1 / 16

December 8, 2011

Implementing Digital Technologies in Nuclear Utilities Cyber Security and NEI 0809;  Staying Ahead of the Curve Critical Infrastructure & Security Practice (CISP ). December 8, 2011. Steve Batson, CISSP Principal Consultant Invensys CISP. Presenter:. The Problem

joanne
Download Presentation

December 8, 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Implementing Digital Technologies in Nuclear Utilities Cyber Security and NEI 0809;  Staying Ahead of the Curve Critical Infrastructure & Security Practice (CISP) December 8, 2011 Steve Batson, CISSP Principal Consultant Invensys CISP Presenter: Invensys proprietary & confidential

  2. The Problem • … and the need to Deter, Detect, Delay and Respond Packet Forging/Spoofing Steal Diagnostics High Sniffers Sweepers Sophistication of Hacker Tools Back Doors Hijacking Sessions Exploiting Known Vulnerabilities Disabling Audits Technical Knowledge Required Password Crackling Self-Replicating Code Password Guessing Low Ref: CISCO

  3. The Problem … and the need to Deter, Detect, Delay and Respond Nuclear and Military Data Taken in Hack From eWeek.com Europe 10/25/2011 Highly sensitive military and industrial data was stolen when it was hacked in the summer. RSA Hackers Knock Off 760 Other Businesses From SC Magazine 10/25/2011 At least 760 organizations appear to have fallen victim to the same attacks that compro-mised RSA's SecurID authentication system earlier this year. Stuxnet Clone 'Duqu': The Hydrogen Bomb of Cyber warfare? From FoxNews.com 10/19/2011 If the Stuxnet virus was the atom bomb of cyber warfare, then the discovery this week of the "Duqu" virus is the hydrogen bomb, security experts are warning

  4. The Commitment US Nuclear Plant Cyber Security Plans will be implemented over several years with the first significant deadline coming at the end of 2012. $ $ $ $ $ $

  5. The Commitment Millions of dollars will be spent to implement US Nuclear Plant Cyber Security Plans over the next several years. One way to reduce that cost is to employ common security controls across several CS’s. 2011 2012 2013 2014 2015 2016

  6. The Response Standards – Roadmap – Regulation - Programs CISP - Critical Infrastructure and Security Practice

  7. Common Controls … take the time to capitalize on existing programs NEI 10-09 Addressing Cyber Security Controls for Nuclear Power Reactors R0 Provides some helpful guidance on implementing NEI 0809. Examples of sources for common controls: Cyber Security Program, Procurement Control, Configuration Management, Physical Security, Audit Programs, Maintenance Programs, SQA, etc. Common controls will provide a system wide consistent response, and eliminate the need to re-visit repetitive controls. This upfront effort greatly reduces the man-hours required to perform an assessment

  8. Attack Vectors … take the time to capitalize on existing programs NEI 10-09 Addressing Cyber Security Controls for Nuclear Power Reactors R0 Provides some helpful guidance on implementing NEI 0809. Verify the attack vectors for a given control are fully mitigated by the common control. Recognize that some controls will be Hybrid requiring a combination of common controls and system specific controls The only attributes that require individual responses are those CDAs that must be evaluated due to their unique configurations or locations

  9. Attack Vectors … making sure alternate controls address threats • Attack Vector • An attack vector is the combination of an individual with malicious intent and either physical or logical access to the target. • Direct Network Connectivity • Wireless Access Capability • Portable Media and Equipment • Supply Chain • Direct Physical Access

  10. Staying ahead of the Curve Plan ahead and standardize on solutions HIDS AV SIEM Whitelisting Backup NAC NIDS Patch

  11. Standardize solutions in RFPs Plan ahead and standardize on solutions. HIDS Backup AV NAC SIEM NIDS Whitelisting Patch

  12. Feed many CS’s into one SIEM Plan ahead and centralize logging where possible. RMS TCS PMS PPS FWCS RCS

  13. Incorporate the Security Group Plan ahead on a process that incorporates the use of security guards to help monitor and notify of events. SEC

  14. Incident Response Plan ahead on a process that incorporates the use of internal and external expertise to respond to incidents. Mnt OPS SEC SEC ENG EXP Mgmt

  15. In Closing… • Thank you for your time and attention • Contact Steve Batson: • 951-445-3009 • Stephen.Batson@Invensys.com • Please look for our upcoming webcast on Fast Tracking LAR's (Licensing Amendment Requests) • Request a digital copy of this presentation: Contact@Invensys.com • Questions?

More Related