Upload
tranthu
View
215
Download
0
Embed Size (px)
Citation preview
© 2017 Belden Inc. | belden.com | @BeldenInc
Cyber Security for Industry 4.0 International Conference
Industrial Cyber Security:
Case Studies, Standards, Challenges and Practical solutions in APAC Justin Nga, CISSP Commercial Engineering Director & Industrial Cyber Security Lead APAC
© 2017 Belden Inc. | belden.com | @BeldenInc 2
Corporate and Industry Drivers
© 2017 Belden Inc. | belden.com | @BeldenInc 3
Industrial Megatrends are Driving IP Adoption
Legacy
Systems
Collaboration
between
IT & OT
Exposure to
Security
Risks
IP BENEFITS …
IP
CONSEQUENCES …
CHANGING
CONSUMER BEHAVIOR
More demanding consumers
create an opportunity to capture
share in a low growth environment
LABOR
SUBSTITUTION
Social, economic and political
trends are changing the mix of
labor and machinery in production
INCREASED
PRODUCTIVITY
Low growth environment is
increasing pressure on companies
to drive shareholder value through
improved productivity
MEGATRENDS DRIVE INVESTMENT
INTO AUTOMATION REQUIRING IP …
Industrial
IT
Remote
Access
Open
Standards
Leverage
Standard
Devices
Connected
Factory
to the
Enterprise
© 2017 Belden Inc. | belden.com | @BeldenInc 4
1. Joint study from ISACA and RSA. 2. Ponemon Institute study. 3. IBM/Ponemon Institute study 4. “Overload: Critical Lessons From 15 years of ICS Vulnerabilities”, FireEye iSight Intelligence
Incident and Breach Levels Continue to Soar
Need for tools to manage complexity with focus on risk, compliance
© 2017 Belden Inc. | belden.com | @BeldenInc 5
SKILLSETS WILL BE ONE OF THE LARGEST GAPS
FOR INDUSTRIAL CYBER SECURITY
Requires more automation and integration to solve critical needs
Increasing Connectivity and Skill Shortage
Solution that integrates the
security threat landscape
across endpoints and networks
becomes more important in
IT as well as OT environments
Increasing connectivity
continues to increase the risk,
i.e. the attack surface
Security skills shortage
continues to be a challenge as
threats grow in sophistication
and breadth. Customers cannot
fully use the solutions and
security providers cannot ramp
up faster
2016
22% 2020
CAGR in connected
devices
THE SKILLS GAP
63%
UNFILLED
SECURITY JOBS
WORLDWIDE 3 MONTHS OR
MORE TO HIRE
Organizations with problematic
shortage of security professionals
2016 46% 2015 28%
1 MILLION
EXPLOSIVE GROWTH IN ENDPOINTS / TARGETS
Automation is critical for IT Operations
© 2017 Belden Inc. | belden.com | @BeldenInc 6
SANS – Securing ICS 2017
© 2017 Belden Inc. | belden.com | @BeldenInc 7
Statistics and Incident Case Studies
© 2017 Belden Inc. | belden.com | @BeldenInc 8
© 2012 Security Incidents Organization
External
Hacker
Software or
Device Flaw
Human
Error
Malware
Infection
Disgruntled
Employee
Industrial Cyber Security is not only about Confidentiality but more
Integrity and Availability
ICS Cyber Security Incident Statistics - RISI
© 2017 Belden Inc. | belden.com | @BeldenInc 9
Source: Lipson, Howard F.: Tracking and Tracing Cyber-Attack: Technical
Challenges And Global Policy Issues CMU/SEI-2002-SR-009
Industrial Cyber Security Attacks Today
• Technology: Highly automated and require
little intruder knowledge
− Attack frequency is increasing
− Attack sophistication is increasing
− Attack expertise is decreasing
• Information: More information now than
ever before in the public domain, especially
for Industrial Control Systems (ICS)
− ICS Cert website, ScadaHacker, Kalitutorials,
etc
• Tools: Free / Cheap penetration testing
and scripting tools:
− Kali Linux, Raspberry Pis, etc.
© 2017 Belden Inc. | belden.com | @BeldenInc 10
ICS Cert Website
© 2017 Belden Inc. | belden.com | @BeldenInc 11
• Event: More than 750,000 gallons of
untreated sewage intentionally released into
parks, rivers, and hotel grounds
• Impact: Loss of marine life, public health
jeopardized, $200,000 in cleanup and
monitoring costs
• Specifics: SCADA system had 300 nodes
(142 pumping stations) governing sewage
and drinking water
− Used OPC ActiveX controls, DNP3, and ModBus
protocols
− Used packet radio communications to RTUs
• Caused as many as 46 different incidents
over a 3-month period
The Maroochydore Incident
© 2017 Belden Inc. | belden.com | @BeldenInc 12
The Maroochydore Incident
© 2017 Belden Inc. | belden.com | @BeldenInc 13
The Stuxnet Worm
• July, 2010: Stuxnet worm was discovered attacking
Siemens PCS7, S7 PLC and WIN-CC systems
around the world
• Infected 100,000 computers
and at least 22 industrial sites
• Created to attack Natanz, the uranium
enrichment centrifuge facility in Iran
• Stuxnet software can be reused, enabling
less sophisticated organizations to deliver
new attacks to new targets
• Brought unwanted attention to the
weaknesses of ICS/SCADA security
© 2017 Belden Inc. | belden.com | @BeldenInc 14
Stuxnet – Deep Dive
• “Stuxnet” name was created by security analysts. Original name is
rumoured to be “Olympic Games”.
• Natanz was air-gapped. Threat vector used was USB memory stick.
• The Code details:
− Dense and functional. Top researchers > 30 days.
− 20 times the average malware code
− Included 4 zero days exploits
− Virus was self sufficient and automated
− Once at the target, it waits for 13 days before executing payload
− 1st attack – Increased frequency until centrifuges hit resonance frequency
− 2nd attack – lowered the frequency until centrifuge rotor imbalances
− Both attacks cause physical damage
− Fake ‘healthy’ SCADA values were replayed
− Stealthily deployed that manufacturing / process control errors were initially
blamed for the damage
The Stuxnet Worm demonstrated it is possible to cross the bridge
between the Cyber and the Physical world
Impact to Safety
© 2017 Belden Inc. | belden.com | @BeldenInc 15
Shamoon
• Impacted Saudi Aramco, publicized Aug 2012
• Malware overwrote the HDD of workstations
• Malware has 3 key components:
− Dropper
− Wiper
− Reporter
• Errors in code concluded that the hackers were
“skilled amateurs”. Suspected insider help.
• Yet the destruction and damage was widespread –
30,000 workstations!
• Fortunately, there is no evidence it had any impact on
ICS or SCADA systems
Impact to Business Continuity
© 2017 Belden Inc. | belden.com | @BeldenInc 16
Dragonfly
• Surfaced Feb 2013
• Target most likely pharmaceuticals industry – first
major documented attack to the Discrete Manufacturing
sector
• 3 Threat attack vectors – Email spear phishing,
watering hole, Trojan software
• Malware was equipped with 3 Remote Access
Tools (RATs) – Havex, Karagany, and Sysmain
• Watering Hole – Malware was installed via
legitimate software of 3 ICS suppliers
• Majority of target machines were WinXP
• Well funded multi phase campaign
• Likely data theft was primary objective
Impact to Business – Corporate Espionage
© 2017 Belden Inc. | belden.com | @BeldenInc 17
BlackEnergy
• 23rd Dec 2016
• Targeted the Ukrainian Power Grid - western area
of Ukraine
• Estimated 80,000 customers and 700,000 homes
went without electricity for 3-6 hours
• Original vector via Spear Phishing, with Word
document containing the Malware.
• Malware BlackEnergy allowed unauthorized
remote access to the utilities’ computer networks
• Electricity was restored the same day – by field
staff manually reclosing the breakers
Impact to Nation State
© 2017 Belden Inc. | belden.com | @BeldenInc 18
CRASHOVERRIDE (aka Win32/Industroyer)
• Suspected to be the code platform for
Blackenergy
• 2nd known case of malicious code
purpose-built to disrupt physical systems
• 1st case to be a scalable and extensible
‘platform’ of tools.
• Current protocols IEC 101, 104, 61850,
OPC DA
• Modules perform:
− Denial-of-service (DoS)
− Backdoor/remote access
− Command and Control (C&C or C2)
for periodic connection to the command
server for updates
− Port scanning
− A wiper to hide its tracks, destroy files and even
overwrite the boot sector so that the system
cannot reboot itself
© 2017 Belden Inc. | belden.com | @BeldenInc 19
IT and OT Historical Trends
© 2017 Belden Inc. | belden.com | @BeldenInc 20
2010+
IT and OT Historical Trends
• Focusing on 2 areas of enabling OT technologies/trends – Operating Systems and
Networking/Communications
70s 80s 90s 2000s
CP/M, Unix/BSD/OS9
Ethernet, Frame Relay,X.25, Arcnet, Serial and Parallel protocols
MSDOS, PCDOS, Windows 1.0, OS/2, MACOS, Unix/SunOS
Ethernet, X.25, Arcnet, Token Ring, FDDI, Novell Netware, Appletalk, ATM/Sonet/SDH
Windows 3.0/NT/95/98, OS/2, MACOS, Unix /SunOS/Linux/Sun Solaris
Ethernet, X.25, Token Ring, Novell Netware, Appletalk, Sonet/SDH. 802.11 wireless, Bluetooth, 2G/3G
Windows 2000/XP/7 OS/2, OS X, Unix /Linux/Sun Solaris
Ethernet, MPLS, Sonet/SDH, 802.11 wireless, bluetooth WiMax, 2G/3G/4G/LTE, (IOT)
Windows 8 / 10, OS X, Unix /Linux/Oracle Solaris
Ethernet, MPLS, 802.11 wireless, 4G/LTE, IOE, ??
IT
CP/M, Proprietary interfaces, Ladder Logic
Hardwire, Serial based protocols, Modbus
MSDOS, Unix and Proprietary interfaces
Hardwire, HART, Serial, Modbus, FIP, Profibus
MSDOS, Windows NT (oper), Unix based (Eng)
Hardwire, HART, WorldFIP, Profibus, Foundation Fieldbus, DeviceNet, ControlNet, Ethernet – standards war
Windows for operator w/s, Unix for Eng w/s, XP, CE, Embedded
Hardwire -> IEDs, HART (wireless), IEC 61158, Ind. Ethernet based protocols (*) 802.11 wireless
Windows based and Unix based
Ind. Ethernet based protocols (*) MPLS, 802.11 wireless, 4G/LTE, IIOT, ??
OT
* Industrial Ethernet OSI Based Protocols – Ethernet/IP, Profinet (IO/IRT), Profisafe, Modbus TCP, 61850, DNP3, etc.
What can history tell us?
© 2017 Belden Inc. | belden.com | @BeldenInc 21
What can IT history teach us about OT’s future?
• No major surprises – enabling technologies
for OT has been tried and tested by IT before.
• Adoption timelines are getting shorter – 20
years, 10 years, < 10 years.
• Business drivers like higher performance, data
integration, increased collaboration and
skillset supportability moved systems to open
platforms like Windows, Ethernet, and
Wireless.
• IT and OT convergence and open standards
have made systems more vulnerable.
• Networking and Cyber Security are focused
disciplines by themselves
• What about IT Cyber Security History and
Statistics?
© 2017 Belden Inc. | belden.com | @BeldenInc 22
2010+
IT and OT Historical Trends
• Focusing on 2 areas of enabling technologies/trends – Viruses / Worms / etc. and Antivirus / Cyber Security
solutions
70s 80s 90s 2000s
Creeper, Rabbit, Animal (1st Trojan)
OS fixes / upgrades
Elk Cloner (Apple II), Brain (IBM Compatible), Yale, Stone, Ping Pong, Jerusalem, etc.
G Data/UVK2000 (Atari), Flushot+/Anti4US (Heuristic). First IDS.
Vienna, Cascade (Polymorphic), Concept (Macro virus for MS Word), CIH (ROM/Bios), Happy99/Melissa (Outlook)
McAfee, Norton, By late 90 – 19 brands. IDS systems become more prevalent
ILOVEYOU, Pikachu (Autoexec.bat), CodeRed, MyDoom,,Conficker, Slammer,many more.
Antivirus and specific Malware based programs, and IPS.
Stuxnet, Flame, Shamoon, Gameover Zeuz (keystroke logger), Locky (ransomware)
Combination and Evolution
IT
There is MINIMAL time transition for Cyber
Security Attacks between IT and OT
© 2017 Belden Inc. | belden.com | @BeldenInc 23
The Air Gap Fallacy and
the Impact of Open Platforms
© 2017 Belden Inc. | belden.com | @BeldenInc 24
The Air Gap
Let us take a look at the historical trends of ICS communication
− Automation in the 1980’s – isolated “islands”
PLCs PLCs
Serial or Proprietary Comm Link
© 2017 Belden Inc. | belden.com | @BeldenInc 25
Early 1990’s – Influx of Windows PCs
PLCs
Enterprise
Workstations
HMI Stations
PLCs
Enterprise
Servers
Serial or Proprietary Comm Link
THE AIR GAP
© 2017 Belden Inc. | belden.com | @BeldenInc 26
Late 1990’s – Industrial Ethernet
Control
Network
PLCs
Office
Network
Internet
Enterprise
Workstations
HMI Stations
Plant
Network
Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs
Enterprise
Servers
© 2017 Belden Inc. | belden.com | @BeldenInc 27
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
2000’s - Interconnection to Enterprise Systems
© 2017 Belden Inc. | belden.com | @BeldenInc 28
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
Today's Typical Threat Vector
© 2017 Belden Inc. | belden.com | @BeldenInc 29
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
Faulty / Misconfigured Equipment Are Also Threats
© 2017 Belden Inc. | belden.com | @BeldenInc 30
Industrial Cyber Security
Frameworks and Standards
© 2017 Belden Inc. | belden.com | @BeldenInc 31
• These domains provide a vendor-independent overview
of a common security framework, supported in all type
of organizations worldwide
1. Security and Risk Management
2. Asset Security
3. Security Engineering
4. Communication and Network Security
5. Identity and Access Management
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security
*International Information System Security Certification Consortium, Common
Body of Knowledge, 2017
8 Topical Domains of Security (based on ISC2 CBK*)
© 2017 Belden Inc. | belden.com | @BeldenInc 32
Where Standards Work and Where they Don’t
• Where they work:
• Standards are based on best practices
• Provides guidance and standard work
• Legal compliance
• Where they may not work:
• Compliance does not guarantee protection.
• Monolithic – slow to form, slow to change.
• Baseline, scope and tailor from a
combination of IT, OT, Industry based
standards, and security controls prioritized
from a risk assessment, and review
regularly.
© 2017 Belden Inc. | belden.com | @BeldenInc 33
APAC Region Standards and Initiatives
• Standards in individual countries under development and
evaluation. No known enforceable standards as yet.
• Commonalities:
• Large investments for research, cooperative and collaborative
initiatives
• CERTs – Regional and local Computer Emergency Response
Teams. APCERT (https://www.apcert.org/) and member countries
• Examples:
• Australia - Joint Cyber Security Centre opened in February 2017. >
20 organisations represented from the energy, water, finance,
transport and mining sectors.
• Singapore - The Ministry of Communications and Information (MCI)
and the Cyber Security Agency of Singapore (CSA) held a public
consultation exercise on the draft Cybersecurity Bill in July/Aug
2017. The purpose to establish a framework for the oversight and
maintenance of cybersecurity in Singapore.
• India - The Government of India launched their National Cyber
Security Policy in 2013, and in 2014, the Prime Minister’s Office
created the position of the National Cyber Security Coordinator.
© 2017 Belden Inc. | belden.com | @BeldenInc 34
• ISO/IEC 27001:2013 is an information
security standard.
• Organizations which meet the standard may
be certified compliant by an independent and
accredited certification body on successful
completion of a formal compliance audit.
ISO 27001 Information Security Standard
© 2017 Belden Inc. | belden.com | @BeldenInc 35
NERC / CIP Standard
• North American Electric Reliability Corporation’s (NERC) Critical Infrastructure
Protection (CIP) Cyber Security Standards overview
© 2017 Belden Inc. | belden.com | @BeldenInc 36
• ISA/IEC-62443 is a series of standards that define procedures for implementing
electronically secure Industrial Automation and Control Systems (IACS).
• Applies to end-users (i.e. asset owner), system integrators, security practitioners, and
control systems manufacturers responsible for manufacturing, designing, implementing,
or managing IACS.
IEC 62443 (previously ISA99)
© 2017 Belden Inc. | belden.com | @BeldenInc 37
IEC 62443 Security Levels Proposal*
• Similar to Functional Safety
* © Pierre Kobes (http://isa99.isa.org/Public/Meetings/Committee/201506-Frankfurt/ISA99-Protection-Levels.pdf)
© 2017 Belden Inc. | belden.com | @BeldenInc 38
Where Do You Start?
© 2017 Belden Inc. | belden.com | @BeldenInc 39
Maturity Curve
Beginner
Intermediate
Advanced
“Don’t Have One”
“Completed a risk / security assessment”
“Calibrating our security controls”
Where is your
organization on this
journey?
Cyber Security is a Journey
Cyber Security Programs are Strategic and Economic propositions
more than Technical solutions
© 2017 Belden Inc. | belden.com | @BeldenInc 40
Priority IT OT / ICS
#1 Confidentiality Availability
#2 Integrity Integrity
#3 Availability Confidentiality
• The Cyber Security Triad:
− Confidentiality, Integrity, Availability – Rank them by importance
• Same Issues, Different Perspectives:
Enterprise IT vs Industrial OT Perspectives
IT: Privacy First – “Protect the Data”, i.e. hosts and user
OT/SCADA/ICS: Safety First – “Protect the Process”, i.e. plant
assets, personnel, and environment
© 2017 Belden Inc. | belden.com | @BeldenInc 41
• Does your organization have a Cyber Security Policy with C-Suite support?
− What role does senior management play in Cyber Security decisions?
• What is your security compliance posture today?
− Describe your current posture and your target state for Cyber Security?
− What Security frameworks are you referencing? ISO27001, NERC, 62443, etc.
• Whose responsibility is Security?
− Security Management is ultimate responsibility is upper management, and must be
considered a business operations issue first and not an IT administration issue.
− Security is Everyone’s responsibility.
Where is your Organization on this Journey?
© 2017 Belden Inc. | belden.com | @BeldenInc 42
Security and Risk Assessments
CONSEQUENCE
RISK
• Risk = Threat (event likelihood) x Vulnerability (of asset) x Consequence (of
event to operations, environment, reputation, etc).
© 2017 Belden Inc. | belden.com | @BeldenInc 43
• Access Control refers to a broad range of controls that perform such
tasks as ensuring only authorized users can gain access to resources,
and denying unauthorized users
• Controls mitigate a wide variety of information security risks and can be
categorised as:
1. Deterrent
2. Preventive
3. Detective
4. Compensating
5. Corrective
6. Recovery
7. Directive
* International Information System Security Certification Consortium, Common Body of Knowledge, 2017
7 Categories of Access Controls (based on ISC2 CBK*)
© 2017 Belden Inc. | belden.com | @BeldenInc 44
High Level ICS Risk Assessment Output
• A Security Risk and Vulnerability Assessment will uncover:
− Your key threats, vulnerabilities and consequences
− How do you respond to these risks? Do you Mitigate, Transfer, Avoid, Accept?
− Access Controls to apply, and the residual risk
− Your Risk Appetite
* © Tofino Security / Exida consulting white paper)
© 2017 Belden Inc. | belden.com | @BeldenInc 45
APAC Best Practices
• People: Training and Awareness
• IT and OT convergence – I and OT
departments. Deploy rotational programs
• Employee awareness
• Technology: You cannot protect what
you cannot see:
• Asset management
• Configuration Compliance Management
• Change Management and Detection
• Network Management
• SIEMs
• Processes:
• Risk Assessment
• What’s Old is New again:
• Network security, design and segmentation
• Defense in Depth
© 2017 Belden Inc. | belden.com | @BeldenInc 46
Defense in Depth
© 2017 Belden Inc. | belden.com | @BeldenInc 47
• The Defense-in-Depth model limits the impact of
an incident and breach, regardless of where or
how it happens.
1. Multiple layers of defense – Layered in Series
2. Differentiated layers of defense – Using
different appliances, software or processes
3. Threat-specific layers of defense
Defense-in-Depth Model
• Defense-in-Depth also applies to People and Processes.
• The 4Ds – Deter, Deny, Detect, Delay
© 2017 Belden Inc. | belden.com | @BeldenInc 48
• A core concept in IEC-62443 security standard
is “Zones and Conduits”
• Offers a level of segmentation and traffic control
inside the control system.
• Control networks divided into layers or zones
based on control function – “Trust Boundary”
Defense in Depth for ICS via Network Segmentation
© 2017 Belden Inc. | belden.com | @BeldenInc 49
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
Zones and Conduits provide Defense in Depth
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
© 2017 Belden Inc. | belden.com | @BeldenInc 50
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
Zones and Conduits provide Defense in Depth
© 2017 Belden Inc. | belden.com | @BeldenInc 51
Control
Network
External
NetworkPLCs
Office
Network
Servers
Internet
IT Firewall
Enterprise
Workstations
HMI Stations
Plant
Network
Contractor Wireless Dial-up
IT Firewall
Wireless
Engineering
StationsServers
PLCs Remote
Diagnostics
Enterprise
Servers
Zones and Conduits provide Defense in Depth
© 2017 Belden Inc. | belden.com | @BeldenInc 52
About Belden
© 2017 Belden Inc. | belden.com | @BeldenInc 53
Belden’s Industrial Cybersecurity Portfolio
© 2017 Belden Inc. | belden.com | @BeldenInc 54
Belden’s 1-2-3 Approach to Industrial Security
BELDEN HELPS CUSTOMERS ADAPT TO THE RAPIDLY CHANGING
ENVIRONMENT AT THEIR OWN PACE
SECURE
INDUSTRIAL
ENDPOINTS
SECURE
INDUSTRIAL
CONTROLLERS
SECURE
INDUSTRIAL
NETWORKS
• Segmentation
• Zoning and conduits
• Monitoring and alerts
• Wireless and remote
access
• Threat containment
• Inventory connected
assets
• Identify vulnerable and
exploitable endpoints
• Achieve and maintain
secure and authorized
configurations
• Identify unauthorized and
malicious changes
• Detection and visibility
into changes and threats
to ICS
• Protection for vulnerable
and exploitable controllers
• Assure authorized access
and change control for ICS
• Detect and contain threats
© 2017 Belden Inc. | belden.com | @BeldenInc 55
Key Takeaways
© 2017 Belden Inc. | belden.com | @BeldenInc 56
Key Takeaways
• ICS Cyber Security threats, incidents and breaches are real and increasing
• Cyber Security is a Journey
• C-Level sponsorship is Critical for Success
• It goes beyond Technology alone – People and Processes
• Training and Employee Awareness
• APAC is on this Journey – leverage recognized standards and frameworks
• Manage your Networks
• Use IEC 62443 Zones and Conduits design concepts for your ICS networks
• Create a Defense in Depth mindset – the 4Ds
• Manage your Risk Assessment
• Monitor for change, and implement continuous monitoring
© 2017 Belden Inc. | belden.com | @BeldenInc
THANK YOU!
Any Questions?