Thales Overview & Cybersecurity on Critical Infrastructure Protection - April 2018 A.Toaiari
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Thales Overview &
Cybersecurity on Critical
Infrastructure Protection
April 2018
A.Toaiari
OPEN
www.thalesgroup.com
Gruppo Thales
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
L’intelligenza di tutti
per un mondo più sicuro Presenza Ricerca e
Dipendenti internazionale sviluppo
Ogni volta che devono essere prese decisioni
critiche, Thales ha un ruolo da svolgere.
64,000 56 paesi 707milioni di euro
In tutti i mercati - aerospaziale, spazio,
trasporti, difesa e sicurezza – le soluzioni Thales
aiutano i clienti a prendere le decisioni giuste
al momento giusto.
Struttura del fatturato Shareholders
(al 31 DICEMBRE 2016)
Le tecnologia di livello mondiale, l'esperienza
combinata di 62.000 dipendenti e le sedi, in 56 Defence Civil
paesi, hanno fatto di Thales un’azienda chiave 50% 50% 25,8%
26,4% Stato francese
nel mantenere la pubblica sicurezza, il
controllo di infrastrutture vitali e la tutela degli
interessi di sicurezza nazionale dei paesi di
tutto il mondo.
Fatturato nel 2016 49,4%
Float 48,3 %
24,8%
25,3% Dassault Aviation
14,9 miliardi di euro Dei dipendenti 2,7%
OPEN
March 2017
2 Thales / Template : 87204467-DOC-GRP-EN-002
Businesses
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
AEROSPACE SPACE GROUND DEFENCE SECURITY
TRANSPORTATION
Thales operates as a single organisation, drawing
EACH OF THE MARKETS on the talent and technologies of the entire Group
THAT THALES SERVES to act as prime contractor, systems integrator,
equipment supplier and value-added service
PLAYS A VITAL ROLE provider on both civil and military programmes.
IN SOCIETY.
OPEN
March 2017
3 Thales / Template : 87204467-DOC-GRP-EN-002
Thales Italia overwiev
mercato della sicurezza, con competenze
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
nella protezione e sorveglianza
Vergiate d’infrastrutture critiche (aeroporti e siti
sensibili) e nella cybersecurity;
500 PEOPLE mercato della difesa, con competenze
Gorgonzola nelle reti e nei sistemi di comunicazione;
4 SITES This
image
cannot
currentl
y be d…
mercato dei trasporti, con competenze nei
sistemi tecnologici per metropolitane,
Firenze tramvie e ferrovie e nel ticketing;
4 •Security &
Defence mercato della gestione del traffico aereo,
con competenze nei sistemi di atterraggio,
BUSINESS •Transportation Roma
navigazione e sorveglianza.
•Air Operations
AREAS Mercato Avionico
•Avionics
150M€
REVENUES/YEAR Rail signalling systems Military tactical systems
€
€
Critical in Infrastructure
Cyber Security
Air Traffic Management Commercial avionics protection
OPEN
March 2017
4 Thales / Template : 87204467-DOC-GRP-EN-002
Land and Air Systems (LAS)
Thales Italia offer:
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
Landing, navigation and control systems
In flight care systems
Traditional and satellite navigation systems
Surveillance systems and airport ground traffic
control
Tacan for USAF, Pakistan, Alenia Aermacchi COMPETENCE CENTER
Navaids products for Marshall (UK MOD)
China – Air traffic management system Navaids Solutions
Enav – Air traffic management system
Air Force (DVOR/DME Gioia del Colle, Tacan upgrade, ILS
Mobile, MLS Ghedi)
ILS “Deployable” for Italian Air Force and USAF
OPEN
March 2017
5 Thales / Template : 87204467-DOC-GRP-EN-002
SIX Domain – Security and Defence activities
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
Thales Italia offer:
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
Security, supervision, control and information management
systems for sensitive and critical infrastructures (ports, airports,
oil&gas infrastructures, roads)
Products, solutions and services for cybersecurity
Infrastructural and tactical telecommunication systems and
networks
Dubai Airport T3 C2/C3 - Integrated security solution
Lyon Airport & JFK NY – AOCC
Oman and Bahrain Airports – Integrated security
Agip Kashagan - O&G security
MAIN COMPETENCES
ENI Zubair Iraq –O&G security
Poste and ENAV Pysical Security • Airports Security & Operations
RIFON and RNI MOD networks and Services • Critical Infrastructure Protection
Enteprise & Institutional customers (incuding MoD)– • Cybersecurity
Secure info & trust mgmt. & Cybersecurity consulting • MoD Networks and Systems
CBRN vehicles and labs for MOD
MOI security networks
OPEN
March 2017
6 Thales / Template : 87204467-DOC-GRP-EN-002
Critical Information Systems and Cybersecurity
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
A complete range of solutions…
Critical Systems and Software Services
Cybersecurity Technologies and Solutions
Thales e-Security
Cybersecurity Consulting and Evaluation
Critical IT Outsourcing
Cybersecurity Operation
… for end-to-end data security
OPEN
March 2017
7 Thales / Template : 87204467-DOC-GRP-EN-002
Ground Transportation Systems (GTS)
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
Thales Italia offer:
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
Tramway and railway signalling
Security, supervision, control and information management
systems for transportation infrastructures
Contactless solutions for integrated fare systems
Tunnel Security
Telecommunication , Passengers information , SCADA , TVCC ,
onboard systems
Assets Security and Energy saving
COMPETENCE CENTERS
Dubai Metro Green and Red Line - Telecom and Security system
Metro Cairo L3 – Telecom and Security system
• Tramway Solutions
Lusail LRT – Ticketing for tramway lines
Catania-Circumetnea Metro Line –Security and signalling systems • Ticketing Solutions
Palermo - tramway system
• Rail, metro and tunnel
Taiwan – Danhai Tramway Line
Mexico – Ticketing system for BRT Line 6 infrastructure protection
OPEN
March 2017
8 Thales / Template : 87204467-DOC-GRP-EN-002
Cyber Security Landscape – Sophistication of Attacks
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
APT / Zero Day / Targeted
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
Critical infrastructure
Attack / Malware / Dynamic
& Industrial Control
Trojans / Stealth Bots
Systems / Trade
Secrets / IPs
Exfiltration of PII /
PHI / Credit Card
Malware / Tailored-
Data Breaches / programs / Backdoors / C2
Availability
Viruses / Worms / Botnets
/ Spyware / Tools
Defacement
Scripts / Exploit
programs
Script Hackers Organized Criminals / State-sponsored
Kiddies Syndicates Attacks
The chessboard for hackers has changed: evolving from private and individual targets, now to threatening government
and national critical infrastructure on a global scale
OPEN
March 2017
9 Thales / Template : 87204467-DOC-GRP-EN-002
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
10
March 2017
Thales / Template : 87204467-DOC-GRP-EN-002
Threats We are Facing Every Day
OPENThis document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
11
March 2017
2,745,267 attacks.
Lasted for 6 weeks
Project Honeytrain
Thales / Template : 87204467-DOC-GRP-EN-002
OPENOur 3 Cyber Security Pillars
part or disclosed to a third party without the prior written consent of Thales - © Thales 2015 All rights reserved.
This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in
- Hierarchical deployment of different levels of
Security controls
- Implemented through design (secure by Defense in
design) and operations
- A single failure (equipment, human) would Depth
not propagate to subsequent levels
Cyber Security
- IEC 62443 Standards Framework
- Common Criteria
- FIPS 140 (NIST)
- ISO 2700x (ISMS related)
OPEN
March 2017
12 Thales / Template : 87204467-DOC-GRP-EN-002You can also read
