Post on 30-Aug-2020
Managing and Maintaining Implemented Security Measures
is Critical when Building a Cyber Defense Program Harry Brian and Florian Forster
Manufacturing in America │ March 20-21, 2019
Unrestricted © Siemens 2019
Unrestricted
for
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Challenges for our Customers Productivity, Cost Pressure and Regulations
Protect Productivity
Reduce cost
Comply to regulations
• Externally caused incidents
through increasing connectivity
• Internal misbehavior
• The evolving Threat Landscape
• For qualified personnel
• For essential Security
Technologies
• Reporting Requirements
• Minimum Standards
• Security Know-how
Protect
against
Costs
Comply
to
Page 2 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
The ever-changing threat landscape
Cybersecurity laws and
Regulations Internet of
Things
Professional
Hackers Vulnerabilities
§
§ §
§
Page 3 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Evolution of the cyber threat landscape
Digital Information Processing Digital Connectivity Digital Automation and Intelligence
1950s – 1960s 1980s 2015 1999 2010s 1970s 1991 1990s 2020s 2000s
Home computer is introduced
Computers make their way
into schools, homes, business
and industry
Digital enhancement of
electrification and automation
The World Wide Web becomes
publicly accessible
The globe is connected
by the internet
Mobile flexibility
Cloud computing enters the
mainstream
Internet of Things, Smart
and autonomous systems,
Artificial Intelligence, Big Data
Industry 4.0
Military, governments and other
organizations implement
computer systems
AOHell
Cryptovirology
Level Seven Crew hack
Denial of service attacks
Cloudbleed
sl1nk SCADA hacks Infineon/TPM
Meltdown/Spectre
AT&T Hack
Blue Boxing
Morris Worm Phishing Targeting Critical
Infrastructure
NotPetya
Industroyer/Chrashoverride
WannaCry Cyberwar
Stuxnet
The threat landscape keeps growing and
changing and attackers are targeting industrial
and critical infrastructures
Page 4 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Challenges are similar but reality is very different in IT and Industrial
(OT) Security
IT Security Industrial Security
3-5 years
Forced migration (e.g. PCs, smart phone)
High (> 10 “agents” on office PCs)
Low (~2 generations, Windows 7 and 10)
Standards based (agents & forced patching)
20-40 years
Usage as long as spare parts available
Low (old systems w/o “free” resources)
High (from Windows 95 up to 10)
Case and risk based
Asset lifecycle
Software lifecycle
Options to add security SW
Mix of Operating Systems
Main protection concept
Page 5 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Conventional malware/virus outbreaks
Ransomware attacks
Data leaks & spying
Hardware failure
Sabotage from internal or external actors
Employee errors/unintentional actions
Connected devices security incidents
Industrial software errors
Threats from third parties, such as supply chain or partners
Challenges and drivers Most critical threats to Industrial Control systems
Operating systems
End of Support1
Windows NT 4.0 30. June 2004
Windows XP 08. April 2014
Windows 7 14. January 2020
Windows 10 14. October 2025
Page 6 V4.0
1 Source © Microsoft
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Solutions Mitigating Industrial Control System Threats
Page 7 V4.0
Assess Implement Manage
Evaluation of the current security
status of an ICS environment
Risk mitigation through
implementation of
security measures
Comprehensive security through
monitoring and vulnerability
management
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Solutions Mitigating Industrial Control System Threats
Page 8 V4.0
Assess Implement Manage
Gain transparency of current threats/vulnerabilities
Check against the best security standards
Prioritize suitable security measures
Inventory the assets and software versions used in automation environment
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Solutions Mitigating Industrial Control System Threats
Page 9 V4.0
Assess Implement Manage
Security Awareness Training
• Create security awareness to shop-floor personnel
Automation Perimeter Firewalls
• First line of defense against highly developed threats
Application Whitelisting
• Protection of outdated Windows systems – no need for pattern or signature updates
Antivirus
• Protection against viruses, worms, rootkits, trojans and other malware threats
Anomaly Detection
• Continuous & proactive identification of changes (anomalies) in the system
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Solutions Mitigating Industrial Control System Threats
Page 10 V4.0
Assess Implement Manage
Vulnerability Tracking
• Efficiently manage vulnerabilities to maximize production availability
Patch Management
• Regular and prompt installation of approved security patches are a vital element of a
comprehensive security concept
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Assess Security
Evaluation of the current security
status of an ICS environment
Implement Security
Risk mitigation through
implementation of
security measures
Manage Security
Comprehensive security through
monitoring and vulnerability
management
Page 11 V4.0
Industrial Security Services Solution portfolio
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Industrial Security Services Solution portfolio
• Industrial Security Monitoring
• Industrial Vulnerability Manager
• Patch Management
• Remote Incident Handling
• Security Awareness Training
• Industrial Security Consulting
• Automation Firewall
• Application Whitelisting
• Antivirus
• Industrial Anomaly Detection
• Industrial Security Monitoring
Solution
• Industrial Security Check
• IEC 62443 Assessment
• ISO 27001 Assessment
• Risk & Vulnerability Assessment
• Scanning Services
Page 12 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
For our Customers
Siemens …
We offer a complete portfolio of Industrial Security products and services
Our processes and products are proven and certified
… is the partner to drive secure Digitalization
We understand
Digitalization
We have industry Know-how
We understand Industrial Communication
Digitalization without security is not possible!
Page 13 V4.0
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Questions?
Harry Brian
Business Development, Industrial Security Services
Johnson City, TN
Phone: 423-213-0577
E-mail: harry.brian@siemens.com
Florian Forster
Business Development & Regional Management, Industrial
Security Services
Erlangen, DE
Phone: +49 172 5809072
E-mail: florianmichael.forster@siemens.com
Unrestricted © Siemens 2019 All rights reserved. Community. Collaboration. Innovation.
Security Information
Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems,
machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously
maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a
concept.
Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and
components should only be connected to the enterprise network or the internet if and to the extent necessary and with
appropriate security measures (e.g. use of firewalls and network segmentation) in place.
Additionally, Siemens’ guidance on appropriate security measures should be taken into account. For more information about
industrial security, please visit http://www.siemens.com/industrialsecurity.
Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to
apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no
longer supported, and failure to apply latest updates may increase customer’s exposure to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under
http://www.siemens.com/industrialsecurity.
Page 15 V4.0