nw natural presentation
TRANSCRIPT
![Page 1: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/1.jpg)
NW NATURAL
CYBERSECURITY
2016.JUNE.16
![Page 2: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/2.jpg)
ADOPTED CYBER SECURITY FRAMEWORKSCYBER SECURITY TESTING
SCADA TRANSPORT SECURITY
QUESTIONSCONCLUSIONAID AGREEMENTS
![Page 3: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/3.jpg)
ADOPTED CYBERSECURITY FRAMEWORKS
![Page 4: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/4.jpg)
THE FOLLOWING FRAMEWORKS PROVIDE COMPLIMENTARY
GUIDANCE:
National Institute of Standards and
Technology (NIST)
DoE Cybersecurity Capability Maturity
Model (C2M2) - Oil and Natural Gas Subsector
TSA Pipeline Security
Guidelines
![Page 5: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/5.jpg)
NISTADOPTED CYBER SECURITY FRAMEWORKS
• “The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes.”
Cybersecurity Framework
Topics• Identify• Protect
• Detect• Respond
• Recover
![Page 6: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/6.jpg)
NISTADOPTED CYBER SECURITY FRAMEWORKS
• Provides guidance on how to adapt the Security and Privacy Controls for Federal Information Systems and Organizations for industrial control systems.
• Very detailed guidance. Designed to apply to any ICS, including SCADA systems.
Guide to ICS Security Topics• Access Control• Awareness and Training• Audit and
Accountability• Security Assessment
and Authorization• Con�guration
Management• Contingency Planning• Identi�cation and
Authentication• Incident Response• Maintenance• Media Protection
• Physical and Environmental Protection
• Planning• Personnel Security• Risk Assessment• System and Services
Acquisition• System and
Communications Protection
• System and Information Integrity
• Program Management
![Page 7: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/7.jpg)
C2M2ADOPTED CYBER SECURITY FRAMEWORKS
• “The ONG-C2M2 provides a mechanism that helps organizations evaluate, prioritize, and improve cybersecurity capabilities. The model is a common set of industry-vetted cybersecurity practices, … arranged according to maturity level.”
Cybersecurity Capability Maturity Model
Topics• Risk Management• Asset, Change, and
Con�guration Management
• Identity and Access Management
• Threat and Vulnerability Management
• Situational Awareness• Information Sharing
and Communications• Event and Incident
Response, Continuity of Operations
• Supply Chain and External Dependencies Management
• Workforce Management• Cybersecurity Program
Management
![Page 8: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/8.jpg)
TSAADOPTED CYBER SECURITY FRAMEWORKS
Topics
• General Cyber Security Measures
• Information Security Coordination and Responsibilities
• System Lifecycle• System Restoration &
Recovery• Intrusion Detection &
Response
Facility Security MeasuresCyber Asset Security Measures
• Training• Access Control and
Functional Segregation
• Access Control• Vulnerability
Assessment
• TSA’s Pipeline Security Program is designed to enhance the security preparedness of the nation’s hazardous liquid and natural gas pipeline systems.
Pipeline Security Guidelines
![Page 9: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/9.jpg)
CYBERSECURITY TESTING
![Page 10: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/10.jpg)
• NW Natural had an independent security assessment performed on all SCADA systems. This informed how we designed the SCADA environment that we’re currently implementing.
• During our upgrades to the Newport LNG facility, we had one of our key equipment vendors review our planned implementation.
CYBER SECURITY TESTING
![Page 11: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/11.jpg)
For cyber security incidents we have developed a plan, and we conduct cyber security incident response exercises. Planned topics include:• Customer Data Breach• SCADA• Web server IncidentThese exercises allow us to assess our people, processes, and technologies to identify ways to improve.
CYBER SECURITY TESTING
![Page 12: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/12.jpg)
SCADA TRANSPORT SECURITY
![Page 13: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/13.jpg)
• Firewalls isolate SCADA systems from enterprise systems.
• Virtual private networks securely connect SCADA networks at di�erent locations.
• We require employees to logon to “jump boxes” when connecting into SCADA systems.
• One of our key projects this year is to enhance these measures.
SCADA TRANSPORT SECURITY
![Page 14: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/14.jpg)
SCADA TRANSPORT SECURITY
SCADANETWORK
SCADASYSTEM
BUSINESSNETWORK
EMPLOYEE
JUMP BOX
![Page 15: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/15.jpg)
SCADASITE B
SCADASITE A
SCADA TRANSPORT SECURITY
CONTROLSYSTEM A FIREWALL A
VPN A
CONTROLSYSTEM BFIREWALL B
VPN BCELLULAR
COMMUNICATION
MICROWAVE
FIBER/COPPER
![Page 16: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/16.jpg)
AID AGREEMENTS
![Page 17: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/17.jpg)
We are considering mutual aid agreements. For the time being, we are contracting with a commercial incident response provider who provide:• Available experts that respond
to incidents on a regular basis.• Quick response times -
contractually in hours, but in practice probably minutes.
AID AGREEMENTS
![Page 18: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/18.jpg)
Access Management• We require equivalent
con�dentiality and background checks from our provider.
• The provider’s response would only be initiated by NW Natural.
• Provider cannot reach into our SCADA environment.
AID AGREEMENTS
![Page 19: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/19.jpg)
CONCLUSIONNW Natural is:• Following strong cyber security
frameworks.• Conducting cyber security testing.• Securing our SCADA transport
network.• Planning for cyber security
augmentation.
![Page 20: NW Natural presentation](https://reader033.vdocument.in/reader033/viewer/2022052405/584c347f1a28ab85738e5604/html5/thumbnails/20.jpg)
QUESTIONS