abb process automation lifecycle services, patrik boo ......cyber security measures taken to protect...
TRANSCRIPT
![Page 1: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/1.jpg)
Cyber Security Fingerprint Secure systems, protect production
ABB Process Automation Lifecycle Services, Patrik Boo
© ABB Group September 24, 2012 | Slide 1
![Page 2: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/2.jpg)
Cyber Security
Measures taken to protect a computer or computer system
(as on the Internet) against unauthorized access or attack*
What is cyber security?
© ABB Group
*Merriam-Webster’s dictionary
![Page 3: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/3.jpg)
Cyber Security Security breaches
© ABB Group
Hacking Malicious software Unauthorized
access
![Page 4: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/4.jpg)
© ABB Group September 24, 2012 | Slide 4
Cyber Security in industrial control systems Stuxnet: the game changer
Stuxnet was the first malware targeting industrial control systems
![Page 5: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/5.jpg)
Bill Would Have Businesses Foot Cost Of Cyberwar Congress would task businesses with increasing cyber security
© ABB Group
![Page 6: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/6.jpg)
Cyber Security Enterprise IT vs. Industrial Control Systems
© ABB Group September 24, 2012 | Slide 6
Availability Integrity
Confidentiality
Enterprise IT
![Page 7: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/7.jpg)
Cyber Security Enterprise IT vs. Industrial Control Systems
© ABB Group September 24, 2012 | Slide 7
Availability Integrity
Confidentiality
Enterprise IT Industrial Control Systems
Confidentiality Integrity
Availability
![Page 8: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/8.jpg)
Cyber Security Enterprise IT vs. Industrial Control Systems
© ABB Group September 24, 2012 | Slide 8
Enterprise IT Industrial Control Systems
Primary risk impact Information disclosure, financial Safety, health, environment, financial
Availability 95 – 99% (accept. downtime/year: 18.25 - 3.65 days)
99.9 – 99.999% (accept. downtime/year: 8.76 hrs – 5.25 minutes)
Typical System
Lifetime
3-5 years 15-30 years
Problem response Reboot, patching/upgrade Fault tolerance, online repair
![Page 9: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/9.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 9
The cost of security measures should be balanced
against the achieved risk reduction
![Page 10: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/10.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 10
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
![Page 11: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/11.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 11
Co
st
Security Level
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
![Page 12: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/12.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 12
Probable cost of a
security breach
Co
st
Security Level
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
![Page 13: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/13.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 13
Cost of security
Probable cost of a
security breach
Co
st
Security Level
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
![Page 14: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/14.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 14
Cost of security
Probable cost of a
security breach
Co
st
Security Level
Optimal security for minimum cost
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
![Page 15: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/15.jpg)
Cyber Security Security cost
© ABB Group September 24, 2012 | Slide 15
The cost of security measures should be balanced
against the achieved risk reduction
Risk = (probability of successful attack) x (potential consequences)
According to a study by the Ponemon Institute,
the cross-industry average cost
of a cyber security breach
in 2011 was
$5.9 MUSD
![Page 16: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/16.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 16
Design Details
Completeness Operator Manufacturer
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 17: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/17.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 17
IT
Design Details
Completeness Operator Manufacturer
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 18: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/18.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 18
IT
Design Details
Completeness Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 19: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/19.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 19
IT
Design Details
Completeness
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 20: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/20.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 20
Industrial Automation
IT
Design Details
Completeness
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 21: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/21.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 21
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
![Page 22: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/22.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 22
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 23: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/23.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 23
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers CPNI
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 24: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/24.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 24
Energy
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers CPNI
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 25: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/25.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 25
Energy
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers CPNI
IEEE P 1686
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 26: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/26.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 26
Energy
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
IEC 62351
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers CPNI
IEEE P 1686
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 27: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/27.jpg)
Cyber Security Scope and completeness of standards
© ABB Group September 24, 2012 | Slide 27
Energy
Industrial Automation
IT
Design Details
Completeness
ISA 99*
NIST 800-53
IEC 62351
NE
RC
CIP
Operator Manufacturer
ISO 27K
Technical
Aspects
Details of
Operations
Relevance
for Manufacturers CPNI
IEEE P 1686
* Since the closing of the ESCoRTS project, ISA decided to relabel the ISA 99 standard to
ISA 62443 to make the alignment with the IEC 62443 series more explicit and obvious.
![Page 28: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/28.jpg)
© ABB Group
September 24, 2012 | Slide 28
Sys
tem
Pe
rform
an
ce
Po
ten
tial
Time
Manage
Performance
Gap
Diagnose Implement Sustain
ABB Cyber Security Optimization Diagnose, implement and sustain performance
![Page 29: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/29.jpg)
Benefits:
Consistent – same
everywhere
High and even quality
Repeatable
Based on best
practicies
• Data
• Collect
• Store
• View
• Analyze
• Interpret
• Report
Cyber Security Fingerprint - Service with a defined scope
Mo
nth
|
Sli
© ABB Group
![Page 30: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/30.jpg)
Cyber Security Fingerprint
Provides a comprehensive view of your site’s cyber
security status
Identifies strengths and weaknesses for defending against
an attack within your plant’s control systems
Reduces potential for system and plant disruptions
Increases plant and community protection
Supplies a solid foundation from which to build a
sustainable cyber security strategy
What does the Fingerprint do?
© ABB Group
![Page 31: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/31.jpg)
Cyber Security Fingerprint
Provides a comprehensive view of your site’s cyber
security status
Identifies strengths and weaknesses for defending against
an attack within your plant’s control systems
Reduces potential for system and plant disruptions
Increases plant and community protection
Supplies a solid foundation from which to build a
sustainable cyber security strategy
What does the Fingerprint do?
© ABB Group
It does NOT make the system completely secure.
![Page 32: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/32.jpg)
© ABB Group September 24, 2012 | Slide 32
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
![Page 33: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/33.jpg)
© ABB Group September 24, 2012 | Slide 33
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
![Page 34: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/34.jpg)
© ABB Group September 24, 2012 | Slide 34
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
Account Management
![Page 35: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/35.jpg)
© ABB Group September 24, 2012 | Slide 35
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
Account Management
Computer Policies
![Page 36: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/36.jpg)
© ABB Group September 24, 2012 | Slide 36
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
Account Management
Computer Policies
Firewalls and Architecture
![Page 37: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/37.jpg)
© ABB Group September 24, 2012 | Slide 37
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
Account Management
Computer Policies
Firewalls and Architecture
Procedures and Policies
![Page 38: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/38.jpg)
© ABB Group September 24, 2012 | Slide 38
Cyber Security Fingerprint Security in Depth
Antivirus Solutions
Security Updates
Account Management
Computer Policies
Firewalls and Architecture
Procedures and Policies
Physical Security
![Page 39: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/39.jpg)
© ABB Group September 24, 2012 | Slide 39
Cyber Security Fingerprint Key Performance Indicators
![Page 40: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/40.jpg)
Cyber Security Fingerprint Security Logger Data Collection Tool
No installation
No license
Only collect data
All collected data is encrypted
© ABB Group September 24, 2012 | Slide 40
![Page 41: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/41.jpg)
Cyber Security Fingerprint Security Analyzer Tool
Browse all collected data
Generate report
The only tool that can read the encrypted file
Help during hardening
© ABB Group September 24, 2012 | Slide 41
![Page 42: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/42.jpg)
Cyber Security Fingerprint Report with recommendations and action plan
© ABB Group
![Page 43: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/43.jpg)
Cyber Security Fingerprint Report: Risk Profile
© ABB Group September 24, 2012 | Slide 43
While the Fingerprint is an indicator of your security status at a given time, any
system, no matter how many precautions are taken, can be compromised.
![Page 44: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/44.jpg)
Cyber Security Fingerprint Report: Risk Profile
© ABB Group September 24, 2012 | Slide 44
While the Fingerprint is an indicator of your security status at a given time, any
system, no matter how many precautions are taken, can be compromised.
![Page 45: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/45.jpg)
Cyber Security Fingerprint Report: Risk Profile
© ABB Group September 24, 2012 | Slide 45
While the Fingerprint is an indicator of your security status at a given time, any
system, no matter how many precautions are taken, can be compromised.
![Page 46: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/46.jpg)
Cyber Security Fingerprint Summary of findings
If the customer’s data shows the setting to be below
standard, the description and recommendation are
included in the report.
© ABB Group September 24, 2012 | Slide 46
Setting Description Recommendation Minimum password age
There should be a predetermined amount of days a password must be used before the user is allowed to
change it. The number of days can vary between 1 and
998 days, or the user can input 0 to change the password immediately. If a user does not set a minimum password
age, he or she can use passwords repeatedly.
Set the minimum password age value greater than or equal to one day.
![Page 47: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/47.jpg)
Cyber Security Fingerprint Schedule of activities
Analysis (off-site) Delivery (off-site)
Day 1 - 3
Project introduction
meeting
Set up data collection
software
Interview key plant
personnel
Check data and make
configurations
accordingly
Complete data collection
Day 4
Data Analysis
Day 5
Complete report
Expert review
Present findings and
recommended actions
Information Gathering
![Page 48: ABB Process Automation Lifecycle Services, Patrik Boo ......Cyber Security Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access](https://reader034.vdocument.in/reader034/viewer/2022042116/5e944d6a213cf767bf10c01f/html5/thumbnails/48.jpg)
© ABB Group September 24, 2012 | Slide 48