Lessons Learned For NERC CIPv5 Compliance &amp; Configuration Change Management

Leveraging the technology advancements in video analytics, THRIVE Intelligence has developed an end-to-end video monitoring and management service from the camera to the Monitoring Center where video is monitored 24/7 by trained Security Intervention Specialists.THRIVE IP cameras are installed with edge-based video analytics making the camera intelligent. When an alarm or event occurs, it’s immediately reviewed by special screened, trained and certified personnel at our Monitoring Center, who will dispatch officers or first responders (if necessary), based on the event protocols set. THRIVE analytics eliminates incidents of false alarms and operator interaction ensures proper response. Live footage of events can be streamed directly to customers and to law enforcement officers en route via a smartphone, tablet, or computer. iOS and Android apps have been developed to work with the THRIVE solution. THRIVE’s video analytics first stabilizes the image then learns the environment which allows our analytics to automatically overcome environmental conditions such as: light changes, repetitive motion, and adjustments to the image caused by rain, fog, dirt and low light. In this presentation, THRIVE will demonstrate the capabilities of its camera analytics and our 360 solution that is offered to end users.

20180529 scaf and cosmic presentaiton s rajagopal

Charles Symons

Efficient Document Control is Essential to Positive Audit Outcomes

Veeva Systems

Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure

Making security policy changes manually is a slow, laborious process which is fraught with risks; it can take several days—sometimes weeks—to process a single change in a complex enterprise environment. When hundreds of changes are required each month, it can be an impossible task! In this webinar, Yonatan Klein, Director of Product Management at AlgoSec, will discuss how automation can take your security policy management to the next level; delivering the most stringent security change management and control processes, while providing visibility and helping to maximize business agility across your disparate, ever-changing, hybrid cloud enterprise network. Join the webinar to learn how you can use automation to: • Discover and map application connectivity to centralize and optimize security policy management • Migrate application connectivity across data centers, to the cloud, and throughout the DevOps lifecycle • Ensure your disaster recovery processes for firewalls are secure and up-to-date • Take an application-centric approach to simplifying firewall rule recertification processes Attend this webinar to discover how you can reduce the time and effort you spend on managing security, while keeping your all your stakeholders happy – network and security operations teams, application owners, and even C-level executives.

HIS 2015: Ivan Ellis - VISIUMCORE A High Integrity Processor for Safety Criti...

AdaCore

Webinar: How automation can transform the way you manage your network securit...

AlgoSec

As part of your organization’s security policy management best practices, firewall rules must be reviewed and recertified regularly to ensure security, compliance and optimal firewall performance. Firewall rules which are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and impacts firewall performance. Manual firewall rule recertification, however, is an error-prone and time-consuming process. Please join our webinar by Asher Benbenisty, AlgoSec’s Director of Product Marketing, who will introduce an application-centric approach to firewall recertification, bringing a new, efficient, effective and automated method of recertifying firewall rules. Join the webinar and discover: •Why it is important to regularly review and recertify your firewall rules •The application-centric approach to firewall rule recertification •How to automatically manage the rule-recertification process Want to find out more about the importance of ruleset hygiene? View the recorded webinar today!

Firewall Rule Recertification - An Application-Centric Approach

AlgoSec

gsa

Alex Woolfenden

Audit of it infrastructure

pramod_kmr73

Iso 9000 iso 9001

billgates3970

FedRAMP is the federal government's risk and security assessment program for cloud-based services as part of the cloud-first initiative, and is designed to make the assessment process more efficient by providing a "do once, use many times" framework. If you work with or want to work with federal agencies, your organization will need to be FedRAMP compliant. On this webinar, you will: • Learn the background and overview of the FedRAMP program • Take a deep dive of the assessment process • Discover the benefits and challenges companies experience during the assessment process

Work With Federal Agencies? Here's What You Should Know About FedRAMP Assessm...

Schellman & Company

DevSecOps: Security and Compliance at the Speed of Continuous Delivery

Dag Rowe

ESS Software and Firmware

Peter Ewers MIET FInstSMM

What is a Firewall Risk Assessment?

VISTA InfoSec

Federal Agencies & Cloud Service Providers meeting FISMA requirements via FedRAMP This presentation covers Federal Risk Authorization Management Program with FISMA, SCAP and Federal Data Center Consolidation Initiative to clarify how US government agencies purchase cloud services need to meet Federal Information Security Management Act (FISMA) requirements. January 2013 - The FedRAMP Joint Authorization Board has granted its first provisional authorization to Autonomic Resources, who used Veris Group as their FedRAMP accredited 3PAO.

FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0

Valdez Ladd MBA, CISSP, CISA,

AOS - Five Monitoring Offering

NGINX at F5

Is your organization reluctant to join the Agile revolution—perceiving significant and insurmountable barriers to adoption, despite the potential benefits? Do you continue to use Microsoft Office—storing Word and Excel documents in a document management system to manage your R&D process? If the answer to both of these questions is “Yes,” then Office is most likely your problem. Watch this webinar (https://www.youtube.com/watch?v=jaSouNZdtwc) and review the slides to learn why you should stop using Office to manage development assets, and how an artifact-centric tool can help you break the barriers to Agile adoption.

Breaking the Barriers to Agile Adoption in Safety- and Quality-Critical Envir...

Seapine Software

The CSA STAR Programs will provide your organization an additional assessment to showcase your overall compliance program. Cloud security providers are in an ever changing world. Traditionally the CCM was pointed to as an authoritative guidance. Now organizations have the opportunity to undergo third party assessments, through the STAR Programs to validate maturity level or control activities. This slideshow will cover: • A background and overview of the programs. • A deep-dive of the CSA Attestation/Certification methodology and testing. • A side by side comparison. • The benefits and challenges.

The CSA STAR Program: Certification & Attestation

Schellman & Company

Was ist angesagt? (20)

Flight East 2018 Presentation–Black Duck at Docusign

Compliance at Velocity with Chef

Cybersecurity Vendor Considerations

20180529 scaf and cosmic presentaiton s rajagopal

Efficient Document Control is Essential to Positive Audit Outcomes

Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure

HIS 2015: Ivan Ellis - VISIUMCORE A High Integrity Processor for Safety Criti...

Webinar: How automation can transform the way you manage your network securit...

Firewall Rule Recertification - An Application-Centric Approach

gsa

Audit of it infrastructure

Iso 9000 iso 9001

Work With Federal Agencies? Here's What You Should Know About FedRAMP Assessm...

DevSecOps: Security and Compliance at the Speed of Continuous Delivery

ESS Software and Firmware

What is a Firewall Risk Assessment?

FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0

AOS - Five Monitoring Offering

Breaking the Barriers to Agile Adoption in Safety- and Quality-Critical Envir...

The CSA STAR Program: Certification & Attestation

Andere mochten auch

Presenter: David Zahn, PAS Industrial control systems represent the brass ring for hackers who want to disrupt plant operations and negatively impact safety and productivity. The problem for cybersecurity professionals is that plants have highly vulnerable proprietary control systems where configuration data is not visible via standard WMI or SNMP calls. Yet, it is this same configuration data, such as I/O cards, firmware, installed software, and more, that hackers work hard to attain as it aids them in gaining control over industrial systems within plants. As the saying goes, “you can’t manage what you can’t measure.” Taking inventory of this hidden configuration data and doing so for all control assets is difficult. Plants as a result fall short of achieving centralized, automated inventory – a cybersecurity best practice and a necessary precursor to effective change management. So how do you address change management when important security data is kept locked within each vendor’s distributed control systems, programmable logic controllers, and remote terminal units? In this session, we’ll explore the types of inventory data that comprise a best practices cyber security plan. Next, we will dive into cost effective, accurate automation opportunities for inventory discovery and maintenance of heterogeneous proprietary and non-proprietary control assets. Finally, we’ll present a case study for implementing best practices for hardening ICS cyber security and automating management of change. Agenda: Building and Maintaining an Accurate ICS Inventory Best Practices in Inventory Automation Case Study

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

Now more than ever, companies want to faster deliver better and cheaper products. Last years, Some Industry best practices have started to emerge to help companies to achieve these goals by improving processes in their organization. Among others, CMMI is a recognized industry best practice. An important CMMI process area specific to software development projects is Configuration Management. Configuration Management has 2 main aspects, each having their own dedicated tools: 1. Source files and release configuration management. 2. Change request management affecting file and release management. This technical paper describes different Configuration Management functionality steps and their ability to address series of Configuration Management related questions. It will be shown that it is not tools functionalities themselves that make the difference between Configuration Management functionality steps but the level of integration between those 2 kinds of tools.

10 - CIP-002-5.1 Medley - Carr

Bryan Carr

5 STEPS OF CONFIGURATION MANAGEMENT FUNCTIONALITIES

Eric Mariacher

Nerc Version 3 vs Version5 changes

Ken R Anderson CD

Config Management Camp, Gent, Feb. 2016 Speaker: Johannes M. Scheuermann, Arnold Bechtoldt Since the hype around containers is still going on, many people are planning to move their applications into containers. You can earn lots of benefits when making this decision. But similar to other hypes you will notice that you will face many challenges that need to be handled. In this session we want to share some of our lessons learned in both of these worlds. We want to discuss when to choose cfg mgmt and when to choose containerized solutions. Also we will show some use cases were you can use a combination of both strategies. About Arnold Bechtoldt and Johannes Scheuermann: Arnold and Johannes are working for inovex in Germany. Arnold has a strong background in configuration management and Johannes is working with container technologies for years. Both like to try and discuss different (and new) approaches to solve today's infrastructure challenges. Due to this strong interaction they decided to make a talk about the up- and downsides of both worlds. Twitter: @johscheuer https://www.inovex.de/de/content-pool/vortraege/

Configuration Management vs. Container Automation

inovex GmbH

CIP Version 5 Immersion Workshop

Presenter: Daniel Lance, Layered Integration After years of installing wireless sensor networks in homes and businesses we are now faced with a question “How is this all secure? Or is it?” A look into WSN (Wireless Sensor Networks) history and original design concepts that paved the road to us using these in our every day life. This presentation will be a deep dive into wireless and reveal new challenges we have in protecting our perimeter when all of our core monitoring devices are riding a wave into the public space as most industrial control providers look to capitalize on fast installation times and inexpensive adaptive solutions. This research shows us start to finish how anyone with a laptop and SDR (Software Defined Radio) can hack into and take control of WSN’s from outside the front gate. The presentation will demonstrate how a device inside your facility might reveal itself through spectrum analysis than how a hacker might flank the security of the device and own the network with very simple replay attacks that can grant them physical access, and how social engineering pre-installation and post-installation will cause you to disregard warning signs that someone is tampering with the network. A high level understanding of radio is no longer needed for packet analysis with open source tools, proper implementation has never been more important as even a encrypted device can be compromised by the last mile before installation. We will talk about the tools security professionals are lacking from the manufactures of these devices to scan for a compromised device and what can be done in the future to protect WSN’s.

Wireless Sensor Networks: Nothing is Out of Reach

Over the past few years, penetration testing has gotten easier. What used to take a week of scanning, analysis, and exploit research now happens in one day on average in a common IT environment. The efficiency of compromise has increased based on several factors including increased knowledge sharing, more robust computing, and automated exploitation tools. OT environments are often utilizing the same operating systems and are prone to many of the same attacks. The main differences are the presence of custom protocols, embedded systems, and lack of formal security programs to address the gaps created by two-way data communication networks. This talk will show the most common attacks which our team currently uses to gain access and control over the networks and systems we test. More importantly, we will discuss the “top 10” things an organization can do to mitigate, remediate, and have active visibility into critical systems.

Slide Griffin - Practical Attacks and Mitigations

Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IoT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the mission-critical cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

In our modern world, we’ve learned to take for granted the universal availability of things like running water and electricity, and more recently, the Internet. As technology progresses, we are rapidly approaching a future in which nearly everything is digitally connected to nearly everything else. At the same time, we are learning to accept that all digital devices are broken from a security perspective. How we respond and adapt to this reality could well determine whether our future is utopian or dystopian. In In this interactive session, we will explore novel avenues of attack using digital “soft-targets”, and discuss how we might hold things together in the face of persistent vulnerability.

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

Presenter: Mike Firstenberg, Waterfall Security Solutions NIST, NERC CIP, the ISA/IEC and other authorities are adjusting their advice for secure industrial networks to include at least one layer of hardware-enforced unidirectional communications. Many security practitioners are familiar with specific applications of Unidirectional Security Gateway technology, but fewer have seen how widely the technology is being deployed throughout the electric sector. Join us to review comprehensive unidirectional network architectures for generation, transmission, distribution, high-voltage substations, and control centers/TSO’s/balancing authorities. In each vertical we review use cases, examine NERC CIP compliance implications and cost savings, and compare the strength of each architecture with legacy firewall-based designs.

Unidirectional Network Architectures

Presenter: Chris Sistrunk Why haven’t we seen more ICS-focused attacks? Perhaps it’s because we’re not looking for them. The current state of security in Industrial Control Systems is a widely publicized issue, but fixes to ICS security issues are long cycle, with some systems and devices that will unfortunately never have patches available. In this environment, visibility into security threats to ICS is critical, and almost all of ICS monitoring has been focused on compliance, rather than looking for indicators/evidence of compromise. The non-intrusive nature of Network Security Monitoring (NSM) is a perfect fit for ICS. This presentation looks at using NSM as part of an incident response strategy in ICS, various options for implementing NSM, and some of the capabilities that NSM can bring to an ICS cyber security program.

Where Are All The ICS Attacks?

Presenters: Robert Landavazo, PNM Resources and Katherine Brocklehurst, Tripwire With countless hours of work to go, PNM was far from ready for its coming audit in just 18 months. Confidence levels in its existing manual, and incomplete security controls, were at an all-time low; and the visibility into control center environments for quantifying its status and progress towards compliance was immeasurable. With Tripwire, PNM’s preparation of the looming CIPv3 audit noticeably improved. With efficient reporting and automation, PNM’s now positioned to hold itself accountable for CIP auditable compliance of more than 3,500 explicit and supporting control points, satisfying CIP-002-3, CIP-004-3, CIP-005-3, CIP-007-3 and CIP-009-3. In addition, enhanced visibility and better control gave PNM the ability to effectively communicate meaningful and measurable initiatives to executive teams – resulting in increased support for their funding needs. In this session, PNM – New Mexico’s largest electricity provider – will share a case study on its journey towards achieving continuous NERC CIP compliance despite a highly limited headcount, how it saved countless hours of labor-intensive manual effort, and the essential role that automation played in its success.

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

When we talk about cyber security, we recognize that it is part of a holistic approach to security and critical infrastructure protection. Tools and technology are not enough to ensure that mission critical systems provide capabilities needed for the military, continuity of government and commercial enterprises to continue operations in the face of emerging threats. Recognizing the unique nature of our location on the Hawaiian Islands in the middle of the Pacific, we also understand the importance of collaboration and alignment of critical infrastructure protection among the military, state government, commercial and public stakeholders. A comprehensive approach needs to include innovative capabilities, a thorough analysis of operational dependencies, and the organizational collaboration required to protect critical capabilities. In this session, we will discuss our innovate approach to developing a holistic cyber security approach for critical infrastructure and share a case study to help you think differently about your own approaches for security.

VMware Product Applicability Guide for NERC CIP v5 Final Version 1.0

Anthony Dukes

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

Presentation from OIS@ASCRS 2016 Moderator: Jim Mazzo, Executive Chairman & CEO – AcuFocus Participants: Mike Ball, CEO – Alcon Tom Frinzi, President – AMO, SVP – Abbott Laboratories William J. Link, PhD, Managing Director – Versant Ventures Ashley McEvoy, Company Group Chairman – Johnson & Johnson Vision Care William Meury, EVP, President Branded Pharma – Allergan Ludwin Monz, PhD, President & CEO – Carl Zeiss Meditec AG Calvin Roberts, MD, SVP & Chief Medical Officer – Bausch + Lomb Video Presentation: https://www.youtube.com/watch?v=_ZdUbVHATBQ&list=PL1dmdBNnPTZJBhQxPOp0vdNg3s3wtN2yw&index=3

MASTERS OF THE UNIVERSE

Healthegy

OpenStack at Cisco, June 2015

Lora O'Haver

RAC Troubleshooting and Diagnosability Sangam2016

Sandesh Rao

QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-2013/H1-2014

Risk Analysis Consultants, s.r.o.

Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys

Georg Knon

Andere mochten auch (20)

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

10 - CIP-002-5.1 Medley - Carr

5 STEPS OF CONFIGURATION MANAGEMENT FUNCTIONALITIES

Nerc Version 3 vs Version5 changes

Configuration Management vs. Container Automation

CIP Version 5 Immersion Workshop

Wireless Sensor Networks: Nothing is Out of Reach

Slide Griffin - Practical Attacks and Mitigations

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

Unidirectional Network Architectures

Where Are All The ICS Attacks?

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

VMware Product Applicability Guide for NERC CIP v5 Final Version 1.0

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

MASTERS OF THE UNIVERSE

OpenStack at Cisco, June 2015

RAC Troubleshooting and Diagnosability Sangam2016

QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-2013/H1-2014

Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys

Ähnlich wie Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

Today’s electronic physical security systems are complex: servers, workstations, network technologies and edge devices all working together to protect your facility. An undetected problem with a single component can compromise your security coverage. Unfortunately, many people discover a problem with the security system only after an incident has occurred. Join our webinar on May 24th, 1pm CST to learn how System Health Monitoring can help you avoid surprises and keep your facility secure. In this webinar hosted by Christopher Hugman - VP, Service Innovation, we cover: - What is System Health Monitoring? - Do I need System Health Monitoring for my Security Systems? - How does it work? - How is SecurePlan different than a standard maintenance program?

Webinar: SecurePlanHealth Updates

Knight Security Systems

Performing a detailed security risk assessment is a time-consuming and challenging task. However, in today’s high-risk environment, it is required. A common misconception that can leave IBM i systems open to data breaches is that addressing physical and network security is enough to keep systems and data safe. Though controlling physical access and ensuring network security is important, the most common vulnerabilities in IBM i environments come from improper security configurations. To understand security risks on your IBM i, it is essential to review security settings and configurations throughout the system. This requires significant knowledge of dozens of IBM i capabilities and their related configurations. Assure Security Risk Assessment thoroughly examines dozens of security settings, comparing values against best practice, to produce reports that identify security vulnerabilities. View this webcast on-demand to learn: • The dangers of improperly configured security setting on your IBM i • How many compliance regulations, such as PCI DSS and HIPAA, require annual IT risk assessments • How to request Syncsort’s FREE Assure Security Risk Assessment

Introducing Assure Security Risk Assessment

Precisely

Understanding firewall-policies-their-effectiveness-in-defending-against-netw...

ManageEngine, Zoho Corporation

For many energy companies, readying for compliance with the latest version of NERC Critical Infrastructure Protection (CIP) standards, whether they be v5, v6, v7 or beyond is not the first priority – delivering reliable energy to the BES is. So, how does a company deal not only with the impending changes of CIP v5, but do so in a manner that best positions them for compliance with future versions and secures their cyber environment? Join our live webcast on Thursday February 5 to hear from ICF, Tripwire, and AssurX industry experts who are helping organizations already grappling with the new and upcoming CIP requirements, implementing a risk based approach, the steps they are taking to get ahead of the curve, and addressing the uncertainty. Key Takeaways - Regarding Readiness for NERC CIPv5 (and beyond): •Best approaches for achieving compliance in a changing environment. (i.e. v5, v6, v7). •How to save time, resources, and achieve automation with practical guidance on compliance efforts for current and future CIP requirements. •Practical highlights and key controls from those already working on the most pressing issues.

Stop Chasing the Version: Compliance with CIPv5 through CIPv99

Tripwire

NERC CIP Training Bootcamp, North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) preparing Bootcamp is a compressed lesson style preparing program planned and crated to address the issues of the electric with respect to CIP consistence: Cyber Security for NERC CIP Versions 5 and 6 Compliance. Security pros, CIP Senior Manager, examiners, fashioner engineers, framework administrators, executives of CIP consistence, VPs of activities. NERC Critical Infrastructure Protection (CIP) preparing Bootcamp is a 5-day intensive lesson enables participants with information and abilities covering adaptation 5/6 norms. NERC Critical Infrastructure Protection preparing Bootcamp tends to the part of FERC, NERC and the Regional Entities. Learn approaches for recognizing and sorting BES Cyber Systems and prerequisites tio actualize and go along the benchmarks including techniques for the form 5/6 necessities. TONEX is the industry leader in Cyber Security and NERC CIP. Our courses are planned, designed and developed by NERC CIP experts in CIP implementation and audits. #Who Should Attend: CIP Compliance, IT cybersecurity, ICS and SCAD cybersecurity, EMS cybersecurity, Field and security operations, Incident response, Project managers, CIP Auditors , Any other staff from electrical utilities who are maintaining cyber security standards across their enterprise and substations, Generation, transmission and distribution staff working to meet NERC CIP standards Learn more about Program Learning Objectives, Program Coverage and Highlights of Enforcement. Visit Tonex Training Website https://www.tonex.com/training-courses/nerc-cip-training-bootcamp-crash-course/

NERC CIP Training - 5 Days Course

Tonex

The intellectual property stored in your SCM system comprises your company’s most valuable assets. How do you keep those assets safe from threats inside and outside your organization? This session by Charlie McLouth, Director of Technical Sales at Perforce, and Mark Bennett, Vice President at Interset, will give you a deep dive into how Perforce Helix keeps your assets safe, including real-world scenarios of Interset's Threat Detection. You’ll hear how Interset Threat Detection applies advanced behavioral analytics to user activities to proactively surface threats to the IP stored in the Helix Versioning Engine. You’ll also hear how Helix’s fine-grained permissions model provides unified security policies that govern access-control based on LDAP authentication and contextual information such as IP address of the client or file paths.

Protecting Your IP with Perforce Helix and Interset

Perforce

compliance made easy. pass your audits stress-free webinar

AlgoSec

API Training 10 Nov 2014

Digital Bond

The growing body of regulations and standards forces enterprises to put considerable emphasis on compliance verified by ad hoc and regular auditing of security policies and controls. While regulatory and internal audits entail a wide range of security checks, network firewalls are featured prominently as they are the first line of defense of the enterprise network. Typical networks might include tens or hundreds of firewalls from multiple vendors running thousands of rules. Auditing firewalls for compliance is becoming more complex and demanding all the time. • Documentation of current rules and their evolution of changes is lacking • Time and resources required to find, organize and inspect all the firewall rules to determine the level of compliance is exorbitant and growing It’s time to adopt auditing’s best practices to maintain continuous compliance. Join us in this webinar to discover the Firewall Audit Checklist, the 6 best practices that will ensure successful audits and full compliance. By adopting these best practices, security teams will significantly improve their network’s security posture and reduce the pain of ensuring compliance with regulations, industry standards and corporate policies.

2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires

Liraz Goldstein

As security threats continue to evolve and increase, companies need to also adapt their approach to IT security. One important concept that is gaining in popularity and adoption is zero trust security. The main concept behind the zero trust security model is "never trust, always verify,” which means that devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified. Zero Trust means moving beyond a perimeter security strategy. As companies offer customers and business partners new digital experiences and processes, networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location. This dynamic is impacting IBM i customers and zero trust security is an important element of a modern security strategy. Join us for this webcast to hear about: • Understanding zero trust security concepts • Zero trust security in the real world • Zero trust security for IBM i environments

Understanding Zero Trust Security for IBM i

Precisely

Institute of Internal Auditors Presentation 2014

Brian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP

Zentech Manufacturing Capabilities

Transline Technology

SharePointlandia 2013: SharePoint and Compliance

Matthew R. Barrett

Top 5 critical changes to audit for active directory

Netwrix Corporation

Redport Capabilities Brief 04182013

Daniel Van Nostrand

ITIL Best Practice for Software Companies

Daniel Brody

Automating the cip compliance test lab

Chuck Reynolds

Top 10 critical changes to audit in your it infrastructure

Netwrix Corporation

DevSecOps is a recent offshoot of the DevOps movement, which doubles down on the importance of security. As security continues to be downplayed or ignored even as the threat landscape explodes, DevSecOps promotes a set of well-developed design principles and engineering patterns which involve security owners and product designers much earlier. DevSecOps lays out a robust and practical blueprint for building security features into the design process, leveraging new engineering tools and patterns and creating a secure, defensible software right from the start. Join Chris Knotts, Innovation Product Director at Cprime, to: - Learn how the concept of "shifting left" applies to application security and how to prioritize security requirements earlier in the design process - Get an introduction to a few of the most effective engineering tools for implementing DevSecOps, including popular code scanners, dependency checkers, and free open-source products - Understand how progress with DevSecOps depends on roles and stakeholders outside of just security staff

The What, Why, and How of DevSecOps

Cprime

Prepare for success in the Certified Information Systems Auditor (CISA) Certification Exam to elevate your IT security career. Gain instant validation of your auditing, control, and information security skills. CISA Certification signifies expertise in assessing vulnerabilities, ensuring compliance, and strengthening controls within an enterprise. Position yourself for better opportunities with this renowned certification.

CISA Certification : How To Prepare For The Exam?

InfosecTrain Education

Ähnlich wie Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management (20)

Webinar: SecurePlanHealth Updates

Introducing Assure Security Risk Assessment

Understanding firewall-policies-their-effectiveness-in-defending-against-netw...

Stop Chasing the Version: Compliance with CIPv5 through CIPv99

NERC CIP Training - 5 Days Course

Protecting Your IP with Perforce Helix and Interset

compliance made easy. pass your audits stress-free webinar

API Training 10 Nov 2014

2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires

Understanding Zero Trust Security for IBM i

Institute of Internal Auditors Presentation 2014

Zentech Manufacturing Capabilities

SharePointlandia 2013: SharePoint and Compliance

Top 5 critical changes to audit for active directory

Redport Capabilities Brief 04182013

ITIL Best Practice for Software Companies

Automating the cip compliance test lab

Top 10 critical changes to audit in your it infrastructure

The What, Why, and How of DevSecOps

CISA Certification : How To Prepare For The Exam?

Mehr von EnergySec

Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.

Jack Whitsitt - Yours, Anecdotally

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

Presenter: Mikael Vingaard, EnergiNet.dk The goal of having a Honeypot (a fake ‘vulnerable’ IT-system/ service) is to learn more about your attackers and the methods they will use to breach your ICS/SCADA systems – but how can the Energy Sector actual benefit from using a Honeypot? The Danish information security researcher, Mikael Vingaard has taken various free open source software to deploy ICS/SCADA Honeypot systems, and will share his experiences from the research and present interesting findings from the collected informations. The talk will be discuss the pros and cons of honeypots, how to use honeypots as an early-warning system and add some interesting points seen from the energy sector of using Honeypot systems. The presentation will showcase that gaining access to actual ICS threat intelligence can be done – even in budget constrained organizations.

Please, Come and Hack my SCADA System!

Presenter: Patrick Miller, EnergySec (President Emeritis) Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future infrastructure organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IOT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the industrial cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Industrial Technology Trajectory: Running With Scissors

Presenter: Damiano Bolzoni, SecurityMatters What if cyber attacks were not the most prominent threat to industrial networks and systems? Although malware is still a major point of interest, the sword of Damocles for industrial networks is represented by insider threats such as system misuse performed by disgruntled employees, contractors and vendors, unintentional operator mistakes, as well as network and system misconfiguration and uncontrolled configuration changes; all this could lead to the divergence or failure of critical processes. In this talk we reshape the concept of ICS security and demonstrate through case studies in different critical infrastructure sectors that the real value of industrial network monitoring goes beyond the detection of cyber attacks, but includes above all the need to maintain awareness about network and process operations, and obtain actionable intelligence that allows to preserve their overall health. We will show how the use of innovative network monitoring approaches can support security, operations, and network managers to: Gain IT visibility of OT networks and full situational awareness of the network and process Detect complex and advanced cyber attacks against industrial networks Mitigate operational mistakes and misconfiguration

Where Cyber Security Meets Operational Value

After a brief introduction by Mr. Humphreys, Henry Bailey will talk a few minutes about SAP’s roadmap for utilities. This will be followed by a discussion led by Chris Humphreys about the evolutionary transition from disparate point solutions to enterprise-wide, end-to-end, Regulation Management where controls are consolidated and leveraged such that compliance is a byproduct of industry best practices. Finally, Mr. Rice and Chris Humphreys will end the hour with a presentation expanding on the concept of controls consolidation and compliance as a byproduct focused on NERC CIP Ver 3-5 and NIST transitional capabilities of Regulation Management.

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

It’s never too early to start thinking about where the standards are going and where your program should be heading. This presentation will discuss how energy organizations should consider furthering alignment to NIST 800-53 Rev 4; focusing on security maturity opportunities such as threat management; addressing third parties and vendors and developing processes to help satisfy control-based security objectives.

Industry Reliability and Security Standards Working Together

What the Department of Defense and Energy Sector Can Learn from Each Other

In July 2010, BC Hydro, the electric utility and grid operator of British Columbia began implementation of its AMI program, formally known as the Smart Meter & Infrastructure (SMI) program. The SMI program transformed BC Hydro from a traditional metering utility to a smart metering utility by implementing smart meters on the customer service points. It was the first step in the smart grid transformation. The SMI program required the introduction of many new devices and applications into BC Hydro’s infrastructure. Some of these had never been deployed before anywhere in the world. Many were field deployed, outside of BC Hydro’s physical security perimeter. The SMI Security Delivery Team was formed to deliver on these commitments and to take responsibility for the end to end security of the SMI program. The Team implemented a multi-pronged approach to securing SMI including security risk assessments, security penetration testing by the team, design reviews, whole project risk assessments and third party security penetration testing. A standards based approach was required to ground the test plan both in best practice and in a common set of principles that BC Hydro and its vendors could accept. The Advanced Metering Infrastructure (AMI) Risk Assessment document prepared by the Advanced Metering Infrastructure Security (AMI-SEC) Task Force was used as a basis for the test plan. This document has since been passed to the National Institute of Standards and Technology (NIST) Cyber Security Working Group and was integrated into NIST IR 7628. NIST IR 7628 contains a comprehensive list of possible threats to AMI systems. The program was highly successful. Test results informed BC Hydro’s deployment decisions and allowed the manufacturers to improve their products. Lessons were learned about how best to conduct third party security testing. A full lessons learned section is included in the presentation.

Third Party Security Testing for Advanced Metering Infrastructure Program

The industrial cybersecurity landscape is complex and formed by very different actors (industrial organizations, critical infrastructures, EPC companies, industrial and cybersecurity vendors, consultancy companies, integrators, academia, public bodies and governments), with very different interests and objectives and different maturity levels, even internally in each organization, so there’s no way to go alone in the way of protecting these industrial and critical infrastructures adequately. Interdependencies, multidisciplinary, multiple supply chains and lack of common reference make even more complex the task of advancing in the right way. Public Private Partnerships (PPP) are recognized as a key aspect on improving Industrial Cybersecurity and Critical Infrastructure Protection, but PPP usually is a formal and structured way of communication and collaboration between organizations, that is not necessary followed by the persons in charge or being part of those organizations. In this presentation, we are proposing a new concept: C3R, “Collaboration, Coordination and Commitment based Relationships”, as the base for building a global community for protecting our Industrial and Critical Infrastructures and explaining the keys of the success of such an approach.

Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...

Mr. Feldman will lead us on a path to help us think about the “Sea Changes” happening in the energy sector from a strategic perspective, implications for the energy companies and cybersecurity from a Board of Directors governance viewpoint. This will include future direction concept that will address suggestions on where Regulators such as NERC should be heading with regard to security and other associated issues to feed your thoughts.

Sea Changes, Strategic Implications, Board Cyber Perspectives

The informative and entertaining discussion is presented by a 26 year military and law enforcement veteran and former federal counterterrorism operative (now working as a state law enforcement agent responsible for critical energy infrastructure protection), and details the emergence of Red Cell activities and Red Teaming as a valuable form of alternative assessment for use in securing the American energy grid. A widely accepted and established practice in military and intelligence circles, Red Teaming is slowly moving into law enforcement and the private sector, and is now being utilized as a key vulnerability and threat assessment tool by state law enforcement agencies, Fortune 500 companies, and national laboratories. The presentation features actual case studies and explains the key reasons energy producing organizations should utilize Red Teaming, including the avoidance of groupthink, complacency reduction, eliminating information silos, collective sense-making, addressing the correctly balanced approach to high impact/low frequency (5 sigma) events, and the integration of CIP compliance into a realistic physical security posture. The brief outline details the key questions answered by Red Cell exercises: What do our adversaries want, how will they try to meet their goals, and how do we most effectively stop them? Attendees will become familiar with the basic techniques utilized in Red Teaming, including interdisciplinary teams, structured analysis, and physical exercises/penetration testing. Finally, the presentation provides a brief after-action report detailing the Red Cell Exercise conducted by the SC Public Service Authority in November 2013. That exercise addressed dam/dike sabotage, criminal targeting, executive safety, terrorism (domestic and transnational), insider threats, physical attacks on energy grid infrastructure, and workplace violence.

Red Teaming and Energy Grid Security

The CybatiWorks open platform serves as an educational environment for cyber-physical systems. The living laboratory platform uses low cost I/O, embedded devices, virtual machines and authentic automation protocols for participant cybersecurity education. The platform incorporates the Raspberry PI, PiFace I/O, Elenco Snap-Circuits, Fischertechnik components and an ICS-ified Kali Linux called CybatiWorks-1 to allow participants to build, break and cybersecure small control environments. CYBATI has performed years of research to develop this platform and is making it available for early access, school sponsorship and integrated education via the Kickstarter project announced during the session.

Open Platform for ICS Cybersecurity Research and Education

A walk-through by an experienced security practitioner with years of relevant industry experience in physical security, compliance, and NERC CIP auditing on how to identify and protect Transmission stations and Transmission substations in accordance with NERC CIP-0014-1. This session will aid you in preparing for the assessment and evaluation process of the potential threats and vulnerabilities of a physical attack. This course is perfect for both professionals involved with NERC CIP physical security and compliance personnel seeking to gain an understanding of the new physical security standard and how to avoid potential pitfalls.

CIP-014-1: Next Steps from an Auditor’s Perspective

In May, 2014 the US Department of Homeland Security and its Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, issued a report confirming several recent attacks on public utilities from the first quarter of 2014. DHS confirmed that a sophisticated threat actor gained unauthorized access to an unnamed public utility’s control system network. Incidents of this type haven’t been as widely publicized as recent retail breaches, but it is believed by many that there are far more incidents occurring within the Energy Sector than are heard about in the press. Lack of enforced and implemented policy and compliance, poor capability for early detection of threat indicators, and lack of visibility and automation may all be contributing to failure in rapidly detecting attacks and breaches. Essential Power™ (formerly known as North American Energy Alliance) is a wholesale power generator and marketer providing electric energy and located in the North Eastern United States. Essential Power will share a case study on its own journey towards achieving NERC CIP compliance within a very short five-month timeline, and how they did it.

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...

This presentation will review lessons learned from a deployment of behavior-based intrusion detection system (IDS) on a SCADA network that was part of a large-scale energy management system. The IDS architecture, sensor features, and sensor placement within the target SCADA environment proved to be key for successful detection of malicious activity. Challenges included simultaneous monitoring of multiple SCADA protocols (DNP3 and ICCP) across multiple network segments; monitoring of both encrypted and unencrypted network traffic; adapting to slow environment changes to minimize false positive output; and integration of the behavior-based IDS output into an existing monitoring system/SIEM

Lessons Learned for a Behavior-Based IDS in the Energy Sector

What to Do When You Don’t Know What to Do: Control System Patching Problems a...

Today, there is a flood of data pouring into Utilities. From AMI data coming into MDM systems to trading system data, to grid management data, this sea of information makes it easy to lose sight of threats to the core business. Combining this with the additional threat intelligence information necessary to protect your business and the scope of the data problem can quickly become overwhelming. Learn how utility customers are applying event correlation to their AMI events, threat intelligence feeds, and Customer Service System events to protect against security threats, while improving business operations, and reducing costs. Additionally, learn about the fascinating future plans that utility customers have for event correlation such as: Pushing physical security event correlation beyond meter tampering and into video camera control and integration Correlating micro-earthquake data with meter tilt tamper events to eliminate false positive security alerts Measuring voltages across meters and the associated transformer to identify theft and meter tampering It’s an exciting time of transformation in the Utilities industry and event correlation can help drive efficiency, visibility, and security in your business.

Event Correlation Applications for Utilities

Mehr von EnergySec (18)

Jack Whitsitt - Yours, Anecdotally

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

Please, Come and Hack my SCADA System!

Industrial Technology Trajectory: Running With Scissors

Where Cyber Security Meets Operational Value

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

Industry Reliability and Security Standards Working Together

What the Department of Defense and Energy Sector Can Learn from Each Other

Third Party Security Testing for Advanced Metering Infrastructure Program

Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...

Sea Changes, Strategic Implications, Board Cyber Perspectives

Red Teaming and Energy Grid Security

Open Platform for ICS Cybersecurity Research and Education

CIP-014-1: Next Steps from an Auditor’s Perspective

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...

Lessons Learned for a Behavior-Based IDS in the Energy Sector

What to Do When You Don’t Know What to Do: Control System Patching Problems a...

Event Correlation Applications for Utilities

Kürzlich hochgeladen

Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf

Screen flow is a powerful automation tool that is commonly designed for internal and external users. However, what about the guest users? We will dive into various methods of launching screen flows and understand how to make them publicly accessible, extending their usability to a broader audience. The presentation will also cover the implementation of security layers and highlight best practices for a smooth and protected user experience. Discover the potential of screen flows beyond conventional use and learn how to leverage them effectively.

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

DianaGray10

Syngulon’s technology expands the capacity for selection of microorganisms. The ability to select individual microbes with a behavior of interest is essential, whether for simple cloning at the bench, or for industry-scale production. Synthetic biology uses the concept of “bioengineering” to improve or modify existing genetic systems to create microbes with desired behaviors, and Syngulon uses this approach to develop its selection technologies. This selection technology is based on bacteriocins, ribosomally-produced peptides naturally made by most bacteria to kill competitive microbial species. These bacteriocins can have a limited or wide target range against other microbial species. This technology offers advantageous over antibiotic selection for several reasons: it avoids the use of antibiotics in the first place, helping to reduce the spread of antibiotic resistant microbes. The technology also increases product yield; as bacteriocins are generally smaller peptides, they do not impose a heavy metabolic burden on the producing cell. They can have a wide target specificity, helping to avoid genetic drift. Finally, our system is 100% plasmid-based (e.g. without chromosomal mutations), making it applicable for use in any E. coli strains.

Syngulon - Selection technology May 2024.pdf

Syngulon

Agentic RAG What it is its types applications and implementation.pdf

ChristopherTHyatt

We're living the AI revolution and Salesforce is adapting and bring new value to their customers. Einstein products are evolving rapidly and navigating their limitations, language support, and use cases can be challenging. Let's make review of what Einstein product are available currently, what are the capabilities and what can be used for in CEE region and how Rossie.ai can help to learn Salesforce speak Czech. We will explore the Einstein roadmap and I will make a short live demo (based on your vote) of some Einstein feature.

AI revolution and Salesforce, Jiří Karpíšek

Intrigued by why some of the world's largest companies (Netflix, Google, Cisco, Twitter, Uber etc) are using gRPC? In this demo based talk we delve into the world of gRPC in .Net, what it does and why we should use it. We compare the interface with both Rest and graphQL. We will show you how to implement grpc server-side in .net and in the web. Finally, I will show you how the tooling helps you deliver powerful interfaces and interact with them quickly and simply.

Demystifying gRPC in .Net by John Staveley

John Staveley

Designing inclusive products is not only a social responsibility but also a business imperative. This talk delves into the journey of creating accessible hardware products that cater to diverse user needs. Key Topics Covered: 1. Introduction to Inclusive Design - Importance of accessibility in product design - Overview of Comcast's commitment to making products accessible to a wide audience 2. Case Study: Xfinity Large Button Voice Remote - Initial challenges and the evolution of the product - User research and feedback that shaped the design - Key features of the final product and their benefits 3. Designing for Diverse Needs - Understanding human-centered design and its historical context - The impact of designing for people with disabilities on overall product quality - Examples from other industries, such as architecture and industrial design 4. Integrating Accessibility from the Beginning - The cost and efficiency benefits of designing for accessibility from the start - The process of embedding accessibility as a core trait rather than an optional feature 5. Real-World Impact and Continuous Improvement - Insights from in-home studies with users having assistive needs - How continuous feedback and iterative design lead to better products - The role of inclusive research and development practices

Designing for Hardware Accessibility at Comcast

UXDXConf

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

Jennifer Lim

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “Enterprise Knowledge Graphs: The Importance of Semantics” on May 9, 2024, at the annual Data Summit in Boston. In her presentation, Hedden describes the components of an enterprise knowledge graph and provides further insight into the semantic layer – or knowledge model – component, which includes an ontology and controlled vocabularies, such as taxonomies, for controlled metadata. While data experts tend to focus on the graph database components (RDF triple store or a label property graph), Hedden emphasizes they should not overlook the importance of the semantic layer.

Enterprise Knowledge Graphs - Data Summit 2024

Enterprise Knowledge

This presentation dives into the practical applications of machine learning within Google's operations, providing a comprehensive overview of how to leverage AI technologies to solve real-world business challenges. Key Points Covered: - Introduction to Machine Learning at Google: Discussion on the role of ML and its evolution in enhancing Google's operational efficiency. - Experience Sharing: Insights into the team's long-term engagement with machine learning projects and the impacts on Google’s operational strategies. - Practical Applications: Real-world examples of ML applications within Google’s daily operations, providing a blueprint to adapt similar strategies. - Challenges and Solutions: Discussion on the challenges faced during the implementation of ML projects and the strategic solutions employed to overcome them. - Future of ML at Google: Insights into future trends in machine learning at Google and how they plan to continue integrating AI into their ecosystem.

Strategic AI Integration in Engineering Teams

UXDXConf

Unlock the mysteries of successful Salesforce interviews in this insightful session hosted by Hugo Rosario (Salesforce Customer), a seasoned hiring manager that leads the Salesforce Department of multinational company with over 100 interviews under their belt. Step into the manager's chair and gain exclusive behind-the-scenes insights into what makes a Salesforce consultant stand out during the interview process. From deciphering the unspoken cues to mastering key strategies, we'll explore the intricacies of the interview process and provide practical tips for consultants looking to not only pass interviews but also thrive in their roles. Whether you're a seasoned professional or just starting your Salesforce journey, this session is your backstage pass to the secrets that hiring managers wish you knew.

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

New customer? New industry? New cloud? New team? A lot to handle! How to ensure the success of the project? Start it well! I've created the 3 areas of focus at the beginning of the project that helped me in multiple roles (BA, PO, and Consultant). Learn from real-world experiences and discover how these insights can empower you to deliver unparalleled value to your customers right from the project's start.

Powerful Start- the Key to Project Success, Barbara Laskowska

PLAI - Acceleration Program for Generative A.I. Startups

Stefano

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Julian Hyde

Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...

Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf

The standard Salesforce Approval process can be limiting in many ways, especially in complex scenarios. What if there was a way to implement very flexible approvals where one can use Apex code to make data updates in unrelated records, dynamically generate next steps details, and compute assignees on the fly? And still use UI-based configurations to implement concrete approval processes. In this session, we will share ideas behind such a solution and show a few lines of code to get you started.

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder