Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
AboutMe
• TonyFlick• PrincipalatFYRMAssociates
• EightyearsintheInforma>onSecurityindustry
• Authorof“SecuringtheSmartGrid”
Why?
• Whyshouldsmartgridcompaniesbeconcernedaboutsecurity?– Justlikeanyotherindustry,weneedtothinkabouttherisks/consequencesbeforewestart
– Unlikemostotherindustries,lackofsecuritycancausephysicalharm
WhyNot?
• Whyarecompaniesnotimplemen>ngsecuritycontrols?– Timeconsuming– Costs– Compe>>on
– Someoneelse’sresponsibility
ShortTermImplica>ons
• Gamblethatvulnerabili>eswillgounno>ced– Cheaper
• Somecustomerswillrefusetodobusinesswithyou
LongTermImplica>ons
• Eventually,youwillhavetoincorporatesecuritycontrols– AQacks– Regula>ons
• Allcustomerswilleventuallyforceyou
Results
• Securitywillbefarmorecomplextointegratelateron
• Canbemoreexpensive
• Canyourcompanysurvive?
SecurityControls
• Integratesecuritycontrolsthroughoutthelifecycle
• Individualvulnerabili>esandthreatscanbedistrac>ng
• Focusonsecuritycontrols– Remediatetherootcauseissues
SecurityControls
• Trainings• Assessments– In‐house– ThirdParty– Scanvs.Assessment
SecurityMindset
• Justbecauseyoucan,doesn’tmeanyoushould– MobileApplica>ons– SocialNetworking
Ques>ons?