Upload
iotisrael
View
477
Download
3
Tags:
Embed Size (px)
Citation preview
- NextNine Confidential -Subject: Infrastructure for Automated Remote Support 1
Shmulik AranDec-4, 2014
2 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
NextNine’s OT Security Management
• 10 years industrial experience
• Top tier customers in Oil, Gas, Mining, Chemicals, Energy and Critical Infrastructure
• 1000 end customers. 5000 installations
• VCs Funded; Profitable; Patents
• Most industrial vendorsand MSSPs as channels
NextNine OT Security Management Suite
3 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
Material Known Industrial Cyber Attack (1)
The Original Logic Bomb – 1982 – Russia
CIA caused the Siberian gas pipeline to explode using software, without
using traditional explosives
Blackout Worm – 2003 - US
First Energy blowout that left eight states in the dark for days
Titan Ray – 2004 - US
FBI detected China originated attacks to NASA & Lockheed-Martin for
espionage
Stuxnet - 2010 – Iran
Cyber worm destroying 1000 (fifth) of Iran’s nuclear centrifuges by
spinning out of control. 60,000 computers were effected
Flame –2012 – Iran and Middle East countries
Recorded audio, including Skype conversation, keyboard activity,
screenshots, and network traffic for espionage
Aramco – 2012 – Saudi-Arabia
“Spear-phishing" attack that infected 30,000 computers but didn’t stop the
oil flowing.
4 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
Water Tower Decoy – 2012 – US
Malicious computer virus attacked a decoy water tower ICS
SolarWorld – 2012 – US
Industrial information (manufacturing metrics, production line information)
stolen
Global Ping – 2013 – Worldwide
3.7M computers pinged. 114,000 manufacturing control systems vulnerable
for attack. 13,000 without password.
Utility Control-System Network – 2012 – US
Attackers Compromised twice control-system networks of utilities
Water Plant Pump – 2013 – US
Foreign hackers caused a pump at an Illinois water plant to fail.
Power plant malware – 2013 - US
Viruses and sophisticated malware were found in the power plants
Target Credit Cards Breach – 2014 - US
40M credit cards and 70M shoppers personal details were compromised
Material Known Industrial Cyber Attack (2)
5 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments5DRAFT, Copyright (IC)3, 2014
6 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
7 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
OT (Industrial) Security Challenges
Proprietary
Vendors/3rd Parties
Criticality
Life Span
Ownership/Control
RegulationGovernance
Availability
8 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
Multi-Site SCADA / ICS Environments
Quest for Centralized OT Security ManagementFor Distributed SCADA/ICS Environments
9 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
Centralized OT Security Management
Centralized OT Security ManagementFor Distributed SCADA/ICS Environments
Virtual Security Engine
Security Center
FILE
TRANSFER
LOG
COLLECTION
DASHBOARD
BACKUP
/RESTORE
REMOTE
ACCESS
ASSET
INVENTORY
ANTI-VIRUS
SIGNATURES
WINDOWS
& PRODUCTS
PATCHING
WHITE
/BLACK
LISTS
COMPLIANCE
MEASUREMENT
App Builder
10 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
Required Offering
App Builder
FILE
TRANSFER
LOG
COLLECTION
DASHBOARD
BACKUP
/RESTORE
REMOTE
ACCESS
ASSET
INVENTORY
ANTI-VIRUS
SIGNATURES
WINDOWS
& PRODUCTS
PATCHING
WHITE
/BLACK
LISTS
COMPLIANCE
MEASUREMENT
11 NextNine - Centralized OT Security Management for Distributed ICS/SCADA Environments
- NextNine Confidential -Subject: Infrastructure for Automated Remote Support 12
“With NextNine, we gain complete visibility of our entire SCADA/ICS environment, enabling us to enforce our security policies, reduce cyber risks and meet compliance requirements.” (a major client testimonial)
Corporate
Plants
Devices
SetPolicy
MeasureCompliance
PresentStatus
ImplementPolicy
- NextNine Confidential -Subject: Infrastructure for Automated Remote Support 13
Shmulik Aran, CEO
+972-528-667480
www.NextNine.com
Thanks for the attention!
Enjoy IoT 2014!