QUALYS SECURITY CONFERENCE 2020 Industry Control Systems Making ICS/OT a Part of Overall Vulnerability Management Program Dharmesh Ghelani Principal Product Manager, Qualys, Inc. Industrial Control Systems Are becoming internet-aware 1. ICS SYSTEMS 2. ARE GETTING TARGETED Industrial Control 3. ATTACKS CAN BE PREVENTED Security Typical Industrial Control Networks Qualys Industrial Control Security v1.0 Use cases Technology Passive Sensor ü Mirror Port ü 100% Passive Visibility Ø Inventory ü Safe Active Probes Ø Network Topology Qualys Scanner ü ICS Scan Types ü Granular Controls Vulnerability ü SCADA Serves / ERP Systems / HMI Servers Cloud Agent Management ü All Industrial PCs Vulnerability Signatures 4 Qualys Security Conference Demo High Level Roadmap Design Partnership V 1.0 Beta ICS V 1.0 Q1 ‘20 v1.0 Protocols… v1.0 Major Vendors… Ø Most Prevalent Ø Design Partnership Ø IT Protocols Ø Most Prevalent Ø Design Partnership • S7 Comm / Plus • MelsecNet • CDP • Siemens • Mitsubishi Electric • Profinet • PCCC • LLDP • Rockwell Automation • … • Ethernet IP • … • TFTP / FTP • Schneider Electric • BACnet • HTTP / HTTPS • ABB • Modbus TCP • Telnet • GE • OPC Suite • SMB/CIFS • Kuka • DNP3 • Johnson Control • MSS / GOOSE • IEC 104 • CC Link IE • MQTT • Omron Fins • EtherCAT • Nigara Fox • Ethernet Powerlink Qualys Industrial Control Security Roadmap Compliance Threat Detection Zones & Conduits Access Process Integrity Controls QUALYS SECURITY CONFERENCE 2020 Thank You Dharmesh Ghelani [email protected]