SlideShare a Scribd company logo

Cyber Security - Maintaining Operational Control of Critical Services

D
Dave Reeves

This document has been developed to assist organisations with some of the considerations when building and operating critical services from an ICS cyber security perspective. The next whitepaper in the series will focus on securing critical services and the inter dependencies between cyber and physical security.

Technology
1 of 4
Download to read offline
ICS Cyber Security Maintaining Operational Control of Critical Services Dave Reeves November 2017 www.ussgrp.com
Maintaining Operational Control of Critical Services The ongoing operability of critical services, and protection thereof against all types of threats - natural, physical, technological alike – continue to be of great concern to governments. Such services include the provision of water, electricity, telecommunications, health services to the population. Critical services are regarded as the mainstay of both developed and developing economies worldwide, as they provide the basic services a society requires to sustain itself. During wars and conflicts, the critical services of cities and countries are often rendered inoperable. Extreme events can strain critical services in countries most at risk, especially less developed countries. As we have seen from recent events, even in peacetime critical services have been targeted by threat actors. An active and vigilant posture is therefore required at all times. In business operations and cyber security alike the aim is to protect the “cheese” from compromise or loss of operability. As an example: • Within financial services, telecommunication, private and public sector corporates, the “cheese” is normally associated with personally identifiable information (PII), payment card industry (PCI), and sensitive data. Loss of or damage to this information may lead to severe ramifications for both the company holding the data and in some cases the individual to which the information belongs. • Power stations, telecommunications, hospitals, and water systems are infrastructure systems that governments globally typically deem to be critical. The “cheese” is not so much data-centric, but is associated with the company maintaining “operational control” over the Industrial Control Systems (ICS) that provide information for control and operation purposes. In the “CIA triad” (confidentiality, integrity and availability) with information technology systems, primary importance is given to confidentiality and integrity, whilst with operational technology systems the focus is primarily on availability of systems. Establishing Critical Infrastructure History shows that during a “rebuild or establishment” of a country’s critical services much of this is undertaken under stress (war, political unrest etc) by contractors from foreign countries, funded by external agencies with a mixture of foreign and local workers. Building these critical services can take from months to years depending on circumstances. In some environments, physical protection during the building phase is required. The physical protection requirements are wide and varied - from protection of people, locations, vehicles, construction equipment to the supply of food and water to the workers. And that is just the start of the journey. Industrial Control Systems ICSs are an integral part of the operations of critical infrastructure, and are designed to provide information for control purposes. As part of establishing the critical services, ICS need to be designed, deployed, configured and operated securely. Historically ICSs were deployed in an isolated, air-gapped environment, and as such detection and prevention of cyber security attacks were not considered in the design process. ICSs are becoming smarter, further automated, and more connected, which in turn makes them more vulnerable to cyber threats.
Threat actors, by exploiting vulnerabilities in the staff, third parties, networks and software used by these enterprises, could steal information related to the production process or even bring operations to a halt. Threat Actors State and non-state threat actors with malicious intent also pose a profound threat to governments, private businesses, and consumers worldwide. The consequences of a cyber- attack on critical infrastructure could be catastrophic to that city, region or country. Targeted attacks against critical services’ ICSs are real. A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts, or has the potential to impact an organisation's security. Cyber threat actors can be defined in a number of categories including: • Nation states or national governments; • Terrorists; • Industrial spies; • Organized crime groups; • Hacktivists and hackers; • Business competitors; and • Disgruntled insiders. There are reasons why state and non-state threat actors do not want to see the successful implementation or operation of critical services, as disruption of these could: • Lead to slowing down of economic growth and associated benefits; • Maintain the continuance of civil unrest within the targeted region; • Shift a government or administration’s focus to domestic and internal matters and away from international affairs; • Lead to a knock-on effect into the private sector; • Lead to a strain in international relations with allies; • Result in a loss of faith, trust or good standing with world organisation’s such as NATO, WHO, IMF, World Bank etc; and • Lead to a shift of the theatre of operations away from ground forces operations. Former United States Secretary of the Department of Homeland Security Janet Napolitano stated in 2013 that “Our country will, at some point, face a major cyber event that will have a serious effect on our lives, our economy and the everyday functioning of our society”. Though we have seen a rapid increase of cyber-attacks on critical infrastructure in the four years since this was stated, we are yet to see an attack that has such a “serious effect” on an economy. But is this the time to sit on our hands? Keeping services up by improving your ICS cyber security posture The cyber threat landscape continues to evolve and gain sophistication at a rate never before seen. Simultaneously, attackers seem to be always a step ahead in exploiting vulnerabilities across the people, process and technologies spectrum. Organisations need the ability to be able to efficiently detect and mitigate against an advanced cyber-attack. People, Process and Technology elements must be set up effectively to provide this capability. Operating a region’s or a nation’s critical services means that continual and unstinting focus on the asset’s cyber security posture is required. You must be able to promptly “detect and
mitigate” a cyber-attack against your asset. To achieve this continual focus from the appropriate teams as well as ongoing executive support is required. Whether you are uplifting the cyber posture of an existing asset or a greenfield site there are many key elements that you must establish including: • Ensuring that the appropriate level of policies and procedures are developed and kept current and relevant, including incident response. • Ensuring that a multi-year strategy is developed and maintained, ensuring appropriate cyber hygiene for the asset. • Effective cyber security starts at the board level – ensure they are engaged, involved and liable. • Harden the human – develop and maintain cyber awareness training for the system users. • 3rd Parties – Ensure you have an effective working relationship established, so in the time of need you can depend on them. • Undertake cyber threat modelling on your asset. Remediate as applicable. • Cyber Incident Management Scenarios – Exercise, test, validate • Ensure that you have appropriate detection and preventative controls established. • As per the globally recognized NIST standards, “identify” recommendations to keep an accurate inventory of control system devices. • Implement segmentation – and have the ability to inspect (at a minimum) inter- and intra-zone processes. • Remote Access – ensure it is secure, and authorized users are appropriately authenticated and that sessions are encrypted. Consider the use of thin-client architecture, such as virtual desktop infrastructure (VDI). • Ensure Role-Based Access Control is established. • Undertake regular patching in line with applicable vulnerabilities. • Ensure system logging is established and that logs regularly reviewed. • Ensure that an appropriate level of 24/7 monitoring is established. If outsourced ensure provider is a specialist ICS practice. • Follow a framework – consider the NIST Cyber Security Framework. There are numerous articles and publications that assist companies and countries to better protect critical services from a cyber related attack. Both NIST and ICS-Cert have practical cyber security recommendations for ICS including the ones shown below. https://www.nist.gov/topics/cybersecurity https://ics-cert.us-cert.gov/Recommended-Practices Author – Dave Reeves – USS Group - +61 417 223 898 - www.linkedin.com/in/davereeves

Recommended

Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber SecurityVivianMarcello3
 
Scalar_Managed_Security_Services_2016
Scalar_Managed_Security_Services_2016Scalar_Managed_Security_Services_2016
Scalar_Managed_Security_Services_2016patmisasi
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Tictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTicTac Data Recovery
 
Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs
 
Managed Cyber Security Services
Managed Cyber Security ServicesManaged Cyber Security Services
Managed Cyber Security ServicesMichael Bowers
 
Global Cybersecurity Consulting Firm
Global Cybersecurity Consulting FirmGlobal Cybersecurity Consulting Firm
Global Cybersecurity Consulting Firmwilsonconsulting1
 
Cyber Security Management | Cyber Security Consultant | JST Business Solution...
Cyber Security Management | Cyber Security Consultant | JST Business Solution...Cyber Security Management | Cyber Security Consultant | JST Business Solution...
Cyber Security Management | Cyber Security Consultant | JST Business Solution...Sahabuddin Siddiqui
 

Recommended

Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber SecurityVivianMarcello3
 
Scalar_Managed_Security_Services_2016
Scalar_Managed_Security_Services_2016Scalar_Managed_Security_Services_2016
Scalar_Managed_Security_Services_2016patmisasi
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Tictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTicTac Data Recovery
 
Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs
 
Managed Cyber Security Services
Managed Cyber Security ServicesManaged Cyber Security Services
Managed Cyber Security ServicesMichael Bowers
 
Global Cybersecurity Consulting Firm
Global Cybersecurity Consulting FirmGlobal Cybersecurity Consulting Firm
Global Cybersecurity Consulting Firmwilsonconsulting1
 
Cyber Security Management | Cyber Security Consultant | JST Business Solution...
Cyber Security Management | Cyber Security Consultant | JST Business Solution...Cyber Security Management | Cyber Security Consultant | JST Business Solution...
Cyber Security Management | Cyber Security Consultant | JST Business Solution...Sahabuddin Siddiqui
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security ServicesSaratechnology
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEoin Keary
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderCSI Solutions
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesGov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesSplunk
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Global Business Events
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015Shah Sheikh
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsIgnyte Assurance Platform
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Michael Noel
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...Rea & Associates
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 
REPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxREPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxeresavenzon
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 

More Related Content

What's hot

DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security ServicesSaratechnology
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEoin Keary
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderCSI Solutions
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesGov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesSplunk
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Global Business Events
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015Shah Sheikh
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsIgnyte Assurance Platform
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Michael Noel
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...Rea & Associates
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 

What's hot (20)

DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber Resilience
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security Services
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services Provider
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
 
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesGov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
 

Similar to Cyber Security - Maintaining Operational Control of Critical Services

REPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxREPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxeresavenzon
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 
Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich TopCyberNewsMAGAZINE
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxANA Cyber Security Forensic Pvt. Ltd.
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfjasonuchiha2
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technologyijtsrd
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimesChinatu Uzuegbu
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksIRJET Journal
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards ComplianceDr. Prashant Vats
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity reportKevin Leffew
 
Cybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportCybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportSamantha Wagner
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
 
Whitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfWhitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfserve&solve
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveGovernment
 

Similar to Cyber Security - Maintaining Operational Control of Critical Services (20)

REPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxREPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptx
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructure
 
Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich Top Cyber News Magazine Daniel Ehrenreich
Top Cyber News Magazine Daniel Ehrenreich
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart Cities
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdf
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimes
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards Compliance
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity report
 
Cybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportCybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources Report
 
ICS CERT- Incidence Reports
ICS CERT- Incidence ReportsICS CERT- Incidence Reports
ICS CERT- Incidence Reports
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
Whitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdfWhitepaper Pro-active Security Management 2006.pdf
Whitepaper Pro-active Security Management 2006.pdf
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military Perspective
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Cyber Security - Maintaining Operational Control of Critical Services

  • 1. ICS Cyber Security Maintaining Operational Control of Critical Services Dave Reeves November 2017 www.ussgrp.com
  • 2. Maintaining Operational Control of Critical Services The ongoing operability of critical services, and protection thereof against all types of threats - natural, physical, technological alike – continue to be of great concern to governments. Such services include the provision of water, electricity, telecommunications, health services to the population. Critical services are regarded as the mainstay of both developed and developing economies worldwide, as they provide the basic services a society requires to sustain itself. During wars and conflicts, the critical services of cities and countries are often rendered inoperable. Extreme events can strain critical services in countries most at risk, especially less developed countries. As we have seen from recent events, even in peacetime critical services have been targeted by threat actors. An active and vigilant posture is therefore required at all times. In business operations and cyber security alike the aim is to protect the “cheese” from compromise or loss of operability. As an example: • Within financial services, telecommunication, private and public sector corporates, the “cheese” is normally associated with personally identifiable information (PII), payment card industry (PCI), and sensitive data. Loss of or damage to this information may lead to severe ramifications for both the company holding the data and in some cases the individual to which the information belongs. • Power stations, telecommunications, hospitals, and water systems are infrastructure systems that governments globally typically deem to be critical. The “cheese” is not so much data-centric, but is associated with the company maintaining “operational control” over the Industrial Control Systems (ICS) that provide information for control and operation purposes. In the “CIA triad” (confidentiality, integrity and availability) with information technology systems, primary importance is given to confidentiality and integrity, whilst with operational technology systems the focus is primarily on availability of systems. Establishing Critical Infrastructure History shows that during a “rebuild or establishment” of a country’s critical services much of this is undertaken under stress (war, political unrest etc) by contractors from foreign countries, funded by external agencies with a mixture of foreign and local workers. Building these critical services can take from months to years depending on circumstances. In some environments, physical protection during the building phase is required. The physical protection requirements are wide and varied - from protection of people, locations, vehicles, construction equipment to the supply of food and water to the workers. And that is just the start of the journey. Industrial Control Systems ICSs are an integral part of the operations of critical infrastructure, and are designed to provide information for control purposes. As part of establishing the critical services, ICS need to be designed, deployed, configured and operated securely. Historically ICSs were deployed in an isolated, air-gapped environment, and as such detection and prevention of cyber security attacks were not considered in the design process. ICSs are becoming smarter, further automated, and more connected, which in turn makes them more vulnerable to cyber threats.
  • 3. Threat actors, by exploiting vulnerabilities in the staff, third parties, networks and software used by these enterprises, could steal information related to the production process or even bring operations to a halt. Threat Actors State and non-state threat actors with malicious intent also pose a profound threat to governments, private businesses, and consumers worldwide. The consequences of a cyber- attack on critical infrastructure could be catastrophic to that city, region or country. Targeted attacks against critical services’ ICSs are real. A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts, or has the potential to impact an organisation's security. Cyber threat actors can be defined in a number of categories including: • Nation states or national governments; • Terrorists; • Industrial spies; • Organized crime groups; • Hacktivists and hackers; • Business competitors; and • Disgruntled insiders. There are reasons why state and non-state threat actors do not want to see the successful implementation or operation of critical services, as disruption of these could: • Lead to slowing down of economic growth and associated benefits; • Maintain the continuance of civil unrest within the targeted region; • Shift a government or administration’s focus to domestic and internal matters and away from international affairs; • Lead to a knock-on effect into the private sector; • Lead to a strain in international relations with allies; • Result in a loss of faith, trust or good standing with world organisation’s such as NATO, WHO, IMF, World Bank etc; and • Lead to a shift of the theatre of operations away from ground forces operations. Former United States Secretary of the Department of Homeland Security Janet Napolitano stated in 2013 that “Our country will, at some point, face a major cyber event that will have a serious effect on our lives, our economy and the everyday functioning of our society”. Though we have seen a rapid increase of cyber-attacks on critical infrastructure in the four years since this was stated, we are yet to see an attack that has such a “serious effect” on an economy. But is this the time to sit on our hands? Keeping services up by improving your ICS cyber security posture The cyber threat landscape continues to evolve and gain sophistication at a rate never before seen. Simultaneously, attackers seem to be always a step ahead in exploiting vulnerabilities across the people, process and technologies spectrum. Organisations need the ability to be able to efficiently detect and mitigate against an advanced cyber-attack. People, Process and Technology elements must be set up effectively to provide this capability. Operating a region’s or a nation’s critical services means that continual and unstinting focus on the asset’s cyber security posture is required. You must be able to promptly “detect and
  • 4. mitigate” a cyber-attack against your asset. To achieve this continual focus from the appropriate teams as well as ongoing executive support is required. Whether you are uplifting the cyber posture of an existing asset or a greenfield site there are many key elements that you must establish including: • Ensuring that the appropriate level of policies and procedures are developed and kept current and relevant, including incident response. • Ensuring that a multi-year strategy is developed and maintained, ensuring appropriate cyber hygiene for the asset. • Effective cyber security starts at the board level – ensure they are engaged, involved and liable. • Harden the human – develop and maintain cyber awareness training for the system users. • 3rd Parties – Ensure you have an effective working relationship established, so in the time of need you can depend on them. • Undertake cyber threat modelling on your asset. Remediate as applicable. • Cyber Incident Management Scenarios – Exercise, test, validate • Ensure that you have appropriate detection and preventative controls established. • As per the globally recognized NIST standards, “identify” recommendations to keep an accurate inventory of control system devices. • Implement segmentation – and have the ability to inspect (at a minimum) inter- and intra-zone processes. • Remote Access – ensure it is secure, and authorized users are appropriately authenticated and that sessions are encrypted. Consider the use of thin-client architecture, such as virtual desktop infrastructure (VDI). • Ensure Role-Based Access Control is established. • Undertake regular patching in line with applicable vulnerabilities. • Ensure system logging is established and that logs regularly reviewed. • Ensure that an appropriate level of 24/7 monitoring is established. If outsourced ensure provider is a specialist ICS practice. • Follow a framework – consider the NIST Cyber Security Framework. There are numerous articles and publications that assist companies and countries to better protect critical services from a cyber related attack. Both NIST and ICS-Cert have practical cyber security recommendations for ICS including the ones shown below. https://www.nist.gov/topics/cybersecurity https://ics-cert.us-cert.gov/Recommended-Practices Author – Dave Reeves – USS Group - +61 417 223 898 - www.linkedin.com/in/davereeves