Designing IA for AI - Information Architecture Conference 2024
Cyber security solutions for the energy industry in north america israel galvan
1. 35 años de investigación, innovando con energía
Cyber Security Solutions for the
Energy Industry in North America
MSc. Israel Galván Bobadilla
2. 35 años de investigación, innovando con energía
Agenda
About this presentation
Facts, stats and motivation
Cyber Security in North America
Government
Frameworks
Councils
Research
Solutions
Personal thoughts and conclusions
3. 35 años de investigación, innovando con energía
About this presentation
Cybersecurity and Access Control for Utilities Reverse Trade Mission
for Mexico and Panama to the United States
April 19th – 30th, 2015
SPONSORED BY:
4. 35 años de investigación, innovando con energía
Facts, stats and motivation
5. 35 años de investigación, innovando con energía
“Security incidents has increased 66%”
Global State of Information Security® Survey 2015, PwC
Facts, stats and motivation
“83% view cyberattacks as one of top 3 threats business,
but only 38% are prepared”
Information Systems Audit and Control Association, ISACA
“Approximately 60 to 80 percent of network misuse
incidents originate from the inside network."
Computer Security Institute (CSI) in San Francisco, California
6. 35 años de investigación, innovando con energía
“Cybersecurity is not optional, is
required and mandatory”
Why?
“The more people,
processes and
technologies are involved,
the more risk we will
have…”
Facts, stats and motivation
7. 35 años de investigación, innovando con energía
Government
They provide information about how to:
Invest in physical and cyber risk management products and plans
Educate employees about critical infrastructure security and resilience
Plan for business continuity
Share threat and incident information
Report suspicious activity
Prepare for all hazards at home and at work
Identifies 16 Critical Infrastructure (CI)
sectors, and one of them is: Energy Sector.
They provide Assessment Resources such as:
Computer-Based Assessment Tool (CBAT)
Cyber Security Evaluation Tool (CSET®)
On site support
Critical Infrastructure Cyber Community C³ Voluntary Program
“Adversaries are
getting
sophisticated”
8. 35 años de investigación, innovando con energía
Government
“Invest in People as well as processes and
technology”
MITIGATION BASICS:
ICSJWG 2015 Spring Meeting
The Industrial Control Systems Joint Working Group invites you to
Washington, DC June 23 - 24, 2015
9. 35 años de investigación, innovando con energía
Framework s
NIST worked with stakeholders to develop a voluntary framework – based on
existing standards, guidelines, and practices - for reducing cyber risks to
critical infrastructure.
10. 35 años de investigación, innovando con energía
Government
USTDA also linked us to:
Available resources
for cybersecurity
Cybersecurity Capability Maturity Model
(C2M2)
Electricity Subsector
(ES-C2M2)
11. 35 años de investigación, innovando con energía
Government
12. 35 años de investigación, innovando con energía
Councils
Is a global trade association dedicated to creating
a favorable business, regulatory, and
technological environment for companies that
own, manage, or provide critical
telecommunications systems in support of their
core business.
UTC provides information, products and services that help members:
Manage their telecommunications and information technology more
effectively and efficiently;
Voice their concerns to legislators and regulators;
Identify and capitalize on opportunities linked to deregulation worldwide;
and
Network with other telecom and IT professionals.
13. 35 años de investigación, innovando con energía
Research
“The Health approach, anomalies &
Context-Based Analytics”
INSTITUTE FOR
ELECTRONIC
GOVERNMENT
14. 35 años de investigación, innovando con energía
Solutions
The BIG picture
15. 35 años de investigación, innovando con energía
“One Size DOES NOT fit all..”
Personal thoughts
“Invest more money on technology for humans…”
“Cybersecurity culture is still being an issue,
evangelization is needed...”
“There is a lack of cybersecurity specialists and
there is a lot of job that must be done...”
“Education and awareness are key elements ...”
“The visibility dilemma:
‘You can’t hack/protect what you can’t see’… ”
16. 35 años de investigación, innovando con energía
EU has a lot of solutions for advanced cybersecurity problems
for the short and medium term.
This solutions should be tested and evaluated, in order to
identify where they fit better in our smartgrids.
There is a lot of best practices, lessons learned, successful
policies and models from FERC-NERC, NIST, Homeland
Security that we should adopt and maybe adapt to Mexico’s
needs.
LATAM is still facing old security problems and new problems!
There are no small players on cybersecurity, safety and
resilience is everybody responsibility.
Conclusions
17. 35 años de investigación, innovando con energía
MSc. Israel Galván Bobadilla
ELECTRICAL RESEARCH INSTITUTE
Enabling Technologies Division
Information Technology Department
igalvan@iie.org.mx
+52 (777) 3 62 38 11 Ext. 7526
Thank you!
“We are not in the contest era, we are on the
collaboration era… A great era by the way…”
18. 35 años de investigación, innovando con energía
Just in case
Extra slides
19. 35 años de investigación, innovando con energía
Solutions
Cybersecurity “Big Data” analytics, policy, planning, implementation
and emergency preparedness.
A cloud-based, open architecture
analytical platform for harnessing
data. Provides customizable
methodologies for solving the
complex analytic challenges of
managing “Big Data” in most data
formats.
FEATURES:
Intelligent linkages among disparate data
sources
Web-enabled, infrastructure independent
Flexible and extensible tools for analysis and
relationship mapping
Data type independent and open source access
Quick and easy to deploy
Intuitive, with little user training required
Delivered at a fraction of the cost of legacy,
monolithic data analysis toolsets
20. 35 años de investigación, innovando con energía
Solutions
Incident management and monitoring systems, video surveillance and
sensors, Cybersecurity risk management, preparedness and
integration services, Biometric, electronic badge, smart card and
proximity sensor technologies.
“You Can’t Hack What You Can’t See”
21. 35 años de investigación, innovando con energía
Solutions
Incident management and monitoring systems, video surveillance and
sensors, Cybersecurity risk management, preparedness and
integration services, Biometric, electronic badge, smart card and
proximity sensor technologies.
“You Can’t Hack What You Can’t See”
22. 35 años de investigación, innovando con energía
Solutions
Provides an open infrastructure
to connect sensor-based data,
operations and people to enable
real-time intelligence.
PI System, enables your business
to capture and leverage sensor-
based data across the enterprise
to improve efficiency,
sustainability, quality and safety.
Editor's Notes
254 incidents reported on 2015: 9% natural gas, 9% Petroleum, 11% Electricity
Training on: Operational Security for control systems & cybersecurity
C3: Cybersecurity Education & Awarness (CE&A), Centers of Academic Excellence (CAE), Integrated Cybersecurity Education Communities (ICEC), National Cybersecurity workforce Framework, Cyber Information sharing and collaboration
They have a knowledge base and a Joint Working Group (1,700 members, bi-annual meetings, webinars)
ICS-CERT coordinates control systems-related security incidents and information sharing with Federal, State, and local agencies and organizations, the intelligence community, and private sector constituents, including vendors, owners and operators, and international and private sector CERTs. The focus on control systems cybersecurity provides a direct path for coordination of activities among all members of the critical infrastructure stakeholder community.
Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. It directed NIST to work with stakeholders to develop a voluntary framework – based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure.
The Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
The Department of Homeland Security's Critical Infrastructure Cyber Community C³ Voluntary Program helps align critical infrastructure owners and operators with existing resources that will assist their efforts to adopt the Cybersecurity Framework and manage their cyber risks. Learn more about the C³ Voluntary Program by visiting the C3 Web site.
NIST is also pleased to issue a companion Roadmap that discusses NIST's next steps with the Framework and identifies key areas of cybersecurity development, alignment, and collaboration.
USTDA releases Major Infrastructure Projects in Mexico resource guide, providing valuable insight for U.S. industry on priority infrastructure projects throughout Mexico. - See more at: http://www.ustda.gov/news/pressreleases/2014/LAC/Mexico/MexicoResourceGuide_103114.asp#sthash.oSuEx0cR.dpuf
The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) Version 1.1, which allows electric utilities and grid operators to assess their cybersecurity capabilities and prioritize their actions and investments to improve cybersecurity, combines elements from existing cybersecurity efforts into a common tool that can be used consistently across the industry. The Maturity Model was developed as part of a White House initiative led by the Department of Energy in partnership with the Department of Homeland Security (DHS) and involved close collaboration with industry, other Federal agencies, and other stakeholders.
If you operate any entity within the bulk electric system (BES), you have become aware of the many regulatory changes in recent years. The standards proposed by the North American Electric Reliability Corporation (NERC), accepted and regulated by the Federal Energy Regulatory Commission (FERC), are intended to ensure the security and reliability of systems within the generation, transmission, and distribution of electric power throughout North America. A thorough knowledge of how FERC and NERC operate and enforce these standards will help you to provide a reliable utility service while avoiding millions of dollars in fines for non-compliance.
Definitions: The Difference Between FERC and NERC
FERC is an independent government agency that regulates the transmission of electric and fossil-based power utilities between states. In addition to oversight of wholesale and corporate transactions, FERC is responsible for ensuring safety and reliability in the distribution and transportation of electricity, oil, and natural gas. The agency may enforce its regulatory standards through various means, including civil penalties of millions of dollars per day, per violation.
NERC is a non-profit organization that seeks to ensure the reliability and security of the bulk power system. Overseen by FERC as well as authorities in Canada and part of Mexico, NERC identifies and addresses risks in the power system in order to promote reliability through education and proposed standards for a more secure system.
FERC and NERC have worked together to create the set of Security and Reliability Standards that all entities in the bulk electric system must comply with. These standards are intended to protect utilities from a wide variety of industrial accidents and attacks to the hardware and information systems of power utility companies. In an age of technological advancement, these regulations are constantly being updated to meet the needs of the industry and its consumers.
http://versify.com/FERC_And_NERC.html
We expect our electricity (for heat, air conditioning, and lights), water, and other utilities to be available whenever we want them. But our everyday essentials have become the target of our adversaries. Exacerbating the situation, when a part of the grid fails, we don’t know whether it is from natural causes or the actions of bad actors. Regardless, the failure needs to be fixed.Despite our diligence in the creation of new electric grid standards, these standards are not sufficient to address the urgent cyber threats and challenges that critical infrastructures now face.
The lack of electric grid standard granularity can result in a failure. There are also several other factors at play:
Complexity and sophistication of a smart grid
Large number of electric grid components
Wide variety of involved actors
Lack of time stamp standardization among grid components
An assortment of smart grid standards, such as the International Electrotechnical Commission (IEC) and the Institute of Electrical and Electronics Engineers (IEEE), allow a viable approach vector to insert disinformation into the grid via a myriad of threat vectors.
Innovative analytic approaches are required for the detection of one type of threat, known as misinformation or disinformation or astroturfing. This paper proposes a strategy that combines contextual analytics for version verification (current component state, component history, graphical knowledge of grid connectedness, a decay function for impact of other components), predictive modeling, and a computing model assessment using edge computing.
This IBM® Redguide™ publication describes the various issues that can impact the energy grid and provides examples of grid failures. It discusses the value and possibilities of a smart grid and how analytics can play a key role in the overall solution. It also introduces the combination of Irwin technology from Mehta Tech, Inc. and the IBM Watson™ cognitive system, which form a technology stack to monitor the electric grid.
The Aveshka Homeland Security team serves as a bridge between the public and private sectors in the development of homeland security solutions and provides hypothesis-driven, fact-based analysis coupled with strategic advice based on deep experience in the Homeland Security Enterprise. Since its inception, Aveshka has provided support to both U.S. and international Government departments and agencies, and to private sector entities seeking policy, strategy, implementation, and operational support. Currently, Aveshka supports numerous components of the Department of Homeland Security, including the Federal Emergency Management Agency, the Office of Critical Infrastructure Protection, the Office of Policy, and the Office of Cybersecurity and Communications, as well as components of the Departments of Defense and Justice.
Aveshka homeland security personnel previously held a variety of senior roles in Federal, State, and local governments and are well-recognized experts in a broad set of homeland security disciplines, including emergency management, public safety, critical infrastructure protection, cybersecurity, border and transportation security, public health, counterterrorism, and CBRNE. Our exceptional team of subject matter experts provides services in the following primary areas: policy development; strategic planning; program management; organizational design; exercise design, conduct, and evaluation; risk analysis, assessment, and research; and cybersecurity and information technology.
The Unisys Stealth Solution Suite helps organizations address a growing number of cybersecurity attacks and hacker incidents. These solutions use patented and patent pending security techniques designed to cloak data communication end points, such as end user devices, data center servers and applications, to become invisible on the network and therefore removed as targets for hackers.
The Unisys Stealth Solution Suite helps organizations address a growing number of cybersecurity attacks and hacker incidents. These solutions use patented and patent pending security techniques designed to cloak data communication end points, such as end user devices, data center servers and applications, to become invisible on the network and therefore removed as targets for hackers.
“Trust are the bits on your computer” (integrity) His software is based on the Microsoft Best Secure Coding Practices
“Data is a Business asset”
Unleash Your Infrastructure
Sensors are everywhere and the availability of process data across operations is critical to drive operational excellence. Hidden in the data are insights to help improve quality, energy efficiency, asset health, regulatory compliance, safety, and process efficiencies. To unlock the potential requires an infrastructure to empower data, assets, people, and decisions.
The Power of Connection
The physical and digital worlds are colliding every second, creating an imperative within the operational organization to connect people and systems to create awareness and intelligence. Data is the empowering thread - creating the digital infrastructure for a city, establishing context to data with geospatial mapping and real-time events, and sharing of data both within organizations and beyond traditional boundaries in real-time so every individual can make informed decision.