something intangible, but real about cybersecurity
TRANSCRIPT
SOMETHING INTANGIBLE, BUT REAL ABOUT CYBERSECURITY
tel.: +7 (495) 980 67 76http://www.DialogNauka.ru
Dmitry Yarushevskiy | CISA | CISMHead of ICS Cyber security departmentJSC DialogueScience
2
JSC DialogueScience
JSC DialogueScience, established in 1992 is a system integrator in the information security field, one of the leading Russian provider of IT security services, products and solutions.
We have good experience in designing, development and implementation of cybersecurity systems and solutions on critical infrastructure and industrial objects, including power generation and power distribution sector.
.
SOMETHING INTANGIBLE, BUT REAL
I. LACK OF EXPERTISE AND COMMUNICATION
5
LACK OF EXPERTISE
First issue is LACK OF EXPERTISE AND COMMUNICATION
Automation don’t understand security
Security don’t understand automation
6
7
Cyber security is a serious business!
ICS Cyber Security is too complicated to be managed by only security personnel or only but automation engineers
Only well-balanced team of experts in different fields of knowledge could be effective in cyber security
Before starting cyber security program or implementing security system, ask yourself “Who will manage it?”
II. LACK OF RIGHTS TO ACT
9
Lack of rights to act
When cyber security staff finds that malicious activity or attack, perhaps, happening right now…
What they can do?
• Lack of well-studied scenarios• Not clear understandable consequences• Hard to calculate likelihood
10
Who will be responsible
Shutting down power grid control center because of feeling “that something going wrong” can be a definitely bad idea.
OR NOT?
vs
11
Lack of rights to act
To be effective cyber security staff, should clearly understand which actions and measures are allowed to apply and when, and which are not. And which actions are vital
Management and automation engineers also
Usually they all do not
(Risk analysis and BCP could help)
III. Focus on too sophisticated solutions
13
Focus on too sophisticated solutions instead of using embedded features
14
Modern PLC are far away from their roots
15
Embedded security features
There are a lot of “common” security features are embedded in some PLC now:
• Access control with strong authentication;• RADIUS• Logging and SNMP• Firewall• VPN client
CONCLUSION
17
At least three interesting question
There are at least three questions, that you should ask during establishing cyber security program:
• Who will manage it?
• What they are allowed to do, and what the must do in case they suspect an attack?
• Are there some cool security features already embedded in your PLC or SCADA?
Thanks for your time!
Dmitry Yarushevskiy CISA, CISM
Head of ICS Cyber security departmentJSC DialogueScience
[email protected]@dials.ru
Cell: +7 (916) 677 3763