driving security in an unsecure worldin january 2018 we established a new cybersecurity unit headed...
TRANSCRIPT
![Page 1: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/1.jpg)
Driving security in
an unsecure world
Siemens Cybersecurity Press Tour | November 26, 2018
Eva Schulz-Kamm, Global Head of Government Affairs
Rainer Zahner, Global Head of Cybersecurity Governance
siemens.com/cybersecurity | charter-of-trust.com | #Charter of Trust Restricted © Siemens AG 2018
![Page 2: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/2.jpg)
Content
1 – Two sides of the same coin Digitalization and the importance of cybersecurity
2 – Driving security Our holistic cybersecurity approach
3 – Questions and answers Open discussion
Page 2 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 3: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/3.jpg)
Siemens at a glance
Siemens AG is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability and internationality for 170 years. The company is active around the globe, focusing on the areas of electrification, automation and digitalization.
One of the largest producers of energy-efficient, resource-saving technologies, Siemens is a leading supplier of efficient power generation and power transmission solutions and a pioneer in infrastructure solutions as well as automation, drive and software solutions for industry. With its publicly listed subsidiary Siemens Healthineers AG, the company is also a leading provider of medical imaging equipment – such as computed tomography and magnetic resonance imaging systems – and a leader in laboratory diagnostics as well as clinical IT.
In fiscal 2018, which ended on September 30, 2018, Siemens generated revenue of €83.0 billion and net income of €6.1 billion. At the end of September 2018, the company had around 379,000 employees worldwide.
siemens.com/cybersecurity | charter-of-trust.com
![Page 4: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/4.jpg)
Two sides of the same coin Digitalization and the importance of cybersecurity
1
![Page 5: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/5.jpg)
Digitalization creates
opportunities and risks
Page 5 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 6: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/6.jpg)
… and risks Exposure to malicious cyberattacks is also growing dramatically, putting our lives and the stability of our society at risk
Digitalization creates …
Opportunities
Blue Boxing Cryptovirology AOHell
Level Seven Crew hack
Denial-of-service attacks Cloudbleed
sl1nk SCADA hacks
Meltdown/Spectre
Infineon/TPM
AT&T Hack Morris Worm Melissa Worm ILOVEYOU WannaCry
NotPetya
Heartbleed Industroyer/Chrashoverride
Stuxnet
2000 2004 2008 2012 2016 2020 1996 1988 1992
Billions of devices are being connected by the Internet of Things and are the backbone of our infrastructure and economy
50.1B (2020)
IoT Inception (2009) 8.7B (2012)
11.2B (2013)
14.2B (2014)
18.2B (2015)
22.9B (2016)
28.4B (2017)
42.1B (2019)
0.5B (2003)
Connected Systems
Connected Facilities/Plant/Site
Connected Products
34.8B (2018)
Billion of Devices
Page 6 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 7: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/7.jpg)
As much as these advancements are improving our lives and economies, the risk of exposure to malicious cyberattacks is also growing dramatically. Failure to protect the systems that control our homes, hospitals, factories, grids and virtually all of our infrastructures could have devastating consequences. Democratic and economic values need to be protected against cyber and hybrid threats.
– Cybersecurity is and has to be more than a seatbelt or an airbag here; it’s a crucial factor for the success of the digital economy.
– People and organizations have to trust digital technologies to be safe and secure. Otherwise, they can’t accept and embrace the digital transformation.
– Digitalization and cybersecurity must evolve hand in hand.
Cybersecurity as a crucial factor for the digital economy
siemens.com/cybersecurity | charter-of-trust.com
![Page 8: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/8.jpg)
Driving security Our holistic cybersecurity approach 2
![Page 9: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/9.jpg)
Our cybersecurity approach
Protect society of cyber threats and risks
Increase trust in digital solutions and provide competitive advantage
Accelerate customer’s digital transformation and boost digital business
Digitalization and cybersecurity are two sides of the same coin – That’s why we are driving security holistically with clear overall goals
Page 9 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 10: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/10.jpg)
Siemens is in a unique position to lead industrial cybersecurity
We have four clear distinguishing features that set us apart from the competition
Domain know-how of verticals and cybersecurity
Holistic approach to cybersecurity
Initiator and driver Charter of Trust
Global player in digitalization
Page 10 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 11: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/11.jpg)
Siemens is in a unique position to lead industrial cybersecurity
As a global player, we unlock the potential of digitalization worldwide.
Global player in digitalization
─ Digital technologies revenue of €5.2 billion (FY 2017)
─ ~1 million devices connected to MindSphere
─ Siemens among world’s top ten software companies
Page 11 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 12: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/12.jpg)
Siemens is following a clear digitalization strategy based on our growth strategy in E-A-D
Page 12 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
Digitalization Leader
Automation No. 1 globally
Electrification Leader
Market CAGR FY 2018 – 2022
~+8%
~+3%
+1 – 3%
Digital services
€~1.2 bn
Siemens software
€~4.0 bn
Revenue FY 2017
Enhanced automation
€~19 bn
Enhanced electrification
€~43 bn
Classic services
€~17 bn
+20%
Strategic direction
Reinforce No. 1 position and utilize it for digitalization
Differentiate through expanded offerings with automation and digitalization
Strengthen leadership with a combination of software, platforms and services MindSphere
![Page 13: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/13.jpg)
With clear acquisitions and in-house developments, we have made ourselves the 8th largest software company in the world
1 In-house development or digital upgrades
Siemens automation – real world
Totally Integrated Automation1
1958 2000 2014 2010 2012 2016 2006 1996
O R S I
SIMATIC1
Siemens software – virtual world
Desigo CC1
Spectrum Power ADMS1
2018
More than €10 billion in software acquisitions since 2007
Page 13 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 14: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/14.jpg)
Siemens is in a unique position to lead industrial cybersecurity
With our technical expertise and deep domain know-how, we are driving security along the digital value chain.
Domain know-how of verticals and cybersecurity
─ First IT Security team established in 1986
─ 1,275 Cybersecurity experts across all business areas
─ Most of our Divisions already offer cybersecurity solutions
Page 14 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 15: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/15.jpg)
We are driving long-term research topics in our core technology field: Cybersecurity
3
6
2
5
2
5
1
4
5
8
4
7
6
9
5
8
1. Self-Securing Systems Design
2. Security Validation for Digital Twin
3. NextGen Patching
4. Security for Cooperative Autonomous Systems
5. Post Quantum Cryptography
6. Homomorphic Encryption
7. Automated Forensics and Malware Analysis
8. Secure Cloud-based Realtime Control
9. Supply-chain Security
10. …
siemens.com/cybersecurity | charter-of-trust.com
![Page 16: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/16.jpg)
Siemens is in a unique position to lead industrial cybersecurity
With our approach to cybersecurity, we provide holistic answers to the threats of our time.
Holistic approach to cybersecurity
─ Initiated improvement program to protect IT/OT infrastructure
─ Created initiative to secure products and services
─ First company to integrate security in all phases of product development lifecycle
Page 16 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 17: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/17.jpg)
The challenges to cybersecurity require new approaches to technology
Need for cybersecurity technologies
ICS: Industrial Control System | IEC: International Electrotechnical Commission
What cybersecurity technology to use for my future products/solutions?
Is there technology that can secure my existing installations?
How can I securely use and connect to the cloud for digital services?
What is the technology to generate security business?
How do I scale my effort for cybersecurity?
Digitalization
Increasingly connected Industrial Control Systems offer new levels of efficiency and productivity
However
Connected critical infrastructures offer new possibilities to attack
Siemens Business Units Standards and regulations e.g. IEC 62443 Security Levels
Protection against intentional violation using sophisticated means, extended resources, ICS specific skills, high motivation
Protection against intentional violation using sophisticated means, moderate resources, ICS specific skills, moderate motivation
Protection against intentional violation using simple means, low resources, generic skills, low motivation
Protection against casual or coincidental violation
SL4
SL3
SL2
SL1
Page 17 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 18: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/18.jpg)
Global Public Affairs Forum | Schulz-Kamm / Zahner| September 28, 2018
We offer a holistic concept to secure products, solutions and services as well as our own IT infrastructure
Page 18 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 Page 18 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
Siemens develops, produces and sells products, solutions and services Protection of critical assets, “golden nuggets,” and internal IT/OT infrastructures
Products and Solutions Security
Security Customer Services
Internal Cybersecurity
Customer buys products, solutions or (managed) services Focus on security for Siemens products and solutions including components for critical infrastructure
Siemens service ensures efficient and reliable operations Focus on building up security solutions and service business for Siemens customers
![Page 19: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/19.jpg)
Our holistic concept to cybersecurity makes the difference …
… for the societies, our customers and Siemens
Protection of our IT & OT infrastructure
Page 20 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
Protection of our products, solutions and services
Enable cyber solutions for our business
![Page 20: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/20.jpg)
Siemens is in a unique position to lead industrial cybersecurity
With the Charter of Trust, we take the next step toward making the digital world more secure globally.
Initiator and driver Charter of Trust
─ First initiative of its kind worldwide (established 2018)
─ 16 partners have already signed the Charter of Trust
─ Requested France to include Cybersecurity as topic for 2019 G7
Page 21 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 siemens.com/cybersecurity | charter-of-trust.com
![Page 21: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/21.jpg)
Global Public Affairs Forum | Schulz-Kamm / Zahner| September 28, 2018
Together with strong partners we have signed the Charter of Trust with three important objectives in our sights:
1. Protect the data of individuals and companies
2. Prevent damage to people, companies and infrastructures
3. Create a reliable foundation on which confidence in a networked, digital world can take root and grow
Page 22 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018 Page 22 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 22: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/22.jpg)
We came up with ten key principles
01 Ownership of cyber- and IT security
02 Responsibility throughout the digital supply chain
03 Security by default
04 User-centricity
05 Innovation and co-creation
06 Education
07 Certification for critical infrastructure and solutions
08 Transparency and response
09 Regulatory framework
10 Joint initiatives
Page 23 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 23: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/23.jpg)
And we bring them to life as
Principle 1 — Ownership of cyber- and IT security
Concrete implementation steps at Siemens In January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function, she reports directly to the Managing Board of Siemens AG.
“Cybersecurity is more than a challenge. It’s a huge opportunity. By setting standards with a dedicated and global team to make the digital world more secure, we are investing in the world’s most valuable resource: TRUST.
Our proposals for more advanced Cybersecurity rules and standards are invaluable to our partners, stakeholders and societies around the world. That is what we call “ingenuity at work.”
Natalia Oropeza,
Chief Cybersecurity Officer, Siemens AG
01
For our society, customers and Siemens, we are
the trusted partner in the digital world
by providing industry leading cybersecurity.
Together we make cybersecurity real – because it matters
Our Vision
Our
Holistic
approach
The Siemens approach for a new cybersecurity organization
Protection of our IT and OT infrastructures
Protection of our products, solutions and services
Enable cyber solutions for our business
Page 24 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 24: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/24.jpg)
And we bring them to life as
Concrete implementation steps at Siemens Siemens provides a multilayered concept that gives plants both all-round and in-depth protection
Know-how and copy protection
Authentication and user management
Firewall and VPN (Virtual Private Network)
System hardening and continuous monitoring
02
The Siemens security concept defense-in-depth
Principle 2 — Responsibility throughout the digital supply chain
Concrete implementation steps with the CoT partners
With our partners, we are defining a list of minimum security requirements for all players in the supply chain as well as effective mechanisms that can support their implementation
Page 25 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 25: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/25.jpg)
And we bring them to life as
Principle 3 — Security by default
Only if security requirements are already taken into account in the early phase of a product, can the highest appropriate level of security be offered proactively.
Concrete implementation steps at Siemens The Siemens Elektronikwerk Amberg uses cutting-edge technologies to produce approximately 15 million SIMATIC products each year. A holistic security concept is applied throughout the lifecycle.
03 03
Assess Security
Implement Security
Manage Security
“Considering our extensive network, which multiplies the number of possible points of entry to our IT infrastructure, we cannot assume that yesterday’s solutions will protect against today’s potential threats.
Since introducing SIEM, we have much greater transparency about the effectiveness of our measures to protect against cyberattacks.”
Gunter Beitinger,
Chief Executive Officer (CEO), Siemens Elektronikwerk Amberg
Page 26 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 26: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/26.jpg)
And we bring them to life as
Principle 9 — Regulatory framework
Concrete implementation steps at Siemens Siemens actively participate in a comprehensive cybersecurity network (relevant criminal prosecutors, ISA, FIRST, CERT Community, SAFECode). We gather threat information and disseminate it through these partnerships.
Regulation and standardization are only successful if they are based on multilateral cooperation. The World Trade Organization is our role model.
Our Government Affairs
activities, which include the
initiative to create a Charter of
Trust, are committed to helping
bring cybersecurity to the
agenda and translating it into
concrete regulations and
standards.
09
Page 27 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 27: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/27.jpg)
Together we strongly believe ─ Effective cybersecurity is a precondition for
an open, fair and successful digital future
─ By adhering to and promoting our principles, we are creating a foundation of trust for all
charter-of-trust.com As a credible and reliable voice,
we collaborate with key
stakeholders to achieve trust in
cybersecurity for global citizens.
![Page 28: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/28.jpg)
We initiated a network that does not only sign, but collaborates on cybersecurity!
On February 16, 2018, we laid the cornerstone for the joint “Charter of Trust” initiative together with a number of partners aspiring to recruit more comrades in arms for our initiative worldwide and create a digital world that is based on trust in the digital and hyperconnected world. One that’s independent of competitors and regions. Trust must not stop at geographical or industry borders.
Trust matters to everyone. It’s everyone’s task.
Page 29 Siemens Cybersecurity Press Tour | Schulz-Kamm / Zahner| November 26, 2018
![Page 29: Driving security in an unsecure worldIn January 2018 we established a new cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function,](https://reader036.vdocument.in/reader036/viewer/2022070816/5f101a387e708231d44774fd/html5/thumbnails/29.jpg)
Thank you very much for your attention. Discussion 3