![Page 1: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/1.jpg)
Protecting Utility Mission Critical Systems From Cybersecurity Threats
Presented By:
Miroslav Karlicic
Director, Business Development and Innovation
Utilismart Corporation
+1 (888) 652-0689
www.utilismartcorp.com
January 2018 – Markham, Ontario
EDIST 2018
![Page 2: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/2.jpg)
Cybercrime
“Cybercrime is a fast-growing area of crime. More and more criminals are exploiting the speed, convenience and anonymity of the internet to commit a diverse range of criminal activities that know no borders, either physical or virtual, cause serious harm and pose very real threats to victims worldwide.”
Interpol
![Page 3: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/3.jpg)
Cybercrime_______________
![Page 4: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/4.jpg)
Cyberwarfare_______________________
Cyber warfare involves the actions by a
nation-state or international
organization to attack and attempt to
damage another nation's computers or
information networks through, for
example, computer viruses or denial-
of-service attacks.
![Page 5: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/5.jpg)
Cybercriminal
A cybercriminal is an individual who commits cybercrimes, where he/she makes use of the computer either as a tool or as a target or as both.
techopedia
![Page 6: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/6.jpg)
Programmers
Distributors
IT Experts
HackersFraudsters
System Hosts and Providers
Leaders
Cashiers
Money Mules
Tellers
Cybercriminals Network
Corporate BuyersAccount Buyers
Bosses
![Page 7: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/7.jpg)
Cybercrime Threats_____________________________
• Deep Web
• Darknet
• Malware
• Bots and Botnets
![Page 8: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/8.jpg)
Cybercrime Threats_____________________________
• Malware - Trojans, Viruses and Worms• Code with malicious intent that typically steals data or destroys
something on the computer.
• Phishing• Phishing emails include a link that directs the user to a dummy site that
will steal a user’s information. In some cases, all a user has to do is click on the link.
• Password Attacks• Third party trying to gain access to your systems by cracking a user’s
password.
• Denial-of-Service (DoS) Attacks• Focuses on disrupting the service to a network.
![Page 9: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/9.jpg)
Cybercrime Threats_____________________________
• “Man in the Middle” MITM• Impersonating the endpoints in an online information exchange
• Drive-By Downloads• Through malware on a legitimate website, a program is downloaded to
a user’s system
•Malvertising• A way to compromise your computer with malicious code that is downloaded
to your system when you click on an affected ad.
• Rogue Software• Malware that masquerades as legitimate and necessary security software that
will keep your system safe.
![Page 10: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/10.jpg)
Cybercrime Threats – 2017____________________________________________
• Ransomware – Ransomware top threat in 2017 cybercrime 'epidemic’ – Europol
• Data breaches
• Payment fraud
• Direct attacks on bank networks
• First serious attacks by botnets using insecure IoT
Darknet remains the cybercrime’s enabling platform!
![Page 11: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/11.jpg)
Ala'a Elbeheri - LinkeIn
![Page 12: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/12.jpg)
Anatomy of a Crypto-Ransomware Attack
Sophos - Twitter
![Page 13: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/13.jpg)
Distribution of global data breach incidents in 2017
Statista – The Statistics Portal
![Page 14: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/14.jpg)
Data Breaches are Expensive
419 companies in 13 country or regional samples
2,600 to 100,000 compromised records per company
Ponemon 2017 Cost of Data Study
Average total cost of
data breach
One-year decrease in
average total cost
The average cost per
lost or stolen record
Likelihood of a
recurring over the
next two years
$3.62 Million
10% $141 27.7%
![Page 15: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/15.jpg)
Case Studies
Three-quarters of energy companies and utilities have
experienced at least one data breach in the past 12
months, resulting in average clean-up costs of $156,000
per breach
Unisys Ponemon Survey
![Page 16: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/16.jpg)
Case Studies• December 2015 – Over 225,000 people lost power when hackers gained access to three
regional electric power distribution companies. Attackers demonstrated planning,
coordination, and the ability to use malware and possible direct remote access to blind system
dispatchers, cause undesirable state changes to the distribution electricity infrastructure. The
hackers also attempted to delay the restoration by wiping SCADA servers after they caused
the outage.
• March 2016 – A US water utility was the subject of a cyber attack carried out by a group with
ties to Syria. Hackers gained access to the SCADA control system and adjusted the chemical
levels being used to treat tap water. The hack also resulted in the exposure of the personal
information of 2.5 million customers.
• April 2016 – a US water and light utility were the victim of a ransomware attack which
knocked their internal computer systems offline and encrypted their data. The utility decided
to shut down its network and suspended some services in order to prevent further damage. A
hefty ransom was demanded.
emerginrisk.com
![Page 17: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/17.jpg)
Utility Industry – Cyberthreats
![Page 18: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/18.jpg)
Utility Industry -Cyberthreats
•Malware
•Ransomware
•Data Breaches
![Page 19: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/19.jpg)
Utility Industry – Vulnerabilities
• General Business Disruption
• Inoperable Mission critical systems
• Financial, CIS, GIS, AMI/AMR, OMS, SCADA
• Loss of corporate documents and records
• Service Disruption
• SCADA
• AMI
• DMS
• Confidential Information Exposure
• Corporate
• Customer
![Page 20: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/20.jpg)
Utility Industry – Business Impact
• Billing• Delayed
• Erroneous / incomplete
• Service Delivery• Power Outages
• Equipment Failures
• Health and Safety Issues
![Page 21: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/21.jpg)
Utility IndustryConsequences of Cyber Events
• Regulatory Penalties
• Customer Dissatisfaction
• Lawsuits
• Loss of License
• Labor Disputes
• Financial Losses
• Workplace fatalities
• Other
![Page 22: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/22.jpg)
What to do? Where to start?
1. Select and Engage MSSP – Managed Security Services Provider
2. Conduct Security Training
3. Build / Improve Business Continuity and Disaster Recovery Plan
4. Redesign / Harden Your Network and Security Architecture
5. Third Party Network Security Assessment and Make Improvements
6. Implement / Improve ISMS (Information Security Management System)
7. Adopt ISO 27001:2013 International Standard
8. Implement NIST Cybersecurity Framework
9. Maintain a Sustainable Security Organization
![Page 23: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/23.jpg)
Select and Engage MSSPManaged Security Services Provider
![Page 24: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/24.jpg)
Gartner’s MSSP Magic
Quadrant 2017
![Page 25: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/25.jpg)
Establish MSSPSelection Criteria
1. Track Record
2. Size, Experience and Qualifications• SEIM Development
• R&D Funds and Capabilities
3. Solution Content• Managed SEIM (IPS, IDS) Capabilities
• Dashboard, client console, reports, policies, rulesets (inbound outbound, others), messages, implementation plan, administration, communication, cloud / on-premise, etc.
4. MDR (Managed Detection and Response) - END POINT Solution
![Page 26: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/26.jpg)
The Forrester Wave™ Endpoint Security Suites, Q4 2016
![Page 27: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/27.jpg)
Establish MSSPSelection Criteria
5. Managed Firewall / SEIM Appliances
6. Has / Uses Threat Intelligence database• Owns, third party, both, none
7. Incident Management and Response Capabilities• Cyber Incident Forensic Capabilities
8. Number and Capabilities of SOC’s (Security Operation Centres)• SLA, skilled staff
9. Secure Email Gateway
10. Price
![Page 28: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/28.jpg)
MSSPImplementation
• Phased approach
• Protect external perimeter• Firewalls / SEIM Dual Appliances in High Availability (Auto Failover)
Mode• Managed Firewall Recommended
• Protect End Points (All Devices) - MDR
• Implement Managed Compliance Monitoring on all servers
• Develop a responsibility matrix and communication plan
• Document workflows for all procedures that require MSSP
• Conduct training
• Assess / improve security posture
![Page 29: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/29.jpg)
Conduct Security Training
1. ISO 27001:2013 Lead Auditor
2. Security Awareness Training – Provided by IT and Third Party
3. System Hardening Training
4. Consider hiring Information Security Management program graduates
![Page 30: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/30.jpg)
Build / Improve Business Continuity and Disaster Recovery Plan
1. Conduct TRA (Threat Risk Assessment)• Determine which systems need to be backed up and how frequently
• Determine RPO (Recovery Point Objective) and RTO (Recovery Time Objective)
2. Design backup / recovery plan using TRA for guidance
3. Ensure that backup media is encrypted
4. Use different network and domain credentials
5. Implement Backup plan
6. Test backup and recovery procedures
![Page 31: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/31.jpg)
Redesign / Harden Your Network and Security Architecture
1. Using TRA, determine exposure of sensitive information assets
2. Design dedicated virtual local area networks (VLAN) for databases, financial systems and other mission critical systems
3. Disable access to internet for these systems
4. Ensure that access is given only to security and system administration personnel
5. Configure application access through port management and routing rules
6. Upgrade / update all systems to the latest patch level possible and implemental automatic patching process
7. Filter egress traffic
8. Implement system uptime and resource utilization monitoring and conduct frequent application penetration (PEN) tests
![Page 32: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/32.jpg)
Third Party Network Security Audit
1. Conduct Network Security Audit / Assessment Test• i.e. Selected MSSP, Rogers Managed Services, Digital Boundary
Group, Scalar, Dell SecureWorks, etc.
2. Create CAPA (Corrective Action Preventive Action) Log
3. Prepare Improvement Plan based on CAPA log
4. Execute Improvement Plan
![Page 33: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/33.jpg)
Third Party Network Security Audit Assessment
MCGlobalTech
![Page 34: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/34.jpg)
Implement / Improve ISMS (Information Security Management System)
1. Complete ISO 27001:2013 Lead
Auditor Training
2. Complete Asset Register
Identify and classify information
assets
Assess their consolidation to fewer
secure networks
3. Establish Security Organization
4. Conduct TRA
5. Develop Policies
6. Develop Procedures
• Incident Management
• Change Management
• Information Handling
• User Access
• Risk Assessment
• Internal Audit
• Physical Security
![Page 35: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/35.jpg)
Implement / Improve ISMS (Information Security Management System)
7. Create Manuals
• ISMS
• IT
• BCP
8. Create forms
9. Create IT Manual
• Backup
• Offsite Data Storage
• Monitoring and Alerts
• Computer Deployment
• Server Build
• Patch Management
• System Hardening
• User Setup / Termination
![Page 36: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/36.jpg)
Maintain ISMS
![Page 37: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/37.jpg)
Adopt ISO 27001:2013 International Standard
• Contact BSI Canada
• Use ISO 27002 Code Practice guidelines• Enhance ISMS to meet the
requirements
• Schedule Audit
• Maintain ISMS
![Page 38: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/38.jpg)
Implement NIST Cybersecurity Framework
• Join OEB Cyber Security Working Group (CSWG)
• Get familiar with Proposed Ontario Cyber Security Framework
• Compare the framework requirement against the your ISMS security controls and identify gaps
• Create plan to implement gaps
• Collaborate with other LDC’s
![Page 39: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/39.jpg)
Maintain a Sustainable Security Organization
• Maintain ISMS using PDCA model
• Provide security training to staff
• Focus on network design, access management and data encryption
• Conduct TRA every time a change / modification to the system is required
• Review BCP based on TRA input and test it frequently
• Use CAPA log to identify and track all changes required
• Evaluate MSSP every six month
• Continue investing into staff with cybersecurity background and experience
• Collaborate with other LDC’s
• Ensure that there is a full corporate buy-in and commitment to a sustainable ISMS
• Keep investing into security appliances and software and keep it up to date
• Conduct frequent internal and external network security assessments and PEN tests
![Page 40: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/40.jpg)
Utilismart MSSP
Rogers Security Powered by Trustwave As your network carrier, Rogers:
• Knows your network best
• Continues to be a single point of contact
• Keeps your billing simple
Objective: Protect data,
manage risk and achieve
compliance while driving
efficiency and innovation.DataCentres
Apps
& Systems
ContactCentre
Cloud SecurityNetworks CollaborationAssets
Customers
Internet
Fixed
Mobile
PublicTelephoneNetwork
![Page 41: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/41.jpg)
Why TrustwaveServing
Global
Growing
Innovating
over 3 Million subscribers
with over 1,600 Employees
employees in 26 countries customers in 98 countries
over 56 patents granted / pending
Vulnerability Management
Global Threat Database feeding Big Data back-end
ThreatManagement
Integrated portfolio of technologies delivering
comprehensive protection
ComplianceManagement
Leading provider of cloud delivered IT-GRC services
Threat Intelligence
![Page 42: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/42.jpg)
Trustwave’s Global ReachHeadquarters:
•Chicago*, London, Sydney, São Paulo
Sales and Consulting:
•US, Canada, Mexico, Columbia, Brazil,
UK, The Netherlands, Sweden, France,
Germany, Greece, Jordan, UAE, S. Africa,
China, Singapore, Australia, New Zealand
SpiderLabs & Innovation Centers:
•US, Canada, Israel, New Zealand
9 Advanced Security Operations Centers:
•Chicago, Denver, Minneapolis, Warsaw, Singapore,
Waterloo, Ontario, Manila, Sydney, Japan
• 67 % staff dedicated to Developing/Delivery Solutions
Headcount:1,600+
![Page 43: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/43.jpg)
Trustwave’s SpiderLabs
SpiderLabs Team
• Industry veterans and thought leaders in ethical
hacking and security research
• Over 150 experts across 17 countries, with average 12
years of experience
• Backgrounds in law enforcement, government and
military services
• Sought out industry speakers and published authors
EXPERT
TESTINGOffensive security testing
delivered on time, on
budget and on demand
INCIDENT READINESS
& RESPONSEServices designed to prevent
compromise and protect
integrity of business and data
FORENSICS
INVESTIGATIONS
Post-incident analysis of
actual security breaches
and data loss
SpiderLabs Research - Annual GSR Report
• Hundreds of investigations in 17 countries
• Billions of events each day – 8 Global SOCs
• 4 million vulnerability scans
• Tens of millions of web transactions
• Millions of malicious websites blocked
• Thousands of penetration tests
![Page 44: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/44.jpg)
Questions?
![Page 45: Protecting Utility Mission Critical Systems From ... · PDF filehackers also attempted to delay the restoration by wiping SCADA servers after ... •Protect external ... •Keep investing](https://reader031.vdocument.in/reader031/viewer/2022030505/5ab30ca27f8b9a1d168e102f/html5/thumbnails/45.jpg)
Thank You