eci cyber case study euw2017
TRANSCRIPT
ECI Proprietary 11
CYBER
SECURITYCASE STUDY
1ECI Proprietary
ECI Proprietary 2
WORLD’S MOST TARGETED INDUSTRIES
Nearly
Critical Infrastructure
Providers have been
Breached in the Past
Year
70% of
*Source: Report of Industrial Security
Incidents/Security Incidents Org.
28
26
24
19
12
13
10
6
4
4
2
2
Power and Utilities
Petroleum
Transportation
Water/Wastewater
Food & Beverage
Other
Chemical
Pulp and Paper
General Manufacturing
Electronic Manufacturing
Metals
Automotive
Most Targeted Industries (Global)
Demonstration of Relative Attack Frequency
ECI Proprietary 33
Multiple Points of AttackHackers seek out weakest links –
Need specific SCADA
protection with Anomaly
Detection and DPI
IT/OT Convergence &
Industrial IoTNew types of threats and
vulnerabilities
IT-to-OT firewall no longer
sufficient
Migration to IP Network;
Smart GridSecurity lags new infrastructure
Opens up to all IP
vulnerabilities
Aging Network InfrastructureFilled with Security Vulnerabilities
Requires Multilayer security
WHY CYBER THREATS ON C.I. ARE EXPECTED
TO GROW?
Aging
Networks
Distributed
Infrastructure
Industrial
automation
Modernization
ECI Proprietary 4
UTILITIES MUST COMPLY WITH REGULATION
NERC CIP v6
Cybersecurity National Action
Plan (CNAP) to enhance
critical infrastructure security
and resilience
EPCIP
ECI Proprietary 55
LightSEC™ – SECURING THE OT
MAN-IN-THE-MIDDLE: L1 to L3 Encryption,
DPI, Anomaly Detection
IT: UTM, Access Control, Firewall,
Anti-Malware, DPI, IDS/IPS
OT: SCADA Anomaly Detection and DPI,
Anti-Malware, Access Control
Unified & Consolidated SIEM
Big Data Analytics
Correlation of Events
Open Platform
Threat Evaluation and Response
Network Awareness
Regulation
Certification
NERC-CIPv6
CEER
Common Criteria
FIPS
MoD/NATO
ECI Proprietary 6
Substation
Generation Operations
& Control
LightSEC™ ARCHITECTURE
SoC
LightSEC SHIELDTM
FWAnomaly
detectionService Function
ChainingEnc.
Mitigation
Service
Traffic
Control
Presentation LayerAnalytics Engine
LightSEC COMPASSTM
Secured
SubstationSecured
Control CenterSecured Connectivity
ECI Proprietary 7
CASE STUDY
Two transmission
company's connected
to one another
ECI Proprietary 88
SCADA devices
(about 120 devices
between the two sites)Substation
#1
Substation
# 400
LightSEC Shield
SCADA Protection
application
Secured Gateway application
Running on Mercury NFVi
blade in NPT-1050
LightSEC Compass
Consolidated event reporting for accurate
threat detection
SCADA mapping
Located at SOC (in data center)
SOC also contains Mercury-O (not shown)
L2 Encryption
THE SOLUTION
Already deployed in several
European Power Utilities
ECI Proprietary 99
ECI WAS AWARDED THE UTC IMPACT AWARD
ECI LIGHTSEC™ CYBER
SECURITY SOLUTION -
FOR CRITICAL I.F.
IS RECOGNIZED BY THE
INDUSTRY AS THE MOST
IMPACTING SOLUTION
FOR 2017
ECI Proprietary
THANK YOU!
Marco Berger
Head of Critical Infrastructure
Solutions and Market