当前位置:首页 > 报告详情

研讨会 - 制定 ICS_OT 灾难恢复策略.pdf

上传人: 可*** 编号:991905 2025-12-07 57页 3.25MB

1、Developing an ICS/OT Disaster Recovery StrategyWorkshopMike Hoffman&Saltanat MashirovaWHO ARE WE?Saltanat Mashirova Product Manager Lead(ICS/OT Cybersecurity)Honeywell Member of the Operational Technology Cybersecurity Expert Panel,Singapore Founded Women in Cybersecurity Kazakhstan Held various sec

2、urity roles including operations,engineer,architecture,risk analyst,information security officer,etc.Awarded top 40 under 40 in Cybersecurity Masters from UC Irvine SANS TA ICS410,ICS515 Certs:GICSP,GRID,ICS/IEC62443,CISSP,CISM,CISA,TOGAFMike Hoffman SANS Certified Instructor ICS410,ICS612 O&G Field

3、 CTO with the industrial cybersecurity company Dragos,Inc.Held positions with Shell for 20 years across ICS Security Engineering,Controls&Automation,Process Analyzers,Measurement,and Instrumentation&Electrical.SANS Technology Institute MSISE graduate.Certs:GSE#320,GRID-Gold,GICSP-Gold,GCIP,GCLD,GPEN

4、,GWAPT,GCIH,GCIA,GPYC,GSEC,GSTRT,GCPM,GCCC,CISSP,PMPOT Disaster Recovery PrimerWhat is OT DR anyway,and how do we think about itFIVE CRITICAL CONTROLS FOR ICS/OT CYBERSECURITYPrepare personnel to respond effectively in a crisisManage the crisis in an organized and effective manner,reducing recovery

5、timeLimit the magnitude or impact of a cyber attack on the various production locationsCreate a recovery plan that,under various impact scenarios,reestablishes the plants mission within the optimal recovery time OT DISASTER RECOVERY OBJECTIVESOptimal recvoery timeBusiness Continuity Plan(BCP)Continu

6、ity Of Operations Plan(COOP)Crisis Communications Plan(CCP)Occupant Emergency Plan(OEP)Cyber Incident Response Plan(CIRP)Information System Contingency Plan(ICSP)Disaster Recovery Plan(DRP)Provides procedures for sustaining essential business operations while recovering from a significant disruption

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: - **作者介绍**:Mike Hoffman和Saltanat Mashirova,分别来自Dragos Inc.和Honeywell,在工业控制系统(ICS)和运营技术(OT)网络安全领域有丰富经验。 - **OT灾难恢复(OT DR)概述**:讨论了OT DR的定义、重要性以及关键控制措施。 - **OT灾难恢复目标**:包括最优恢复时间、业务连续性计划(BCP)、运营连续性计划(COOP)等。 - **灾难恢复计划(DRP)要素**:如业务连续性管理、恢复策略、恢复过程、角色和责任等。 - **恢复策略和过程**:包括选择损失场景、ICS系统的最佳恢复顺序、行政程序等。 - **恢复场景**:如网络安全事件、设备故障等,以及相应的恢复策略。 - **恢复顺序**:根据业务影响和依赖性确定恢复顺序。 - **恢复过程**:包括设备启动、功能恢复、系统测试等阶段。 - **关键点**: - 最大可容忍停机时间(MTD)、恢复时间目标(RTO)、恢复点目标(RPO)是关键参数。 - 恢复策略应基于损失场景和恢复顺序。 - 灾难恢复测试对于验证恢复计划至关重要。
"ICS/OT灾难恢复策略" "如何优化ICS/OT恢复时间?" "ICS/OT网络安全五大关键控制措施"
客服
商务合作
小程序
服务号
折叠