Afal Leszczyna - EnISA Recommendations On ICS Security

Barcelona, 16 September, 2011
Rafa Leszczyna Resilience and CIIP Program, ENISA
ENISA RECOMMENDATIONS ON ICS SECURITY

2011-09-16
rafal.leszczyna@enisa.europa.eu
www.enisa.europa.eu
The Aim and Scope of the Study

ICS Security panorama
Threats, risks, challenges National and pan-European initiatives
Identification of gaps Recommendations Follow-up Dialogue between the stakeholders

2011-04-11
www.enisa.europa.eu
The Approach in Short
2011-04-11
www.enisa.europa.eu
R1: National and Pan-European ICS Security Strategies

The lack of initiatives on ICS security
EU level policies for CIP and CIP

None of them addressing ICS specifically COM(2011) 163 recognising the advent of the new threats (Stuxnet mentioned explicitly) US DHS established the Control Systems Security Program (CSSP) as a cohesive effort between government and industry to improve the security posture of control systems within the nation's critical infrastructure
2011-04-11
www.enisa.europa.eu
R1: National and Pan-European ICS Security Strategies

Active collaboration between the ICT security sector and ICS Manufacturers, essential to improve ICS security Interest in sharing initiatives Excessive size, constraints or private interests are the main disadvantages and risks of sharing initiatives Unbalanced interest in cooperation between each group of stakeholders Bilateral cooperation preferred to multilateral PPP sharing initiatives demanded by most stakeholders National or European funded security programs to be improved
Trust is an essential ingredient for the success of sharing initiatives
2011-04-11
www.enisa.europa.eu
R2: Good Practices Guide for ICS Security

Good Practices and Standards are considered to be the most effective measures The lack of a Common Reference in Europe Not all sectors are being targeted by EU policies Current documents, usually generic Energy, the sector with a larger number of specific guidelines Lack of coordination among European countries The most valued characteristics of security standards: a holistic approach, risk management guidance and businessorientation Too technical standards less valued Implementation of non European regulations, standards or good practices in industrial environments Mistrust of guidelines causing heterogeneity
2011-04-11
www.enisa.europa.eu
R3: ICS Security Plan Templates

Need for an Operator/Infrastructure level security plan template Sections to be included in the Operator/Infrastructure level security plan Risk Management to be included in the ICS security plan Awareness topic to be included in the ICS security plan Security plans need to be adapted for every operator Developing security programs, too costly for operators
2011-04-11
www.enisa.europa.eu
R4: Awareness and Training

Space for improvement in Dissemination and Awareness Forums High interest in participating in Dissemination and Awareness Forums Quality of ICS security events lowrated Top Management awareness to be fostered ICS providers are not aware of security good practices of the ICT world The security by obscurity debate
2011-04-11
www.enisa.europa.eu
R5: Common Test Bed or ICS Security Certification Framework

Need for independent evaluations and tests of ICS security products Interest in creating a common test bed PPP, a European scope and supported by Academia the desired characteristics of the common test bed
Concerns regarding a European common test bed

A security reference model as an alternative to a European common test bed ICS providers are not aware of security good practices of the ICT world
2011-04-11
www.enisa.europa.eu
R6: National ICSCERTs

Creation of an ICSCERT PPP as a desired characteristic of an ICSCERT
Characteristics of the ICSCERT
2011-04-11
www.enisa.europa.eu
10
R7: Research in ICS Security

Current research lines
Future research lines

Future threats a research topic Adaptive Persistent Adversaries as the threat of the future ICS importing the ICT solutions and the ICT problems Regular ICT solutions need to be adapted further to the ICS
Modular approach to builtin security requested by most onfield stakeholders
2011-04-11
www.enisa.europa.eu
11
Seven ENISA Recommendations for ICS Security: Summary

1. National and Pan-European ICS Security Strategies
2. Good Practices Guide for ICS Security

3. ICS Security Plan Templates 4. Awareness and Training 5. Common Test Bed or ICS Security Certification Framework 6. National ICSCERTs 7. Research in ICS Security
2011-04-11
www.enisa.europa.eu
12
Thank you!
2011-04-11
www.enisa.europa.eu
13

Afal Leszczyna - EnISA Recommendations On ICS Security

Cargado por

Información del documento

Descripción original:

Título original

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

Afal Leszczyna - EnISA Recommendations On ICS Security

Cargado por

Copyright:

Formatos disponibles

Barcelona, 16 September, 2011

Rafa Leszczyna Resilience and CIIP Program, ENISA

ENISA RECOMMENDATIONS ON ICS SECURITY

The Aim and Scope of the Study

Identification of gaps Recommendations Follow-up Dialogue between the stakeholders

The Approach in Short

R1: National and Pan-European ICS Security Strategies

EU level policies for CIP and CIP

R1: National and Pan-European ICS Security Strategies

Trust is an essential ingredient for the success of sharing initiatives

R2: Good Practices Guide for ICS Security

R3: ICS Security Plan Templates

R4: Awareness and Training

R5: Common Test Bed or ICS Security Certification Framework

Concerns regarding a European common test bed

R6: National ICSCERTs

Characteristics of the ICSCERT

R7: Research in ICS Security

Future research lines

Modular approach to builtin security requested by most onfield stakeholders

Seven ENISA Recommendations for ICS Security: Summary

2. Good Practices Guide for ICS Security

También podría gustarte