electricity 2017 - התאגדות מהנדסי חשמל ... · medium cyber maturity organizations...
TRANSCRIPT
Electricity 2017Eilat, Israel | November 9, 2017
siemens.com/oil-gasUnrestricted © Siemens AG 2017
Unrestricted © Siemens AG 2017August 2017Page 2 CG PD OM
Securing the Energy SectorTable of contents
• Digitalization offers operational efficiencies
• Cyber threats are the new Energy risk frontier
• How to secure a complex digital production ecosystem
• Operational technology security methodology
• Helping organizations reduce risk and vulnerability
Unrestricted © Siemens AG 2017August 2017Page 3 CG PD OM
Digitalization Opportunities and Benefits
Focus on digitalization efforts resultin game-changing operational improvements
3.82
1.82
2.05
3.21
3.33
2.70
Energy
Chemicals
Telecom
Automotive
Construction
Manufacturing
Electronics2.35
Source: McKinsey and Co; Accenture; 1 = high, 2 = medium, 3 = low, 4 = rudimentary
Digitalization by Industry
Remote Operation
Industrial Internet of Things (Web of Systems)
Cloud applications
Big data analytics
Asset management and business analytics $80B
-25%
+11%
8%
Will be spent in the next24 months on operationalefficiency…
… that could lead toreduction in OPEX if smartlyspent on digital…
… and produce game-changing field recoveryrates …
… resulting in sustainedprofit increase
Unrestricted © Siemens AG 2017August 2017Page 4 CG PD OM
Rising number of cyber threatsto industrial control systems
67% believe the risk level to industrialcontrol systems over the past years hasmarkedly increased because of cyberthreats
Increased complexity of riskmanagement across value chain
61% say their organization hasdifficulty in mitigating cyber risksacross the oil and gas value chain
Risk migrating fromIT to OT environment
59% believe that there is nowa greater level of cyber risk inthe OT than in the IT environment
In a digital environment industrial cyber is the new risk frontier
2012: Malware attempting to accessSCADA infiltrated Telvent systems
2014: Energetic Bear virus (Havex)infected ICS software updates
2014: Black Energy malwareinfiltrating 37% of US energy firms
2011: Virus Duqu collected indus-trial control system information
Source: State of OT Cybersecurity in the Oil and Gas Industry, 2017, SGT research
Unrestricted © Siemens AG 2017August 2017Page 5 CG PD OM
Energy companies are not prepared …
Source: State of OT Cybersecurity in the Oil and Gas Industry, 2017
What best describes the maturity levelof your organization’s cyber readiness?
62%
29%
9%
Middle Stage
Early Stage
Mature Stage
O&G organizations face recurring painpoints in maturing OT cyber programs
Limited visibilityacross OT asset base
Shortage of internalOT security expertise
Lack of an OT-specific securitystrategy
Difficulty of securingmulti-vendor,legacy OT assets
Inability to monitorand respond rapidlyto threats
IT solutions donot translate toOT environment
Most organizations in earlyto middle stages
Unrestricted © Siemens AG 2017August 2017Page 6 CG PD OM
… with current Operational Technology (OT)programs leaving significant security gaps exposed
People
60%of respondents say they do nothave enough staff to effectivelymeet the challenge
Organizational
1 in 3respondents believe thereis full alignment betweenIT and OT on security operations
Processes
40%of respondents havecyber training and aware-ness initiatives in place
Solutions
Yet onlyuse this technology today20%63% of respondents view analytics
as effective/very effective
Source: State of OT Cybersecurity in the Oil and Gas Industry, 2017
Unrestricted © Siemens AG 2017August 2017Page 7 CG PD OM
Low Cyber MaturityOrganizationsThe solutions viewed byrespondents as most effective …
Medium Cyber MaturityOrganizationsThe solutions viewed byrespondents as most effective …
High Cyber MaturityOrganizationsThe solutions viewed byrespondents as most effective …
Customers are looking to address fundamentalsbefore building advanced monitoring capabilities
Security policiesand training 50%
Firewall/IDS 56%
Endpointhardening 62%
Secureremoteaccess
36%
Assetmanagement 41%
On-site/remote SIEM
deployment47% 68%
50%
Securityanalytics
Managedintrusiondetection
Networksecurity
monitoring51%
Source: State of OT Cybersecurity in the Oil and Gas Industry, 2017
Unrestricted © Siemens AG 2017August 2017Page 8 CG PD OM
How do you secure complex digital production environmentswithout sacrificing production efficiency?
Facilities integratemonitoring and safe
surveillance
Drill RigMonitoring
Asset FieldOffices
GPS trans-ponders
on movingequipment
Centraloperationsmonitoring
VirtualCollaboration
Emissionsand
equipmentmonitoring
HandheldData
Acquisition4-D
SeismicAutomated
well detection
Wireless wet head
WirelessMonitoring ofStorage Tank
Electricalequipment
Compressors
Gas turbines
AnalyticPlatforms
Unrestricted © Siemens AG 2017August 2017Page 9 CG PD OM
The first steps to addressing industrial cyber areto understand the OT risk, get transparency and harden defenses
… that meet the uniqueperformance andsafety requirements
… as benefits ofdigitalization are toogreat. Connectivityequals insight
… to baseline OT risk,harden the infrastructureand begin to addressfundamentals
Demand OT CyberSolutions
Overcome the Fearof Connectivity
Get cyber transparency
Siemens Best Practices
… to drive the changeagainst this complexand quickly growingproblem
… which in the worldof digitalization hasbecome the new center
… as the sophisticationand complexity of OTattacks has reachedmachine speeds
Assign ownership for OT
Secure the edge
Leverage securityanalytics to get theadvantage
Unrestricted © Siemens AG 2017August 2017Page 10 CG PD OM
Today's typical dilemma –Understanding security event data
Disconnected Data Repositories
Security and AssetMonitoring
Scheduled andUnplannedOutages/Maintenance
Production(historical/forecast)
NetworkAdmins
Cumbersomecollection of qualitysecurity data
AssetOwners
Security perfor-mance difficultto benchmark
O&MStaff
No access to fullinformation forsecurity decisions
All usergroups
Different referencepoints and inputdata for accuratesecurity diagnostic
Information out of contextis often irrelevant
1
1
1
1
1
1
1
11
1
1
1
1
1
11
11
1
1
1
1
11
00
0 0
0
0
0
0
0 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
11
10101
0
0
1
1
01
1
00
0
11
0
0
0
1
1
0
1
11
1
0101
00
Unrestricted © Siemens AG 2017August 2017Page 11 CG PD OM
Asset DependencyHierarchyAnd criticality, that revealsexpected attack path inthe ICS cyber kill chain
Data Enrichment Sourcesfor Contextualization
Control System, Sensor,and Machine BehaviorProfiled in-depth profiled in realtime leveraging asset owner’sknowledge with automatedmethods at the fleet level
Ongoing External AttackCampaigns (TTP)And vulnerabilities relevantto actually owned SCADA/ICSsystems and IIoT
Production and Plant StatusCritical process variables thatindicates what is expected next
Unrestricted © Siemens AG 2017August 2017Page 12 CG PD OM
6 sensors 2,000 data pointsIndustryexpertiseis key to success
Asset Profiling Challengeand Handling Security Big Data in the IIoT Age
Unrestricted © Siemens AG 2017August 2017Page 13 CG PD OM
These challenges can onlybe met when precise
Managing this complexity demands
How to Address this Challenge?
realtime security andperformance data
better situationawarenessand integrated contextualizationapproaches to leverage knowledge
are available for all critical assets
Unrestricted © Siemens AG 2017August 2017Page 14 CG PD OM
How does Detection Work whenwe approach this as an OT Challenge
Alert andRespond
Specific actions
Real-time contextualinformation
Specific recommendedactions to decrease risk
Single result frommultiple sources
Improved businessoperationcontinuity
Control systemnetwork anomaly
AttackDetected
Longitudinal Analysis çè Clustered Analysis éêSpatio-Temporalçèé
ê
Process variablebehavior change
Control systemconfiguration change
Unrestricted © Siemens AG 2017August 2017Page 15 CG PD OM
€
Continuous Monitoring of the Production Processcomes along and delivers additional value
Continuous monitoringof your entire globalmachine fleet
Large data volumesprocessed
Different deploymentoptions: Public-/Private-Cloud, On-Premise
Today only
3.5% of allfactories!
Unrestricted © Siemens AG 2017August 2017Page 16 CG PD OM
Thank you for your attention
Eitan Goldstein
Director, Industrial Cyber and Digital SecuritySiemens Energy
E-mail: [email protected]
siemens.com