Presentation is loading. Please wait.

Presentation is loading. Please wait.

Parsons: Design – Build - Protect Securing Critical Infrastructure Phil Lacombe.

Published byGwendolyn Conley Modified over 9 years ago

Similar presentations

Presentation on theme: "Parsons: Design – Build - Protect Securing Critical Infrastructure Phil Lacombe."— Presentation transcript:

1 Parsons: Design – Build - Protect Securing Critical Infrastructure Phil Lacombe

2 Why Cyber Security of Critical Infrastructure

3 Change the way we think about security 3

4 Defining Security  Ensuring the enterprise can do what it is supposed to do  And not do what it is not supposed to do  Mission performance  Interdependent  Privacy Risk Management

5 The Security Imperative Responsibility Risk Environment Today Threats have increased – as have the consequences of inaction Vulnerabilities have increased – no longer geographically constrained Demands for responsibility and accountability (Public and Private Sectors) have increased Threat Executives & Boards Time High Low Government Business Cost Availability

6 Threats to Critical Infrastructure 6 HP Cyber Risk Report 2013

7 For Example... 7

8 Internet Facing Control Systems 8 DHS – ICS CERT – 7,200 Internet facing control systems

9 Attack Vectors  Network Access Internet accessible systems being mapped – SHODAN Malware spread by trusted system to system connection Ease of maneuver  Interconnects Exploit applications that communicate through network segmentation Connections to other plants, systems, organizations  Dial up Many ICS assets remotely accessible through traditional  System Management Patching/upgrade delays, no or outdated anti-virus/signatures Default usernames and passwords  Supply Chain  ICS not considered  Physical Security 9

10 DHS ICS-CERT reported that the 1 st half of 2013 had more attacks than all of 2012 Critical Infrastructure Attacks on the Rise 10 ITAR CM.01.2014  CSX Corporation (2003)  Tehama Colusa Canal Authority (2007)  Stuxnet (2010)  Duqu (2011)  Flame (2012)  Shamoon (2012)  Carmel Tunnel (2013)  Monju Japan Nuclear Plant (2014)  Havex (2014) *

11 Attacks on Critical Infrastructure 11

12 Emerging Understanding  Long anticipated convergence of physical and cyber security domains is upon us  Confluence of forces Policy environment Executive Orders – recognizes cyber requirement for CI NIST – framework/standards for cyber-physical systems security Governance Board responsibility and liability Shareholder concern Threat environment Recent attacks provide irrefutable evidence Technology SMART Grid – enabling two way communication Cloud – enabling economies of operation Big Data – enabling efficiencies in operation IPv6 enabling Internet of Things 12

Download ppt "Parsons: Design – Build - Protect Securing Critical Infrastructure Phil Lacombe."

Similar presentations

Rick Sergel President & CEO July 16, 2009

Rick Sergel President & CEO July 16, 2009
FIA Prague Preparation February 6, 2008. Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.
Challenges in Protecting Critical National Infrastructure from Cyber Attacks Singapore University of Technology and Design Aditya P Mathur September 27,

Challenges in Protecting Critical National Infrastructure from Cyber Attacks Singapore University of Technology and Design Aditya P Mathur September 27,
Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.
Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute.

Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page Security Mega Trends Survey Independently conducted by Ponemon Institute.
Cyber Security and the Smart Grid Eric Lipinski Energy Law Fall 2010 Chicago-Kent College of Law.

Cyber Security and the Smart Grid Eric Lipinski Energy Law Fall 2010 Chicago-Kent College of Law.
Recognising the Risks of Cyber Threats Across the Organisation John Thornton Secretary to the Digital Government Security Forum.

Recognising the Risks of Cyber Threats Across the Organisation John Thornton Secretary to the Digital Government Security Forum.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Critical Infrastructure Protection (and Policy) H. Scott Matthews March 5, 2003.

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 5, 2003.
Nick Wainwright HP Labs / Effectsplus project. The report of a consultation of the Future Internet Assembly – a cross disciplinary assembly of researchers.

Nick Wainwright HP Labs / Effectsplus project. The report of a consultation of the Future Internet Assembly – a cross disciplinary assembly of researchers.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.

K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.

Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.
Cyber Security for Smart Grid George Gamble Cyber Security Architect Black & Veatch.

Cyber Security for Smart Grid George Gamble Cyber Security Architect Black & Veatch.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
NHTSA Cyber Security Best Practices Study Tim Weisenberger December 7, 2011.

NHTSA Cyber Security Best Practices Study Tim Weisenberger December 7, 2011.

Similar presentations

Ads by Google