SlideShare ist ein Scribd-Unternehmen logo

RCMP 2010

Als PPT, PDF herunterladen
I
infracritical

Provided a demonstration about current information sharing and collaboration issues within the SCADA/control systems community, and some of the challenges (and advantages) encountered since its inception back in 2008.

1 von 21
Insight into the SCADASEC Community: Tales from the Trenches Royal Canadian Mounted Police / Public Safety / Emergency Management Protecting Canada's Critical Infrastructure 2010 Control Systems Security Workshop Thursday, April 15, 2010 Bob Radvanovsky, CIFI, CISM, CIPS [email_address] Creative Commons License v3.0.
What is Infracritical? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What is the SCADASEC mailing list? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What is the Mission of the SCADASEC mailing list? ,[object Object],[object Object],[object Object],[object Object],1. Discussions on SCADASEC have led to “Zero Day” vulnerabilities found in several ICS architectures.
SCADASEC as an Intelligence Resource ,[object Object],[object Object],[object Object],[object Object],[object Object]
Search Engine Capabilities of the SCADASEC list ,[object Object],[object Object]
The example here is searching based on the keyword “brazil”; there were heated debates about the recent Brazilian power outage in late 2009
[object Object],[object Object],[object Object],[object Object],Challenges Encountered on the SCADASEC List
[object Object],[object Object],[object Object],[object Object],[object Object],Policies of the SCADASEC list
[object Object],[object Object],[object Object],[object Object],[object Object],SCADSEC is Non-Commercial
[object Object],[object Object],[object Object],[object Object],SCADASEC is Non-Classified
[object Object],[object Object],[object Object],[object Object],[object Object],SCADASEC is Neutral and Unbiased
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],SCADASEC is International
Accurate statistics available to general public; information is shown in graphical format only – no specific datapoints http://news.infracritical.com/xmlstats.php?s=scadasec (2) 2. http://news.infracritical.com/xmlstats.php?s=scadasec&m=12&y=09 returns info for December 2009.
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Some Interesting Statistics about SCADASEC
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Some Interesting Statistics About SCADASEC
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],How does SCADASEC relate to/with CIP (3) ? 3. http://books.google.com/books?id=oPi2SNHhowcC&printsec=frontcover&dq=radvanovsky&ie=ISO-8859-1&cd=4#v=onepage&q=&f=false.
[object Object],[object Object],[object Object],[object Object],[object Object],Are there any Issues with SCADASEC and CIP? 4. http://books.google.com/books?id=oPi2SNHhowcC&printsec=frontcover&dq=radvanovsky&ie=ISO-8859-1&cd=4#v=onepage&q=&f=false.
[object Object],[object Object],[object Object],[object Object],[object Object],Are there other Challenges with SCADASEC?
Photos of Infracritical’s Data Center Second server from bottom houses SCADASEC, along with 12 other mailing lists, both publicly and privately operated. Infracritical’s data center consists of legacy equipment that was donated; approx. 30 servers active at any time.
Questions? Bob Radvanovsky, (630) 673-7740 [email_address] A copy of this presentation may be found at our web site: http://www.infracritical.com/papers/scadasec-2010.zip Creative Commons License v3.0.

Empfohlen

Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Digital Transformation EXPO Event Series
 
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...Mighty Guides, Inc.
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramNetIQ
 
NIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross ReferenceNIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross ReferenceJim Meyer
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Vasu S
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornEric Andresen
 

Empfohlen

Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Digital Transformation EXPO Event Series
 
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...Mighty Guides, Inc.
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramNetIQ
 
NIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross ReferenceNIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross ReferenceJim Meyer
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Vasu S
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornEric Andresen
 
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Software
 
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115A Krista Kivisild
 
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityNIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityDavid Sweigert
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAmazon Web Services
 
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Luca Moroni ✔✔
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of ThingsThe Security of Things Forum
 
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumUpdate on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumCASCouncil
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityMighty Guides, Inc.
 
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatwww_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatAnthony Heywood
 
Securing the Fog
Securing the FogSecuring the Fog
Securing the FogThe Security of Things Forum
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Government Technology and Services Coalition
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International StandardizationKris Kimmerle
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsGovernment Technology and Services Coalition
 
About Infracritical
About InfracriticalAbout Infracritical
About Infracriticalinfracritical
 
American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009infracritical
 

Weitere ähnliche Inhalte

Was ist angesagt?

IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Software
 
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115A Krista Kivisild
 
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityNIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityDavid Sweigert
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAmazon Web Services
 
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Luca Moroni ✔✔
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumUpdate on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumCASCouncil
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityMighty Guides, Inc.
 
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatwww_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatAnthony Heywood
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International StandardizationKris Kimmerle
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 

Was ist angesagt? (20)

IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
 
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
Cybersecurity-for-Industrial-Control-Systems_joa_Eng_0115
 
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityNIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWS
 
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
Cyber Security Awareness of Critical Infrastructures in North East of Italy S...
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certification
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumUpdate on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser Forum
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
 
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatwww_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that
 
Securing the Fog
Securing the FogSecuring the Fog
Securing the Fog
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International Standardization
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber Resiliency
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government Contractors
 

Andere mochten auch

American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009infracritical
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging ChallengesAaron Irizarry
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 

Andere mochten auch (7)

About Infracritical
About InfracriticalAbout Infracritical
About Infracritical
 
American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009American Bar Assoc. ISC 2009
American Bar Assoc. ISC 2009
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging Challenges
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with Data
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your Niche
 

Ähnlich wie RCMP 2010

Safety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTSafety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTIoT613
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Great Wide Open
 
Staying Ahead of the Race - Quantum computing in Cybersecurity
Staying Ahead of the Race - Quantum computing in Cybersecurity Staying Ahead of the Race - Quantum computing in Cybersecurity
Staying Ahead of the Race - Quantum computing in Cybersecurity Lilminow
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
 
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteNavigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteLivingstone Advisory
 
1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdfChunLei(peter) Che
 
EuroCACS 2016 There are giants in the sky
EuroCACS 2016 There are giants in the skyEuroCACS 2016 There are giants in the sky
EuroCACS 2016 There are giants in the skyCarlos Chalico
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Claroty Award Write Up
Claroty Award Write UpClaroty Award Write Up
Claroty Award Write UpAna Arriaga
 
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksMighty Guides, Inc.
 
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...Minimizing Compliance Resistance to Digital Transformation --- Design for reg...
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...VMware Tanzu
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)Gerardo Pardo-Castellote
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecurityAndy Bochman
 

Ähnlich wie RCMP 2010 (20)

Safety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTSafety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoT
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
 
Staying Ahead of the Race - Quantum computing in Cybersecurity
Staying Ahead of the Race - Quantum computing in Cybersecurity Staying Ahead of the Race - Quantum computing in Cybersecurity
Staying Ahead of the Race - Quantum computing in Cybersecurity
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
 
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteNavigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
 
1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf1.1 Data Security Presentation.pdf
1.1 Data Security Presentation.pdf
 
EuroCACS 2016 There are giants in the sky
EuroCACS 2016 There are giants in the skyEuroCACS 2016 There are giants in the sky
EuroCACS 2016 There are giants in the sky
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
 
Claroty Award Write Up
Claroty Award Write UpClaroty Award Write Up
Claroty Award Write Up
 
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
 
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...Minimizing Compliance Resistance to Digital Transformation --- Design for reg...
Minimizing Compliance Resistance to Digital Transformation --- Design for reg...
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summary
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
 
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
 
Vol12_No2
Vol12_No2Vol12_No2
Vol12_No2
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems Security
 

RCMP 2010

  • 1. Insight into the SCADASEC Community: Tales from the Trenches Royal Canadian Mounted Police / Public Safety / Emergency Management Protecting Canada's Critical Infrastructure 2010 Control Systems Security Workshop Thursday, April 15, 2010 Bob Radvanovsky, CIFI, CISM, CIPS [email_address] Creative Commons License v3.0.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7. The example here is searching based on the keyword “brazil”; there were heated debates about the recent Brazilian power outage in late 2009
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14. Accurate statistics available to general public; information is shown in graphical format only – no specific datapoints http://news.infracritical.com/xmlstats.php?s=scadasec (2) 2. http://news.infracritical.com/xmlstats.php?s=scadasec&m=12&y=09 returns info for December 2009.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20. Photos of Infracritical’s Data Center Second server from bottom houses SCADASEC, along with 12 other mailing lists, both publicly and privately operated. Infracritical’s data center consists of legacy equipment that was donated; approx. 30 servers active at any time.
  • 21. Questions? Bob Radvanovsky, (630) 673-7740 [email_address] A copy of this presentation may be found at our web site: http://www.infracritical.com/papers/scadasec-2010.zip Creative Commons License v3.0.