WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes...
Transcript of WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes...
![Page 1: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/1.jpg)
![Page 2: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/2.jpg)
WE ADOPT IP?WHAT HAPPENS WHEN
![Page 3: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/3.jpg)
IT
INDUSTRIAL
![Page 4: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/4.jpg)
INTRODUCTION
![Page 5: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/5.jpg)
BELDEN
![Page 6: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/6.jpg)
POLICY & COMPLIANCETRIPWIRE IS LEADER INSecurity• Detect unauthorized changes• Assess configurations against security baselines• Identify risks in environment
Compliance• Demonstrate compliance with regulatory standards• Automate manual compliance efforts• Produce data for audits and for forensics
Operations• Validate changes for a strong change control process• Identify unauthorized changes that circumvent process• Discover and inventory what is on network
![Page 7: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/7.jpg)
USE TRIPWIREHALF OF THE FORTUNE 500
![Page 8: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/8.jpg)
SECURITY TRENDS
![Page 9: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/9.jpg)
![Page 10: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/10.jpg)
![Page 11: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/11.jpg)
1 MILLIONUNFILLED SECURITY JOBS WORLDWIDE
![Page 13: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/13.jpg)
EXAMPLE: ANTIVIRUSSECURITY IS NOT WORKING
![Page 14: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/14.jpg)
VULNERABILITY CURVETHE NEW THINGS
Perception
Actual
![Page 15: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/15.jpg)
FRIEND OR FOESECURITY RESEARCHERS
DEPENDS
![Page 16: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/16.jpg)
0
10000
20000
30000
40000
50000
60000
70000
80000
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
VULNERABILITIESIT
![Page 17: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/17.jpg)
0
200
400
600
800
1000
1200
1400
1600
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
VULNERABILITIESICS
![Page 18: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/18.jpg)
VS. INSIDER KNOWLEDGEATTACKER SOPHISTICATION Attack
Sophistication
InsiderKnowledge
![Page 19: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/19.jpg)
HIGH IMPACT INCIDENTSEVALUATING RISK FOR
$4MCost of Average Breach
$252MCost of Target Breach
$6BCost of Northeast Power Outage
$500MCost of OPM Breach
![Page 20: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/20.jpg)
INDUSTRIAL CYBERSECURITY
![Page 21: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/21.jpg)
BROADCAST OPERATIONS SECURITY
INDUSTRIAL CYBERSECURITYVS.
![Page 22: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/22.jpg)
![Page 23: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/23.jpg)
INDUSTRIAL CONTROL SYSTEMSUNIQUE CHALLENGES OF
![Page 24: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/24.jpg)
ARE ACCIDENTAL THAN MALICIOUSMORE INCIDENTS
![Page 25: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/25.jpg)
ICS SECURITY INCIDENTS
800Advisories
Unable to Determine
Attack Vectors
245 Reported Incidents
55% % of APTs
![Page 26: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/26.jpg)
STUXNET
![Page 27: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/27.jpg)
UKRAINE POWER OUTAGE
![Page 28: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/28.jpg)
POLISH TRAM SYSTEM
![Page 29: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/29.jpg)
MAROOCHY WASTE WATER
![Page 30: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/30.jpg)
BROWNS FERRY POWER PLANT
![Page 31: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/31.jpg)
IT VS ICSSafety
![Page 32: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/32.jpg)
QUESTIONSBROADCAST SECURITY
![Page 33: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/33.jpg)
WHAT TO DO
![Page 34: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/34.jpg)
INDUSTRIAL CYBERSECURITY1-2-3 APPROACH TO
1Secure IndustrialNetworks• Segmentation• Zoning and conduits• Monitoring and alerts• Wireless and remote
access• Threat containment
2Secure IndustrialEndpoints• Inventory connected
assets• Identify vulnerable &
exploitable endpoints• Achieve and maintain
secure and authorized configurations
• Identify unauthorized & malicious change
3Secure IndustrialControllers• Identify changes and
threats• Identify vulnerable &
exploitable controllers• Identify changes and
threats• Achieve and maintain
secure and authorized configurations
• Detect and contain threats
![Page 35: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/35.jpg)
OF SECURITY CONTROLS60 CATEGORIES
Security Landscape
IAM
Provisioning
Advanced Auth
SSO
Legacy Auth
PAM
Network
Firewall
UTM
IDS/IPS
VPN
Endpoint
Anti-Malware
Server Security
Endpoint Suites
Access Protection
PERM
Messaging
Anti-Malware
Anti-Spam
Content Filtering
Collaboration
Web
URL Filtering
Anti-Malware
WAF
Web Services
SVM
SIEM
GRC
UBA
FII
Policy Compliance
SDSM
Device VA
App Scanners
Cloud
CASB
Other
Other
Mobile
Encryption
Database
Storage
DLP
DDOS Defense
Threat Intelligence
Honeypots
Industrial
Network
System
IOT
STAP
Endpoint
Boundary
Network Analysis
Services
Consulting
Training
MSSP
SI
Resellers
![Page 36: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/36.jpg)
SECURITYAPPROACHING
![Page 37: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/37.jpg)
FRAMEWORKSSECURITY NIST CyberSecurity Framework
ISO/IEC 27001/27002:2013
CIS Critical Security Controls
COBIT
FFIEC
COSO
HITRUST CSF
ISA 99 / IEC 62443
![Page 38: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/38.jpg)
FRAMEWORKNIST 1. Prioritize
and Scope
2. Orient
3. Create current profile
4. Conduct Risk assessment
5. Create target profile
6. Determine, Analyze &
Prioritize Gaps
7. Implement Action Plan
![Page 39: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/39.jpg)
MODELSMATURITY
![Page 40: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/40.jpg)
MODELSMATURITY
MIL0: Notaccomplishing objectives, or accomplishing with manual process
MIL1:Accomplishing objectives, but with some automation, but minimal or ad-hoc process
MIL2: Established and followed standard operatingprocedures, more automation
MIL3: Mature implementation with high degree of automation and highlyoptimized
![Page 41: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/41.jpg)
SECURITYAPPROACHING
MOVE UP THE SUPPLY CHAIN
![Page 42: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/42.jpg)
SECURITYAPPROACHING
UNDERSTAND THE RISKS
BE PROACTIVE
![Page 43: WE ADOPT IP? · POLICY & COMPLIANCE TRIPWIRE IS LEADER IN Security • Detect unauthorized changes • Assess configurations against security baselines • Identify risks in environment](https://reader034.fdocuments.us/reader034/viewer/2022042417/5f338621be528641532b9adc/html5/thumbnails/43.jpg)
tripwire.com | @TripwireInc