SlideShare ist ein Scribd-Unternehmen logo

Cyber Security

ControlEng
ControlEng

In 2009, Control Engineering released a survey to determine how industrial users perceive threats to their networks, and what steps they’ve taken to defend against cyber attackers. The results then suggested that companies were moving slowly in recognizing threats and preparing defenses, and one out of four industrial users reported that they saw no potential cyber threats that could affect their businesses. Much has happened in that world over the last four years, including Stuxnet and other high-profile disturbances in a variety of industries. So the question is, have those perceptions changed in the face of what seems to be a more threatening landscape? A new cyber security perceptions and practices survey, available now, duplicates many of the questions from 2009, along with a few new ones that have emerged with the evolving picture. Visit www.controleng.com to view this as an "On Demand Webcast," download the slides, and to take the CEU Exam. One (1) RCEP / ACEC Certified Professional Development Hour (PDH) available.

BildungTechnologieBusiness
1 von 29
Cyber Security Sponsored by:
Related information regarding the webcast: •Download slides: http://www.controleng.com/index.php?id=8263 •CEU Exam: http://www.controleng.com/index.php?id=8269 •For more information on Belden: http://www.belden.com •For more information on Honeywell: http://www.Becybersecure.com •For more information on another Control Engineering webcast visit http://www.controleng.com/media-library/webcasts.html
RCEP standards Control Engineering has met the standards and requirements of the Registered Continuing Education Program. Credit earned on completion of this program will be reported to RCEP at RCEP.net. A certificate of completion will be issued to each participant. As such, it does not include content that may be deemed or construed to be an approval or endorsement by RCEP.
Purpose and learning objectives • Examine the 2013 survey results • Discuss the implications of the answers • Compare your own situation • Consider strategies for mitigating threats • Lay out steps for launching a larger defensive program • Questions
• Matt Luallen , Cyber Security Trainer and Consultant, Cybati • Tim Conway, Technical Director, ICS and SCADA, SANS Institute • Peter Welander, Content Manager, Control Engineering, CFE Media Speakers:
2013 Cyber Security Survey
Respondent Profile
9% 10% 11% 6% 4% 3% 4% 25% 10% 17% 2% 0% 5% 10% 15% 20% 25% 30% The top 3 primary industries selected by respondents are: Manufacturing (25%); Other (17%); and Engineering services (11%). Q: What is your organization’s primary industry? (n=322)
Q: What is (are) your roles(s) in the organization? The top 3 organization roles selected by respondents are: Process control engineer (41%); Other (30%); and Production engineering manager (16%). 5% 2% 8% 2% 16% 7% 8% 4% 2% 41% 6% 2% 30% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% (n=321)
Implementation
Q: What level do you perceive the control system cyber security threat to be? 46% of respondents reported the level of control system cyber security threat to be high or severe. 3% of respondents were unsure. Low 12% Moderate 39%High 35% Severe 11% Don't know 3% (n=317)
Q: What potential system-components are you most concerned with? 24% percent of respondents reported computer assets are a potential system-components concern, while 15% reported network devices are a concern. 24% 15% 13% 12% 12% 9% 8% 6% 1% Computer assets (HMI, server, workstations) running commercial operating systems (Windows, Unix, Linux) Network devices (firewall, switches, routers, gateways) Wireless communication devices and protocols used in the automation system Connections to other internal systems (office networks) Embedded controllers and other components such as PLCs (program logic controllers), IED (intelligent electronic devices) Control system communication protocols used (Modbus, DNP3, Profibus, Fieldbus, TCP/IP) Control system applications Connections to the field SCADA network Other (n=319)
Q: When is the last time your organization performed any type of vulnerability assessment? 58% of respondents reported their organization has performed a vulnerability assessment within the year or sooner, while 27% reported they have never performed an assessment. Within past 6 months 30% Within past year 28% Within past 18 months 4% Within past 2 years 11% Never 27% (n=316)
Q: Have your control system cyber assets and/or control system network ever been infected or infiltrated in the last 12 months? 81% percent of respondents reported their organization has not had an infection or infiltration to their control system cyber assets or network within the past 12 months. No, 81% Yes, 19% (n=318)
Q: Does your organization have an operating computer emergency response team to detect cyber security breach attempts and successful cyber security breaches? Over half (55%) of respondents reported their organization has an operating computer emergency response team. Yes, 55% No, 45% (n=318)
Q: Does your organization have an operating operational response team to respond to any type of security/breach incident? 59% of respondents reported their organization has an operating operational response team. Yes, 59% No, 41% (n=312)
Q: Does your organization currently have the capability of performing vulnerability assessments in house without using any external assistance? Over half (54%) of respondents reported their organization has the capabilities of performing vulnerability assessments without external assistance. Yes , 54% No, 46% (n=314)
Q: Has your organization implemented a cyber change control process that is able to prevent unauthorized and potentially vulnerable cyber changes from taking place on your control system? 53% percent of respondents reported their organization has implemented a cyber change control process. Yes, 53% No, 47% (n=309)
Q: Does your organization allow access to control system networks from smartphones and/or tablets (e.g. iPads)? Three-fourths (75%) of respondents reported their organization does not allow access to control system networks from smartphones and/or tablets. No, 75% Yes, 25% (n=312)
Q: Is your organization involved in an industry where you are compelled to implement specific information control system protections for control system cyber assets? Over half of respondents (53%) reported their organization is not involved in an industry compelled to implement specific information control system protections. No, 53% Yes, 47% (n=312)
Q: Does your organization have an accurate and complete inventory of all information systems that reside and operate on your control network? 68%of respondents reported their organization has an accurate and complete inventory of all information systems on their control network. Yes, 68% No, 32% (n=314)
Q: Does your organization protect the logical configurations of all control system devices(e.g. PLCs, PACs, MTUs, RTUs)? About two-thirds of respondents reported their organization protects the logical configurations of control system devices. Yes, 67% No, 33% (n=313)
Q: Has your organization performed an internal spear phishing campaign? 70% of respondents reported their organization has not implemented a spear phishing campaign. No, 70% Yes, 30% (n=308)
Submitting Questions, Exit Survey and Archive Question? Type your question in the “Questions & Answers” box on the Webcast console and click “Send.” We will get to as many questions as we have time for. Exit Survey: Please take a moment to answer a few questions on our exit survey that should pop up on your screen. We use the answers to help make improvements to our webcast program. Archive: • Within 7 days, an archive with Q&A will be posted • We will send an email to registered attendees with hyperlink • Can also access from www.controleng.com home page
• Matt Luallen , Cyber Security Trainer and Consultant, Cybati • Tim Conway, Technical Director, ICS and SCADA, SANS Institute • Peter Welander, Content Manager, Control Engineering, CFE Media Speakers:
Today’s Webcast Sponsors
Cyber Security Sponsored by:

Empfohlen

Presentation ferrari
Presentation ferrariPresentation ferrari
Presentation ferrariling_tum
 
Vitisens EU FP7 Project
Vitisens EU FP7 ProjectVitisens EU FP7 Project
Vitisens EU FP7 ProjectCRIC - Centre de Recerca i Innovació de Catalunya
 
Musik fighters i
Musik fighters iMusik fighters i
Musik fighters iInfernosh0ckStudios-g-flow
 
The Building Blocks of Manufacturing Excellence
The Building Blocks of Manufacturing ExcellenceThe Building Blocks of Manufacturing Excellence
The Building Blocks of Manufacturing ExcellenceControlEng
 
Creating an Integrated Marketing Campaign for Impact and Results
Creating an Integrated Marketing Campaign for Impact and ResultsCreating an Integrated Marketing Campaign for Impact and Results
Creating an Integrated Marketing Campaign for Impact and ResultsControlEng
 
Apex 2012 2013
Apex 2012 2013Apex 2012 2013
Apex 2012 2013waffles_101
 
Energy in Factory Automation and the Role of Industrial Networks
Energy in Factory Automation and the Role of Industrial Networks Energy in Factory Automation and the Role of Industrial Networks
Energy in Factory Automation and the Role of Industrial Networks ControlEng
 
Industrial Automation and Modern Connectivity
Industrial Automation and Modern ConnectivityIndustrial Automation and Modern Connectivity
Industrial Automation and Modern ConnectivityControlEng
 

Empfohlen

Presentation ferrari
Presentation ferrariPresentation ferrari
Presentation ferrariling_tum
 
Vitisens EU FP7 Project
Vitisens EU FP7 ProjectVitisens EU FP7 Project
Vitisens EU FP7 ProjectCRIC - Centre de Recerca i Innovació de Catalunya
 
Musik fighters i
Musik fighters iMusik fighters i
Musik fighters iInfernosh0ckStudios-g-flow
 
The Building Blocks of Manufacturing Excellence
The Building Blocks of Manufacturing ExcellenceThe Building Blocks of Manufacturing Excellence
The Building Blocks of Manufacturing ExcellenceControlEng
 
Creating an Integrated Marketing Campaign for Impact and Results
Creating an Integrated Marketing Campaign for Impact and ResultsCreating an Integrated Marketing Campaign for Impact and Results
Creating an Integrated Marketing Campaign for Impact and ResultsControlEng
 
Apex 2012 2013
Apex 2012 2013Apex 2012 2013
Apex 2012 2013waffles_101
 
Energy in Factory Automation and the Role of Industrial Networks
Energy in Factory Automation and the Role of Industrial Networks Energy in Factory Automation and the Role of Industrial Networks
Energy in Factory Automation and the Role of Industrial Networks ControlEng
 
Industrial Automation and Modern Connectivity
Industrial Automation and Modern ConnectivityIndustrial Automation and Modern Connectivity
Industrial Automation and Modern ConnectivityControlEng
 
Gumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUPGumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUPPrzemyslaw Gumienny
 
Wireless Mobility
Wireless MobilityWireless Mobility
Wireless MobilityControlEng
 
Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...ControlEng
 
중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원Eva Yoo
 
Instructivo instructivo 2013
Instructivo instructivo 2013Instructivo instructivo 2013
Instructivo instructivo 2013MundoImpositivo
 
State of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies SucceedState of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies SucceedControlEng
 
Presentation1
Presentation1Presentation1
Presentation1Andy Mac
 
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...ControlEng
 
Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2ControlEng
 
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...ControlEng
 
How to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing ProgramHow to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing ProgramControlEng
 
Industrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial MarketplaceIndustrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial MarketplaceControlEng
 
Cdd main
Cdd mainCdd main
Cdd mainDebashish Shuvra
 
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In ChinaEva Yoo
 
Selecting and Working with a Systems Integrator
Selecting and Working with a Systems IntegratorSelecting and Working with a Systems Integrator
Selecting and Working with a Systems IntegratorControlEng
 
Digital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteDigital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteControlEng
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

Weitere ähnliche Inhalte

Andere mochten auch

Gumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUPGumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUPPrzemyslaw Gumienny
 
Wireless Mobility
Wireless MobilityWireless Mobility
Wireless MobilityControlEng
 
Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...ControlEng
 
중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원Eva Yoo
 
Instructivo instructivo 2013
Instructivo instructivo 2013Instructivo instructivo 2013
Instructivo instructivo 2013MundoImpositivo
 
State of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies SucceedState of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies SucceedControlEng
 
Presentation1
Presentation1Presentation1
Presentation1Andy Mac
 
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...ControlEng
 
Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2ControlEng
 
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...ControlEng
 
How to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing ProgramHow to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing ProgramControlEng
 
Industrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial MarketplaceIndustrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial MarketplaceControlEng
 
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In ChinaEva Yoo
 
Selecting and Working with a Systems Integrator
Selecting and Working with a Systems IntegratorSelecting and Working with a Systems Integrator
Selecting and Working with a Systems IntegratorControlEng
 
Digital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteDigital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteControlEng
 

Andere mochten auch (16)

Gumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUPGumienny Przemysław T-5 SpaceUP
Gumienny Przemysław T-5 SpaceUP
 
Wireless Mobility
Wireless MobilityWireless Mobility
Wireless Mobility
 
Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...Integrating the Marketing and Engineering Points of View in Marketing Communi...
Integrating the Marketing and Engineering Points of View in Marketing Communi...
 
중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원중국에서 스타트업하는 육하원칙 꿀팁 유채원
중국에서 스타트업하는 육하원칙 꿀팁 유채원
 
Instructivo instructivo 2013
Instructivo instructivo 2013Instructivo instructivo 2013
Instructivo instructivo 2013
 
State of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies SucceedState of the Industry Update and How Thriving Companies Succeed
State of the Industry Update and How Thriving Companies Succeed
 
Presentation1
Presentation1Presentation1
Presentation1
 
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
Were we Just Hacked? Applying Digital Forensic Techniques for your Industrial...
 
Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2Social Media in the B-to-B World, Part 2
Social Media in the B-to-B World, Part 2
 
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
Marketing New Product Introductions in Mobility & SaaS: Ideation to Marketing...
 
How to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing ProgramHow to Run a Successful Integrated Marketing Program
How to Run a Successful Integrated Marketing Program
 
Industrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial MarketplaceIndustrial Branding: The Lost Art in the Industrial Marketplace
Industrial Branding: The Lost Art in the Industrial Marketplace
 
Cdd main
Cdd mainCdd main
Cdd main
 
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
중국 오투오 서비스 현황 및 트렌드 유채원 O2O Service Trend In China
 
Selecting and Working with a Systems Integrator
Selecting and Working with a Systems IntegratorSelecting and Working with a Systems Integrator
Selecting and Working with a Systems Integrator
 
Digital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation InstituteDigital Manufacturing and Design Innovation Institute
Digital Manufacturing and Design Innovation Institute
 

Kürzlich hochgeladen

ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 

Kürzlich hochgeladen (20)

ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 

Cyber Security

  • 2. Related information regarding the webcast: •Download slides: http://www.controleng.com/index.php?id=8263 •CEU Exam: http://www.controleng.com/index.php?id=8269 •For more information on Belden: http://www.belden.com •For more information on Honeywell: http://www.Becybersecure.com •For more information on another Control Engineering webcast visit http://www.controleng.com/media-library/webcasts.html
  • 3. RCEP standards Control Engineering has met the standards and requirements of the Registered Continuing Education Program. Credit earned on completion of this program will be reported to RCEP at RCEP.net. A certificate of completion will be issued to each participant. As such, it does not include content that may be deemed or construed to be an approval or endorsement by RCEP.
  • 4.
  • 5.
  • 6. Purpose and learning objectives • Examine the 2013 survey results • Discuss the implications of the answers • Compare your own situation • Consider strategies for mitigating threats • Lay out steps for launching a larger defensive program • Questions
  • 7. • Matt Luallen , Cyber Security Trainer and Consultant, Cybati • Tim Conway, Technical Director, ICS and SCADA, SANS Institute • Peter Welander, Content Manager, Control Engineering, CFE Media Speakers:
  • 10. 9% 10% 11% 6% 4% 3% 4% 25% 10% 17% 2% 0% 5% 10% 15% 20% 25% 30% The top 3 primary industries selected by respondents are: Manufacturing (25%); Other (17%); and Engineering services (11%). Q: What is your organization’s primary industry? (n=322)
  • 11. Q: What is (are) your roles(s) in the organization? The top 3 organization roles selected by respondents are: Process control engineer (41%); Other (30%); and Production engineering manager (16%). 5% 2% 8% 2% 16% 7% 8% 4% 2% 41% 6% 2% 30% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% (n=321)
  • 13. Q: What level do you perceive the control system cyber security threat to be? 46% of respondents reported the level of control system cyber security threat to be high or severe. 3% of respondents were unsure. Low 12% Moderate 39%High 35% Severe 11% Don't know 3% (n=317)
  • 14. Q: What potential system-components are you most concerned with? 24% percent of respondents reported computer assets are a potential system-components concern, while 15% reported network devices are a concern. 24% 15% 13% 12% 12% 9% 8% 6% 1% Computer assets (HMI, server, workstations) running commercial operating systems (Windows, Unix, Linux) Network devices (firewall, switches, routers, gateways) Wireless communication devices and protocols used in the automation system Connections to other internal systems (office networks) Embedded controllers and other components such as PLCs (program logic controllers), IED (intelligent electronic devices) Control system communication protocols used (Modbus, DNP3, Profibus, Fieldbus, TCP/IP) Control system applications Connections to the field SCADA network Other (n=319)
  • 15. Q: When is the last time your organization performed any type of vulnerability assessment? 58% of respondents reported their organization has performed a vulnerability assessment within the year or sooner, while 27% reported they have never performed an assessment. Within past 6 months 30% Within past year 28% Within past 18 months 4% Within past 2 years 11% Never 27% (n=316)
  • 16. Q: Have your control system cyber assets and/or control system network ever been infected or infiltrated in the last 12 months? 81% percent of respondents reported their organization has not had an infection or infiltration to their control system cyber assets or network within the past 12 months. No, 81% Yes, 19% (n=318)
  • 17. Q: Does your organization have an operating computer emergency response team to detect cyber security breach attempts and successful cyber security breaches? Over half (55%) of respondents reported their organization has an operating computer emergency response team. Yes, 55% No, 45% (n=318)
  • 18. Q: Does your organization have an operating operational response team to respond to any type of security/breach incident? 59% of respondents reported their organization has an operating operational response team. Yes, 59% No, 41% (n=312)
  • 19. Q: Does your organization currently have the capability of performing vulnerability assessments in house without using any external assistance? Over half (54%) of respondents reported their organization has the capabilities of performing vulnerability assessments without external assistance. Yes , 54% No, 46% (n=314)
  • 20. Q: Has your organization implemented a cyber change control process that is able to prevent unauthorized and potentially vulnerable cyber changes from taking place on your control system? 53% percent of respondents reported their organization has implemented a cyber change control process. Yes, 53% No, 47% (n=309)
  • 21. Q: Does your organization allow access to control system networks from smartphones and/or tablets (e.g. iPads)? Three-fourths (75%) of respondents reported their organization does not allow access to control system networks from smartphones and/or tablets. No, 75% Yes, 25% (n=312)
  • 22. Q: Is your organization involved in an industry where you are compelled to implement specific information control system protections for control system cyber assets? Over half of respondents (53%) reported their organization is not involved in an industry compelled to implement specific information control system protections. No, 53% Yes, 47% (n=312)
  • 23. Q: Does your organization have an accurate and complete inventory of all information systems that reside and operate on your control network? 68%of respondents reported their organization has an accurate and complete inventory of all information systems on their control network. Yes, 68% No, 32% (n=314)
  • 24. Q: Does your organization protect the logical configurations of all control system devices(e.g. PLCs, PACs, MTUs, RTUs)? About two-thirds of respondents reported their organization protects the logical configurations of control system devices. Yes, 67% No, 33% (n=313)
  • 25. Q: Has your organization performed an internal spear phishing campaign? 70% of respondents reported their organization has not implemented a spear phishing campaign. No, 70% Yes, 30% (n=308)
  • 26. Submitting Questions, Exit Survey and Archive Question? Type your question in the “Questions & Answers” box on the Webcast console and click “Send.” We will get to as many questions as we have time for. Exit Survey: Please take a moment to answer a few questions on our exit survey that should pop up on your screen. We use the answers to help make improvements to our webcast program. Archive: • Within 7 days, an archive with Q&A will be posted • We will send an email to registered attendees with hyperlink • Can also access from www.controleng.com home page
  • 27. • Matt Luallen , Cyber Security Trainer and Consultant, Cybati • Tim Conway, Technical Director, ICS and SCADA, SANS Institute • Peter Welander, Content Manager, Control Engineering, CFE Media Speakers:

Hinweis der Redaktion

  1. To access the presentation slides, or to learn more about our sponsors, use the “links” option at the top of your screen. From this option, you can download the presentation, or visit our webcast sponsor, at any time. The Links tab also has information on how to get your certificate of completion. If you’re watching the presentation from the archive, you’ll see that the instructions are a little different. Simply click “Meeting Links” on your console.   There will be a Q&A session after the presentations. You can use the question box to type questions to speakers during their presentations and we’ll answer as many as possible later in the broadcast.  This webcast is being recorded, including the Q&A session. We’ll post the archive on the Control Engineering Website in a few days, and send you an email message with a link connecting directly to it. We are offering a professional development hour (PDH) for attending today’s event. Please fill out the evaluation form at the end of the event and once you click submit, you will be lead to a page where you can download your PDH certificate. If you are having technical problems with audio or the slides, click the Help button to bring up a list of system checks you should try before escalating to an online technician. If you need a technician, type a message into the question box and one will get to you as quickly as possible.
  2. Control Engineering has met the standards and requirements of the Registered Continuing Education Program. Credit earned on completion of this program will be reported to RCEP at RCEP.net. A certificate of completion will be available for each participant to download upon completion of an evaluation at the end of the presentation.As such, it does not include content that may be deemed or construed to be an approval or endorsement by RCEP.
  3. Belden
  4. Thank you to today’s webcast sponsors; Belden and Honeywell