研讨会 - 制定 ICS_OT 灾难恢复策略.pdf

《研讨会 - 制定 ICS_OT 灾难恢复策略.pdf》由会员分享，可在线阅读，更多相关《研讨会 - 制定 ICS_OT 灾难恢复策略.pdf（57页珍藏版）》请在三个皮匠报告上搜索。

1、Developing an ICS/OT Disaster Recovery StrategyWorkshopMike Hoffman&Saltanat MashirovaWHO ARE WE?Saltanat Mashirova Product Manager Lead(ICS/OT Cybersecurity)Honeywell Member of the Operational Technology Cybersecurity Expert Panel,Singapore Founded Women in Cybersecurity Kazakhstan Held various sec

2、urity roles including operations,engineer,architecture,risk analyst,information security officer,etc.Awarded top 40 under 40 in Cybersecurity Masters from UC Irvine SANS TA ICS410,ICS515 Certs:GICSP,GRID,ICS/IEC62443,CISSP,CISM,CISA,TOGAFMike Hoffman SANS Certified Instructor ICS410,ICS612 O&G Field

3、 CTO with the industrial cybersecurity company Dragos,Inc.Held positions with Shell for 20 years across ICS Security Engineering,Controls&Automation,Process Analyzers,Measurement,and Instrumentation&Electrical.SANS Technology Institute MSISE graduate.Certs:GSE#320,GRID-Gold,GICSP-Gold,GCIP,GCLD,GPEN

4、,GWAPT,GCIH,GCIA,GPYC,GSEC,GSTRT,GCPM,GCCC,CISSP,PMPOT Disaster Recovery PrimerWhat is OT DR anyway,and how do we think about itFIVE CRITICAL CONTROLS FOR ICS/OT CYBERSECURITYPrepare personnel to respond effectively in a crisisManage the crisis in an organized and effective manner,reducing recovery

5、timeLimit the magnitude or impact of a cyber attack on the various production locationsCreate a recovery plan that,under various impact scenarios,reestablishes the plants mission within the optimal recovery time OT DISASTER RECOVERY OBJECTIVESOptimal recvoery timeBusiness Continuity Plan(BCP)Continu

6、ity Of Operations Plan(COOP)Crisis Communications Plan(CCP)Occupant Emergency Plan(OEP)Cyber Incident Response Plan(CIRP)Information System Contingency Plan(ICSP)Disaster Recovery Plan(DRP)Provides procedures for sustaining essential business operations while recovering from a significant disruption