verticale

Sicurezza IT anche nel processo di digitalizzazione industriale

(in lingua inglese)

- IT & OT Convergence
- ICS Overview
- ICS design and engineeringm

Scarica il PDF Scarica il PDF
Aggiungi ai preferiti Aggiungi ai preferiti


Atti di convegni o presentazioni contenenti case history
mcT Cyber Security novembre 2017 Cyber Security per i sistemi ICS - Industrial Control System

Pubblicato
da Benedetta Rampini
mcT Cyber Security 2017Segui aziendaSegui




Settori: 

Parole chiave: 


Estratto del testo
Milano, 30 novembre 2017 Gli atti dei convegni e più di 8.000 contenuti su www.verticale.net Cyber Security Alimentare Petrolchimico Petr giovedì 14 dicembre 2017 giovedì 14 dicembre 201 Security in the
industrial digitalisation
process
Luca Mazzocchi BIO: ICT Security Lead in Saipem Spa since
2010 with responsibilities for two
main security functions for the
company.
The first is overseeing the security
operations of the enterprise's
solutions through the management of
the security infrastructure. The
second is establishing an enterprise
security stance through standards,
architecture and the implementation
of all increasingly modern, security
solutions. Secondary tasks include the
design and selection of appropriate
solutions.
Saipem ICT Security REVENUES § 2016 ' 9.9 B' § 2017 guidance ' 9.5 B' § THE COMPANY § Operating in more than 60 countries § ~ 37,000 employees from ~ 120 nationalities § More than 20 engineering and project execution centres worldwide § 9 fabrication yards on 5 continents Saipem is one of the world leaders in drilling services, as well as in the engineering,
procurement, construction and installation of pipelines and complex projects, onshore and
offshore, in the oil & gas market. The company has distinctive competences in operations in
harsh environments, remote areas and deepwater. Saipem provides a full range of services with
'EPC' and 'EPCI' contracts (on a 'turn-key' basis) and has distinctive capabilities and unique
assets with a high technological content.
Our Numbers SAIPEM TODAY: THE COMPANY SAIPEM
IT figures
5 giovedì 14 dicembre 2017 IT & OT Convergence IT OT Networks Control Systems SCADA Software Remote Industrial Hardware Machinery PLCs HMIs Equipment & Asset Cloud Infrastructure Monitoring Systems Switch Storage Business Application Two worlds converging in an Industrial Environment SIEM Data & Database 6 giovedì 14 dicembre 2017 ICS Overview
What are Industrial Control Systems'
WHICH ARE USED IN MANY INDUSTRIES TO CONTROL MANY PROCESSES PETROCHEMICALS ENERGY TRANSPORTATION MANUFACTURING PORTAUTOMATION FOOD & BEVERAGE MANUFACTURING POWER
GENERATION AND
TRANSMISSION
PHARMACEUTICAL
MANUFACTURING
OIL EXPLORATION
AND PRODUCTION
LOSS OF CAPITAL INVESTMENT OPERATIONAL STOP DECREASED PRODUCTION CAPACITY LOSS OF COMPETITIVE EDGE DAMAGE TO SYSTEMS AND REPUTATION PLC HMI DCS SCADA CYBER ATTACK RISKS 7 giovedì 14 dicembre 2017 ICS design and engineering
Saipem (IT) Security approach
01
02
04 05 ASSESSMENT MARKET ANALYSIS TECHNOLOGY SCOUTING PROOF OF VALUE 03 SELECTION CRITERIA Benchmarking of the solutions Definition of the metrics for the creation of the evaluation scorecard Search the market for key vendors Outlining of the SAIPEM Use Case Identification of findings 8 giovedì 14 dicembre 2017 ICS design and engineering
Industrial risks evaluation
01 ASSESSMENT Key Findings: § Operational technology (OT) systems are not always designed with cybersecurity in mind and can be vulnerable to disruption. § Addressing OT security is being supported by an alignment of IT and OT culture and organization. § OT security products have evolved from both IT security and OT reliability requirements to provide resilient OT protection and safety. § Existing IT security products will not meet all requirements of OT security use cases, especial y around "safety" mandates. 9 giovedì 14 dicembre 2017 ICS design and engineering
OT Market Guide
02 ASSESSMENT MARKET ANALYSIS Starting from the Gartner* Market Guide the OT global market vendors have been analyzed. Offering: § Select OT security products via a formal assessment that addresses reliability and safety concerns of OT production and operations. § Establish OT security governance, strategy and management via a combined IT/OT security practice that can evaluate and manage both IT and OT security products. § Focus on key areas of OT security, such as network segmentation, access management, and anomaly detection and response. § Ensure OT engineers participate in OT security policy development and requirements setting. § Include training programs for IT security team members in OT skil s. 10 giovedì 14 dicembre 2017 ICS design and engineering
Vendor selection criteria
03 SELECTION CRITERIA The category includes any capability that detects anomalies, threats or incidents providing functions to permit response to them. Other names in this category include threat intel igence, anomaly detection, breach detection and incident response. General features Solution Deployment Type Installation Requirements Network Requirements Network Requirements Security & Visibility Anomaly Detection Techniques Supported
/Inspected
ICS Protocols Supported ICS equipment Detect deviations from standard ICS behavior Inspected Network Protocols Custom Protocol Support Custom Alert Rules Alerting Asset Inventory Network Map Network Customi zation Networ k map Export Detection of cyclic variables Tuning of the standard behaviour Portscan and Man-in-the- Middle detection 0-day Exploitation Detection Visual Analytics
Dashboar
d Forensic s Built-in advanced threat detection Management Administrative GUI Central Management Console Access Management Control Dashboard Software Update Configuration export Alert customizatio n Health diagnostics Technical Support Technical Support Types Service Levels Time and Location Logging, Monitoring & Reporting Security Events Logging Audit Events Logging Log Export Custom Reporting Report Exporting Central Reporting Event Aggregation Custom log export rules Integration Authentication and Authorization Integration Firewall Integration SIEM (Security Information and Event Management) Integration Configuration update pushed by third parties Scorecard Monitoring & Response solutions 11 giovedì 14 dicembre 2017 ICS design and engineering
Benchmark
04 TECHNOLOGY SCOUTING An European presence Generic purpose solution, not developed for a specific industrial field No agent-based solution Anomaly detection and passive-mode solution LOCALIZATION FEATURES PURPOSE AGEN T 12 giovedì 14 dicembre 2017 ICS design and engineering
Saipem use case
PROOF OF VALUE 05 Learning Phase: § Understand the ICS application level
§ Machine learning engine builds a behavior baseline Detection Phase: § Misconfiguration on ICS devices
§ Zero day vulnerabilities (ICS Cert)
§ Standard, complex and specific attacks
§ Reconstruct entirely the network schema in a passive, recognizing the role of each components 13 giovedì 14 dicembre 2017 ... Thank you


© Eiom - All rights Reserved     P.IVA 00850640186