Whose 'Threat' is it Anyway? Cybersecurity in a Hyper-connected Enterprise
-
Upload
frost-sullivan -
Category
Data & Analytics
-
view
158 -
download
1
Transcript of Whose 'Threat' is it Anyway? Cybersecurity in a Hyper-connected Enterprise
Understanding Industry 4.0 and its Impact on Inline Metrology Market
Aravind Govindan, Industry Analyst
8/20/2015
© 2015 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of
Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.
2
Register for this Webcast
2
Live Webcast
Wednesday, August 19, 2015
10:00am EDT/3:00 pm BST
https://www.brighttalk.com/webcast/5566/168271Or
www.frost.com/ab
Introduction to Industrial Cybersecurity
Missing Links in the Industrial Cybersecurity Space
Innovative Technologies
Future of ICS Security
Q & A Session
Agenda
Introduction to Industrial Cybersecurity
Sonia FranciscoSenior Research Analyst, IPC Business Unit
Frost & Sullivan
• Over 41/2 years of experience in market intelligence and consulting• Tracking IoT technologies and applications : In- depth focus on ICS
cybersecurity
What is Today’s Cybersecurity Issue?
Past Future
General Cyber attacks
Directed Cyber attacks
Strategic Cyber attacks
• Less complex• Less Sophisticated
• Fairly complex• Relatively Sophisticated
• Very complex• Highly Sophisticated
Back doors Password
cracking
Password guessing Denial of service
Advanced
scanning
Packet
spoolingBOTS
Malicious codes
Morphing
Present
2020200019901980 2014
The Cyber Threat Evolution
Digital ICS
Aurora
Stuxnet
Duqu, Gauss
Flame
Shamoon
PosedionShellshock, Heartbleed, Energetic bear
Analog ICS
Source: ICS-CERT; Frost & Sullivan
1st Generation Information Security Solutions• Security by prevention• Intense focus on technology &
compliance
2nd Generation Emerging Threats• Short span evolution• Persistent & Long term incubation
period• Structured and organized
How are We Connected?
Secure Firewall
Standard Firewall
Corporate Network
Independent control center
PLC
RTU
SCADA Network
HMI workstation
servers
HTTPS
ICCP
ICCP
DNP
3.0Modbus
DNP
3.0
Typical Industrial Control System Network
Source: Frost & Sullivan
PLCs support the downloading of control logic via their communication ports, opening the doors for remote reprogramming options for the attacker.
Direct attacks on the remote terminal units (RTU) require physical access to the
communications channels.
Data is usually sent through common protocols such as MODBUS and DNP 3, enabling third parties to see the information that is being sent from one device to the next.
Typical SCADA security comprises of common defense mechanisms such as antivirus, firewalls and password protection.
Use of commercially available software with known vulnerabilities
What is New?
Architecture
Complexity
Security
Policy
Interaction
Every point is
vulnerable
Finite ways to
attack
Add on service
Limited
Unlimited
1
2
3
4
Adaptive
systems
Limited
systems
Collaborative
systems
Isolated
systems
Internet of
Things
Integrated
policy
New ecosystem
• Open architecture• Continuous monitoring
• Predictive maintenance• Intelligent decision makers• Advanced visibility
• Limited flexibility and expensive product line changeovers
• The need for complete visibility• Decline of an experienced and capable
workforce
Unmet Needs
The Future Risk Ecosystem
Source: Frost & Sullivan
8
http://twitter.com/frost_sullivan
Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter
http://www.facebook.com/FrostandSullivan
https://www.linkedin.com/groups/Frost-Sullivans-Industrial-Automation-Process-4504480
http://www.slideshare.net/FrostandSullivan
9
For Additional Information
Nikhil Jain
Principal Lead
Measurement and Instrumentation
+91 (44) 6681 4013
Vijay Mathew
Program Manager
Measurement and Instrumentation
+91 (44) 6681 4014
Derek Seckinger
Director Strategic Accounts
Measurement and Instrumentation
+1 (210) 348-1000
Jaylon Brinkley
Corporate Communication Associate
Measurement and Instrumentation
+1 (210) 247-2481