ALEX RUNNER Jason Rosselot Sedar labarre Will Farrell Johnson Controls

Slides:



Advertisements
Similar presentations
Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.
Advertisements

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
James Brehm Senior Strategist Compass Intelligence.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
TeamCluster Project Real time project management solutions Harry Hvostov April 27, 2002.
UK Cyber Security Caley Robertson
Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Mid-Atlantic Federal Lab Consortium.
1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.
FFIEC Cyber Security Assessment Tool
Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
Innovative ICT Building a Better Smart City. Agenda 1. Why focus on Smart City 2. What is a Smart City 3. References.
Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union.
Surveillance and Security Systems Cyber Security Integration.
INDUSTRY 4.0: FROM THINGS TO OUTCOMES
Scales Technology FZCO
Security and resilience for Smart Hospitals Key findings
Proactive Incident Response
Society for Maintenance and Reliability Professionals (SMRP)
Fourth Dimension Technologies
Hurricanes, Earthquakes, and Threat Intelligence
2017.
Connected Infrastructure
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
Cyber Physical System Security
Cybersecurity, competence and preparedness
Smart Building Solution
CIM Modeling for E&U - (Short Version)
The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.
OCNI Workshop Kathryn A. McCarthy, VP R&D 2017 September 6
Smart Building Solution
Connected Infrastructure
USA Final Project Report
Hello, Today we will look at cyber security and the Internet of Things and how it could impact our business.
Data Quality: Practice, Technologies and Implications
Speaker’s Name, SAP Month 00, 2017
Title of presentation Name(s) of author / presenter / co-authors
National Mining University
Mobile workforce management solution
Cyber defense management
Change Agents Why your Transformational IT Initiative Will Fail Without Them Terri Campbell Sr. Director of Change Leadership.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Industrial Control Systems Security Market to reach $7bn by 2024: Global.
Cybersecurity, an important element of stability for the energy sector
Managing Change and Other Keys to Successful Implementation
Cybersecurity at PJM Jonathon Monken
The Internet of Unsecure Things
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
An Urgent National Imperative
IoT – Retail O.P Khanduja.
Securing the Threats of Tomorrow, Today.
Catalyst Pitchback Energy Efficiency as a Service
CRITICAL INFRASTRUCTURE CYBERSECURITY
Cybersecurity ATD technical
Enhanced alerting and collaborative incident management
TrinityIoT Premises Monitoring.
How to address security, cost, IT and migration concerns
MAZARS’ CONSULTING PRACTICE
Managing IT Risk in a digital Transformation AGE
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Cybersecurity at PJM Jonathon Monken
ABOUT US AN INTELLIGENT, RESULT ORIENTED SYSTEM INTEGRATOR UTILIZING CUTTING EDGE TECHNOLOGIES DEEP EXPERTISE IN DESIGN ,SUPPLY, EXECUTION AND MAINTENANCE.
Sachiko A. Kuwabara, PhD, MA
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
IT Management Services Infrastructure Services
IoT and Supply Chain Risk Management
IoT in Healthcare: Life or Death
Presentation transcript:

Cybersmart Government Buildings: Securing Investments in Connectivity and Automation

ALEX RUNNER Jason Rosselot Sedar labarre Will Farrell Johnson Controls Director Thought Leadership & Executive Communications Jason Rosselot Johnson Controls Director Product Security Sedar labarre Booz Allen Hamilton Vice President Commercial Cyber Strategy Will Farrell Booz Allen Hamilton Director Booz Allen Dark Labs

WHY ARE WE HERE TODAY? BOTTOM LINE Yesterday: Partial Connectivity Today: Smart Buildings Tomorrow: Smart Cities All industries are making smart building investments (seeking reward) Cyber incidents threaten the smart building value proposition Cybersecurity must become a core tenet of building design and operations (to guarantee that investment) BOTTOM LINE

WHAT IS A “SMART” BUILDING? On the outside, smart, data-driven solutions may not be apparent… …but connectivity is creating value for building owners and operators.

HOW ARE KEY SECTORS AFFECTED? INDUSTRY-SPECIFIC SMART BUILDING SOLUTIONS HEALTHCARE GOVERNMENT Real-Time Location Systems (RTLS) Critical temperature control Operating room environments Electronic record-keeping Integrated patient care Access controls & physical security Energy management Sensitive environment monitoring Smart infrastructure Integrated asset tracking HIGHER EDUCATION TRANSPORTATION Streaming video management Campus-wide system alerting Mobile-friendly presentation spaces Integrated class registration Optimized lighting Real-Time Location Systems (RTLS) HVAC temperature control Physical security Passenger identification systems Arrival/departure prediction K-12 EDUCATION COMMERCIAL BUILDINGS Smart whiteboards Optimized lighting HVAC, data-driven building management Space scheduling integration District-wide performance tracking Access controls & physical security HVAC temperature control Energy management Real-time data analysis Meeting space optimization Across industries, technology is redefining how buildings and occupants interact – saving energy, increasing security and optimizing operations

ANTICIPATED INVESTMENT BREAKS APART INVESTMENT AT RISK NEW VALUE PROPOSITION ANTICIPATED INVESTMENT BREAKS APART CYBER RISKS Automated Management Predictive Maintenance Denial of Service Attack Vendor IoT Product Compromise Energy Efficiency Asset Location Finding Occupant Data Theft Hijack of Command & Control App As an owner/operator/manger, you’re trusting you’ll get ROI: optimized operations and lower facility costs, while increasing safety and sustainability But these rewards are at risk: you’ve established a large attack surface and cyber threat actors are after this environment This also means critical infrastructure is at risk – our society, economy, security, and health SECURITY IMPERATIVE Pervasive connectivity means more vulnerabilities across a larger attack surface Many threat vectors can potentially harm connected infrastructure Occupant health/safety and environment now depends on cyber security

FACING OUR CURRENT REALITY REPORTED INDUSTRIAL CONTROL SYSTEM VULNERABILITIES SAMPLE CYBER INCIDENTS 500 400 LARGE INTERNET SEARCH PROVIDER Researchers hack building control system of key facility; able to obtain command and control 300 200 100 CHINESE HOTEL Hacker infiltrated hotel room automation system via Wi-Fi; established ability to manipulate room control systems and steal customer data Source: ICS-CERT 2015 Annual Vulnerability Coordination Report SOURCES OF THREATS TO INDUSTRIAL COMPUTERS Internet Removable Media INTERNET DOMAIN NAME SYSTEM PROVIDER Largest distributed denial-of-service (DDoS) attack in history uses massive number of compromised IoT devices to swarm its target and cause major internet outages Email Clients Archives (Backup) Network Shares Windows Backup Copies Cloud Storage Source: Kaspersky Lab ICS CERT, Threat Landscape for Industrial Automation Systems in the Second Half of 2016

BUILDINGS NEED TO BE CYBERSMART WHAT’S A CYBERSMART BUILDING? WHO PLAYS A ROLE? Security by design for new; retrofit options for established buildings IT and operational technology (OT) assets are mapped and zoned for risk management Vulnerability management function in place for connected devices and infrastructure Passive monitoring for critical assets to understand non-baseline anomalies (e.g., network scanning, controller re-flash) Cyber incident response plan is developed and exercised by relevant stakeholders EVOLVING GUIDANCE

KEY CONSIDERATIONS FOR TAKING ACTION WHAT TO DO Observe and orient around your specific challenge 1 LIFECYCLE PHASE Forget old silos — cybersecurity requires cross-functional teaming 2 Acquisition Deployment Operations & Maintenance Change the culture — speak up for cybersmart buildings Consider Security Requirements Assess Build in Security Update Regularly Test, Monitor & Respond 3 Build the right capabilities to enable – not hinder – smart building adoption 4 Cyber Capabilities Finally, get operational 5

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.