISA Recommendations for
ICS Security: Summary
2011-04-11 [email protected]
1. National and Pan-European ICS Security Strategies
2. Good Practices Guide for ICS Security
3. ICS Security Plan Templates
4. Awareness and Training
5. Common Test Bed or ICS Security Certification
Framework
6. National ICSCERTs
7. Research in ICS Security
-
7/28/2019 6. Afal Leszczyna - EnISA Recommendations on ICS Security
13/13
www.enisa.europa.eu
Thank you!
132011-04-11 [email protected]