Cyber Security: Software Risk Management for Utilities

Transcription

1 Cyber Security: Software Risk Management for Utilities Gary McGraw, Ph.D. Chief Technology Officer, Cigital

2 Founded in 1992 to provide software security and software quality professional services Recognized experts in software security and software quality Widely published in books, white papers, and articles Industry thought leaders Cigital

3 The Problem

4 Internet adoption remains astounding 100% 90% 80% 70% 60% 50% Inte rne t(1991) 40% Ce ll P hone (1983) P C(1975) 30% V CR(1952) M icro w a ve (1953) 20% Te le vision(1926) Airpla ne (1903) 10% Autom obile (1886) Te le p hone (1876) 0% Ele ctricity(1873)

5 Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication. Dennis C. Blair, director of national intelligence to the Senate Intelligence Committee February 2nd Tag, you re it The Chinese attacks on Google are "a wake-up call to those who have not taken this problem seriously." Our nation s critical infrastructure is in the crosshairs. You are part of it.

6 In July 2009 at BlackHat (a hacker conference) consultant/hackerboy Mike Davis revealed Smart grid = dumb cyber risk design flaws in specific meter models (bought on ebay) poor crypto and authentication a simulated smart meter worm the potential for a meter botnet What could attackers do if they controlled thousands of your meters? If 50,000 meters went down, would a 30MW stability problem exist?

7 Today s computer and network security mechanisms are like the walls, moats, and drawbridges of medieval times. At one point, effective for defending against isolated attacks, mounted on horseback. Unfortunately, today s attackers have access to airplanes, GPS, and laserguided bombs! Defending castles is passé Your IT guy is probably not a real security guy anyway.

8 Software runs the smart grid. Internet-connected software. Broken software.

9 A big problem: more code, more bugs Millions of Lines Win 3.1 (1990) Win NT (1995) Windows Complexity Win 95 (1997) NT 4.0 (1998) Win 98 (1999) NT 5.0 (2000) Win 2K (2001) XP (2002) Software Vulnerabilities

10 Solving the Problem

11 Security is all about the software Old paradigm Defending the perimeter Network security Reactive IT/MIS/CISSP New paradigm Building secure systems Software security Proactive Software people The biggest risks lie in code hosted on the Net Application code is often developed in-house COTS security is a pervasive problem Software is the weakest link in the chain

12 Security must make business sense OPTIMAL LEVEL OF SECURITY AT MINIMUM COST COST ($) TOTAL COST COST OF SECURITY COUNTERMEASURES COST OF SECURITY BREACHES 0% SECURITY LEVEL 100%

13 Why risk management? Business understands the idea of risk, even software risk Technical perfection is impossible There is no such thing as 100% security Perfect quality is a myth Technical problems do not always spur action Answer the Who cares? question explicitly Help customers understand what they should do about software risk Build better software Who cares?

14 Security methods Code review Architectural risk analysts Penetration testing Vendor assessment COTS analysis BSIMM scoring

15 Where to Learn More

16 informit & Justice League No-nonsense monthly security column by Gary McGraw In-depth thought leadership blog from the Cigital Principals Scott Matsumoto Gary McGraw Sammy Migues Craig Miller John Steven

17 IEEE Security & Privacy Magazine + 2 Podcasts Building Security In Software Security Best Practices column edited by John Steven

18 Software Security: the book How to DO software security Best practices Tools Knowledge Cornerstone of the Addison- Wesley Software Security Series

19 Cigital s Software Security Group invents and delivers Software Quality Management For more See the Addison-Wesley Software Security series Send [email protected] So now, when we face a choice between adding features and resolving security issues, we need to choose security. -Bill Gates