Securing ever growing and complex business systems v1 1
•Download as PPTX, PDF•
2 likes•618 views
This document discusses securing increasingly complex business systems for the future. It covers many aspects of digital, cyber, and information security. It also discusses how legislation in South Africa impacts security and lists various security standards and frameworks. Finally, it discusses concepts like cyber resilience, the CIA security triad of confidentiality, integrity and availability, enterprise security architecture, and the SABSA framework for security strategy and controls.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Securing ever growing and complex business systems v1 1
Similar to Securing ever growing and complex business systems v1 1 (20)
More from Maganathin Veeraragaloo
More from Maganathin Veeraragaloo (20)
Recently uploaded
Recently uploaded (20)
Securing ever growing and complex business systems v1 1
- 1. Securing Ever Growing and Complex Business Systems, For Tomorrow 18th August 2016 Maganathin Marcus Veeraragaloo
- 2. Security Domains Digital Security Cyber Security Information Security IT Security Physical Security IoT Security OT Security Smart Grid Security Network Perimeter Disappearing
- 3. Impact on Security Disciplines Infrastructure Security Network Security IAM Security Application Security Data and Information Security SOC Security Cloud Security Endpoint Security Mobile Security Threat Intelligence Threat and Vulnerability Management Public Key Infrastructure Cyber Security Digital Security Digital Security DigitalSecurity DigitalSecurity
- 4. Impact of South African Legislation 1. Electronic Communications and Transactions Act 2002 2. Regulation of Interception of Communications and Provision of Communication-Related Information Act 2002 3. Protection of Personal Information Act 4 2013 4. National Cybersecurity Policy Framework 2012 5. Cybercrimes and Cybersecurity Bill 6. Protection of Critical Infrastructure Bill 7. General Intelligence Laws Amendment Bill 8. Interception and Monitoring Bill 9. Copyrights Act 98 of 1978 10. Intelligence Services Oversight Act 40 of 1994 11. Promotion of Access to Information Act 2 of 2000 12. Protection of Information Act 84 of 1982
- 5. Varying Standards and Guides 1. ISO/IEC 27001:2013 - Information security management 2. ISO/IEC 27002:2013 - Information technology -- Security techniques -- Code of practice for information security controls 3. NISTIR 7628 Guidelines for Smart Grid Cyber Security 4. IEEE 1588 Annex K describes a security mechanism for clock synchronization 5. ISO 27019:2013 - Information Security for the Energy Utility Industry 6. ISO/IEC 27018:2014 - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 7. 240-55410927 – Cyber Security Standard for Operational Technology 8. NERC CIP V 5 9. The Critical Security Controls for Effective Cyber Defence (SANS) 10. NIST Cyber Security Framework 11. NERC CIP / IEC 62443
- 6. Cyber Security CIACR Confidentiality Cyber Resilience AvailabilityIntegrity Cyber Resilience Cyber Resilience is to maintain the entity´s ability to deliver the intended outcome continuously at all times. This means even when regular delivery mechanisms have failed, such as during a crisis and after a security breach. The concept also includes the ability to restore regular delivery mechanisms after such events as well as the ability to continuously change or modify these delivery mechanisms if needed in the face of new risks. Availability Information systems and the content they contain should be available for appropriate use. The failure of an important system, or even a data center, should not cause long-term outage. Redundancy in storage, processing, and network paths can be used in conjunction with business continuity and disaster recovery (DR) procedures to maintain appropriate availability levels. Confidentiality Prevent intentional or unintentional unauthorized or inappropriate disclosure of information. Integrity Security technologies and processes should prevent unauthorized or inappropriate modification of information and processes, and ensure that information or IT systems—such as structured databases, operating system software, or websites that have many critical and inter-related objects— maintain internal consistency and correctness. Where possible, information should be kept externally consistent with the real-world situations it represents.
- 7. Enterprise Security Architecture – Secure by Design
- 9. Alignment, Integration & Compliance Strategy Strategy & Planning Phase Alignment Risk Management Method Alignment Performance & Reporting Methods Control Objectives Libraries & Standards
- 10. Controls Frameworks & Libraries
- 11. SABSA Risk & Opportunity Model
- 12. SABSA Controls & Enablers Derivation
Editor's Notes
- The Network Perimeter is slowly but, surely evaporating as per the old school of lock down. This is due to innovative services within the IoT and Cloud Services Cyber Security has evolved into Digital Security – where Digital Security encompasses all security domains
- With Digital Security being the evolution of Cyber Security – this will have impact on all Security Disciplines. Only a few main ones have been outlined within this slide – each of these disciplines need further investigation with the impact and advent of Digital Security
- A few of the South African Legislative Acts and a few Bills have been outlined – as this has direct impact within the Cyber Security space. Even though some of these Act have not been promulgated like the PoPI – that has direct impact of Cloud Hosting and where your customer Private Data will be hosted – how safe is your customer data, employee data when hosted outside of the country? Is it safer hosting within South Africa?
- Due to the IoT, Digital Sensors and the blurring of Networks – which Standards and Guides will be the optimal to be used within your industry. With the Standards and Protocols alone for IoT we have a multiple options – REST, SOAP, IPv6, 6LowPAN, UDP, uIP, DTLS, MQTT, CoAP, AMQP
- The challenges from a Security perspective is to ensure that Confidentiality, Integrity, Availability and Cyber Resilience is in place for every organisation – resilience is to ensure that every organisation can bounce back from any attack – as we only have two type of organisations in the world – 1. the ones that have been hacked 2. the ones that are currently being hacked
- The best approach to address Securing Ever Growing and Complex Business Systems – is to start with the Enterprise Security Architecture. You can only start managing the dynamic innovative and growth of business is to design it correctly – where the Enterprise Architecture is aligned to the Corporate Strategies – as indicated in the crop circle it is the overview of SABSA onto the TOGAF Framework - this can be replaced by what each organisation is currently using within their EA space – question is what is done about the Enterprise Security Architecture?
- Just a high level view of the SABSA Meta Model – where we will unpack the different levels of Enterprise Security Architecture – so the recommendation is that each organisation needs to focus on some framework / model to assist with Security being build in when designing for the organisation. This will assist irrespective in which security domain your organisation is focussing on.
- From the Meta Model – we can see how ESA can assist the organisation to address multiple areas ensuring “Secure by Design” approach. ESA is there to assist what is currently available and additionally assist with innovative ideas that are not in place as yet. Secure by Design must ensure there is a paradigm shift that security is part of all initial design and not an add-on as we are dealing with real time challenges and this becomes a huge challenge vs. closing holes after the fact
- As indicated the ESA can assist in defining the different level of controls at the different levels ensuring these are catered before it is released to the general public or employees
- SABSA additionally is a Risk Based Enterprise Security Architecture Approach – ensuring that all risks can be identified at the architectural level vs. the development level. We know that business is moving at the speed of digital speed and the architecture needs to some how align to this approach.
- So in summary the objective is to ensure “Secure by Design” is the flavour of the day – irrespective which industry you are in – in simple terms without proper architecture town planning can end up being an informal settlement or Favela's without any order