RESILIENCE AGAINST CYBER ATTACKS Protecting Critical Infrastructure Information

Similar documents
CENTRALIZED CONTROL CENTERS FOR THE OIL & GAS INDUSTRY A detailed analysis on Business challenges and Technical adoption.

EMPOWER YOUR ORGANIZATION - DRIVING WORKFORCE ANALYTICS

Software Defined Infrastructure The Next Wave of Workload Portability Vinod Eswaraprasad Principal Architect, Wipro

CYBER SECURITY, A GROWING CIO PRIORITY

High Performance Analytics through Data Appliances

SMART FACTORY IN THE AGE OF BIG DATA AND IoT

UP IN THE CLOUD

CRITICAL SUCCESS FACTORS FOR A SUCCESSFUL TEST ENVIRONMENT MANAGEMENT

Re-Shaping Retail Integration. Changing retail landscape with Social-Mobile-Analytics-Cloud.

PREDICTIVE INSIGHT ON BATCH ANALYTICS A NEW APPROACH

Evaluating Managed File Transfer Solutions

DIGITAL WEALTH MANAGEMENT FOR MASS-AFFLUENT INVESTORS

MANAGING LINEAR ASSETS Managing Linear Assets has always been a challenge; find out how customers leverage SAP to meet industry requirements.

NFV and its Implications on Network Fault Management Abhinav Anand

Powering the New Supply Chain: Demand Sensing for Small and Medium-Sized Businesses

TRANSFORMING TO NEXT-GEN APP DELIVERY FOR COMPETITIVE DIFFERENTIATION

THE FORECAST FOR CLOUD IS SUNNY Sudeshna Bhadury

MOBILITY AS A SERVICE (MaaS)

Future of Minerals Exploration Helping the mining industry go deeper.

Enriching In-Store Experience with Analytics

Going Seamless with SIAM. Why you need a platform-based approach for Service Integration and Management

Analytics in an Omni Channel World. Arun Kumar, General Manager & Global Head of Retail Consulting Practice, Wipro Ltd.

Telecom Analytics: Powering Decision Makers with Real-Time Insights

IDENTITY & ACCESS MANAGEMENT IN THE CLOUD

INTERNET OF THINGS Delight. Optimize. Revolutionize.

WIPRO S MEDICAL DEVICES FRAMEWORK

NATURAL RESOURCES: Mining the way ahead

How To Manage A Supply Chain

BENCHMARKING THE ENTERPRISE S B2B INTEGRATION MATURITY

OPERATIONAL BENCHMARKING DRIVING BUSINESS EFFICIENCY

DIGITAL INTEGRATED PLATFORM: BRINGING RESILIENCE TO CONSTRUCTION ENTERPRISE

CONNECTED HEALTHCARE. Multiple Devices. One Interface.

Application of Big Data Solution to Mining Analytics Sandipan Chakraborti Senior Architect ENU

ENCOURAGING STORE ASSOCIATES IN AN OMNI CHANNEL WORLD MAKING INCENTIVE SCHEMES TRUE AND FAIR

An Integrated Validation Approach to SDN & NFV

RIGHT INTEGRATION STRATEGY - A CORNERSTONE FOR OMNI-CHANNEL RETAIL

Revenue Enhancement and Churn Prevention

mhealth SOLUTIONS EMPOWER MASSES WITH AFFORDABILITY, ACCESSIBILITY AND QUALITY HEALTHCARE Santhosh Kumar Madathil Aparna Kumpatla

Averting Chaos with Dual Supply Chain Management Strategy

Managing Skills Challenge in an Open Source World Prajod Vettiyattil Software Architect Wipro Limited

BETTER DESIGNED BUSINESS PROCESSES

OPTIMIZING INSURANCE DISTRIBUTION THROUGH A HYBRID MODEL

Transforming Distribution Utilities

Big Data Analytics Driving Revenue Growth in Retail Banking Sandeep Bhagat, Practice Head, Big Data Analytics, Wipro Analytics

Manage Your Leads Well to Boost Sales Volumes Anupam Bhattacharjee Shine Gangadharan

Standardize & Manage Test Environments

The Wipro NxtGen MEMS Advantage. Wipro NxtGen MEMS

WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM)

HR - A STRATEGIC PARTNER Evolution in the adoption of Human Capital Management systems

Petroleum Retailers Ready to Fuel Omni-channel for a Seamless Customer Experience Sudhansu Choudhury Senior Consultant, Wipro

Data Quality Obligation by Character but Compulsion for Existence Sukant Paikray

MULTI-TENANT UTILITIES: THE FUTURE OF SECURITIES PROCESSING

WIPRO S ENTERPRISE UNIFIED COMMUNICATION AND CONTACT CENTER MANAGED SERVICES

OPTIMIZATION OF QUASI FAST RETURN TECHNIQUE IN TD-SCDMA

Mobile Application Management. Anand Kale Mobility Solutions Head- Banking & Financial Services, Wipro Mobility Solutions

Amanda, a working mom, spotted a summer skirt on the website of a top clothing brand and ordered it. When the skirt arrived it was the wrong color.

The New Developments in Telecom. Threat or Opportunity? Venkataraman Mahadevan General Manager Wipro BPO, Global Media and Telecom.

Community Analytics Catalyzing Customer Engagement Srinath Sridhar Wipro Analytics

ACCOMMODATING IOT / M2M REQUIREMENTS IN THE CELLULAR ECOSYSTEM Mahendra Agarwal Architect, Wipro Tecnologies

Real-Time Data Access Using Restful Framework for Multi-Platform Data Warehouse Environment

SDN/NFV TRANSFORMATION FOR SERVICE PROVIDER NETWORK

The Global Supply Chain Goes Collaborative

KNOW THE UNKNOWN WITH SECURITY ANALYTICS

PRODUCTION SURVEILLANCE DASHBOARDS IN UPSTREAM INDUSTRY

Risks in Middleware Migration- Demystifying the Journey

KEEPING ENERGY M&As ON TRACK WITH EARLY IT ENGAGEMENT

Addressing Need-Based Consumerism for Cloud Services Robert Bates SMAC Architecture Group Head, Advanced Technologies & Solutions

Enterprise Architecture for Communication Service Providers: Aligning Business Goals to IT

COMBATING CYBER THREATS: A HOW TO FOR THE CISO.

Agile Change: The Key to Successful Cloud/SaaS Deployment

VIRGINIE O'SHEA Senior Analyst, Securities and Investments, Aite Group

SaaS Maturity Evolution for Transforming ISVs business

Critical Controls for Cyber Security.

Freight aggregation in order fulfilment lifecycle to achieve better freight planning

The Mobile Enterprise: Employee Self Service. Deepali Majumder, Senior Consultant, Wipro Mobility Solutions

Software vendors evolution in the new industry paradigm

APPLICATION REPLATFORMING : MIGRATION AND MODERNIZATION

Transcription:

www.wipro.com RESILIENCE AGAINST CYBER ATTACKS Protecting Critical Infrastructure Information Saritha Auti Practice Head - Enterprise Security Solutions, Wipro

Table of Contents 03... Abstract 03... Why is Infrastructure Critical? 04... Guidelines to Defining a Successful Critical Infrastructure Protection (CIP) Strategy 06... Cyber Security and Critical Infrastructure 06... Illustration: Example of Industrial Control Systems Networks 07... Solution for securing Industrial Control Systems Networks 08... Cyber Security Solution Roadmap 09... Conclusion 10... About the Author 10... About Wipro Ltd.

Abstract The recent increase in the frequency and impact of cyber-attacks have kept Critical Infrastructure companies on their toes, fearing the worst for their organizations if an attack occurs on their critical infrastructure. A recent news article published by the New York Times states that cyber attacks are on the rise against corporations in the United States, with a particular focus on Energy companies. Reports of an attack similar to the Shamoon Saudi Aramco attack are expected but the impact of such an attack in the United States would be of a magnitude much greater than Shamoon. These threats have made governments across the world wake up and take notice of Critical Infrastructure Protection as one of their highest priorities. Why is Infrastructure Critical? An infrastructure becomes critical when a disruption to this infrastructure results in irreversible and enormous loss (e.g. loss of life, environment etc.). The growing threat of international terrorism led policy makers to reconsider the definition of infrastructure in the context of specific non-functional requirements (NFR) of the business. These NFRs included Security, Performance, Availability, Integrity and Confidentiality (SPAIC). Each business has its own definition of SPAIC based on the regulatory requirements and country specific policies. Critical Infrastructure is always associated with regulatory requirements and key resources who are directly handling the critical infrastructure. As such, any intentional or unintentional disruption to these will have a significant impact on the environment and life. 03

The following areas are considered to be a part of Critical Infrastructure: There is an impending need for countries to develop a national critical infrastructure strategy which will provide a comprehensive and collaborative approach to enhance the Agriculture Food resiliency of critical infrastructure. This common approach will enable partners to respond collectively to risks and target resources to the most vulnerable areas of critical infrastructure. Utilities - Drinking water and sewage management system Government Defense Oil and Gas infrastructure Nuclear Power Plants and the facilities that produce, use, store, and dispose off nuclear material Energy - production, transmission, and distribution services and critical facilities Special events of national significance Healthcare - drug discovery and development, patient information Banking and Finance Process industries Transportation - including railways, highways, shipping ports and airports & civilian aircrafts Livestock, agriculture, and systems for the provision of water Communication links Public and privately owned information systems with critical business data (e.g., information about oil reserves, information within Stock Exchanges, information about nuclear programs, drug research data, privacy information, financial data etc.) Guidelines to Defining a Successful Critical Infrastructure Protection (CIP) Strategy Industry leaders suggest that the government and the private sector should collaborate to protect a nation s critical infrastructure. This collaboration calls for the development of trusted partnerships to build regulatory requirements, governance processes, and resilience options jointly based on the existing mandates and responsibilities. The strategy should outline mechanisms to: 1. Create a government owned CIP Forum to share information about potential threats and disruptions through a highly confidential government owned body. Discussions in this forum should: a. Feed into the regulatory enhancements as a continuous improvement program b. Create awareness in both urban and rural areas 2. Create guidelines to protect critical assets and information 3. Build country specific risk frameworks for each critical infrastructure with guidelines to define asset criticality 4. Build a RACI (responsibility, accountability, consulted, informed) matrix 04

The Strategy should: 1. Put the onus on Critical Infrastructure companies to give high priority to the protection of their critical infrastructure 2. Should be defined considering Central Governments, States, Districts, and City Corporations responsible for protecting their own critical infrastructure and for supporting owners and operators in addressing this challenge 3. Enhance the resiliency of critical infrastructure through an appropriate combination of security measures to address human induced intentional threats, business continuity practices to deal with disruptions and ensure the continuation of essential services, and emergency planning to ensure adequate response procedures are in place to deal with unforeseen disruptions to critical infrastructure Actionizing the Strategy for a Safer Future 1. Review existing Risk and Resilience processes (Sector wise) 2. Standardize it based on the new definition of critical infrastructure and assets Level 4 Level 3 Regulate and Standardize the CIP Security Risk Management 1. Create a risk committee at each governance level along with an emergency response team 2. Undertake risk assessments of sector wise critical infrastructure 3. Develop emergency programs and plans 4. Define assessment programs 5. Define vulnerability metrics and threat map Level 2 Level 1 Build Partnerships Define Critical Infrastructure and Assets 1. Develop sector networks 2. Establish the national Cross-Sector forum 3. Conduct Research and Development 4. Develop joint intiatives 1. Define guidlines to identity and categorize a critical infrastruture component 2. Define the life of each critical asset 05

Cyber Security and Critical Infrastructure Cyber security for critical infrastructure depends a lot on the sector to which the critical infrastructure belongs. Its objectives are: 1. Integrated security operations platform This should Broadly, cyber security can be classified into the following components for all Sectors: 1. Cyber Security Governance 2. Security Convergence Platform 3. Integrated security operations 4. Security Analytics 5. Risk and Threat Intelligence provide a single platform where logs are collected, correlated, analyzed. This platform should collect logs from both IP and non IP devices, should be intelligent to dynamically build rules to eliminate False Positives 2. Unified Security view The platform should be built on regulatory requirements, country specific rules, risk framework, criticality of assets and information. It should be based on Security Analytics framework which will score incidents, identify patterns and provide security and risk posture of the critical infrastructure at any point of time. An extension to this is predictive analysis which should help predict threat patterns and help sectors to plan mitigation 3. Resilience strategy It is the quickness with which the critical infrastructure can bounce back after disruption. This should primarily be the Disaster Recovery and Business Continuity Plan for Critical Infrastructure. This is more of a policy and process which should be reviewed at pre-defined schedules for readiness Illustration: Example of Industrial Control Systems Networks Cyber security is becoming important for critical infrastructure due to the latest technology implementations like IP communications, BYOD policies etc. Similar to IT Infrastructure, Critical Infrastructure has its share of vulnerabilities that can t be addressed due to the proprietary nature of the OS and hardware. These devices are not regularly patched as the hardware patch release cycle is adhoc or longer than software patches. This being the problem statement, the critical infrastructure component becomes vulnerable to malwares, advanced persistent threats and service disruption. In general, ICS networks lack features like monitoring, metrics, analytics and intelligence to predict threats. The solution should be capable of handling known problems and zero day vulnerabilities. 06

Solution for securing Industrial Control Systems Networks Industrial User 1 Industrial User 2 Business User Enterprise User Access Control Gateway Privilege User Management Identity Governance Secure Link- Authenticated Users Basic authentication and authorization Enterprise Portal User 1 User 2 Access Control Gateway - Request Router and Personalization Industrial Network Historian Servers Controllers, Data Awareness HMI Alert management & situational awareness Event Logger from Smart Meter Networks Security Operations - Log aggregation, Event Correlation for both Industrial Networks and Corporte Networks Event Logger from IT Networks Security Analytics, Risk Framework, Risk and threat Intelligence Alert mangement & Situational Awareness Event Logger from Smart Meter Network Headend Headend Logger Unidirectional Firewalls Corporate Networks Concentrator Concentrator Meter The solution platform should address the issues mapping the solution-to-sector specific value chain, applying global regulatory requirements and defining points of vulnerability to address known and unknown threat vectors. 07

Cyber Security Solution Roadmap Cyber security for critical infrastructure should be broadly developed as per the roadmap shown in the illustration below Integrated Security Solutions for Each Sector Spanning Business Processes and Architecture Predictive Analysis, Pattern Analysis, Risk & Threat Inteligence Security Convergence Maturity Security Convergence Hygene Creating a Platform for Security Analytics End-to-End Corelation across the Infrastructure Core Security services IT Security Securing Business Enabling Application and IT Infrastructure Securing Business Processes and related IT Infrastructure The level of maturity of a Cyber Security solution for CIP needs to progress through the stages shown in the illustration, gradually making the transformation from Core Integrated Security Solutions which involve predictive analytics and intelligence spanning business processes and architecture. Security Services to Security Convergence and finally to 08

Conclusion The implications of a Critical Infrastructure collapse are huge and need to be looked at from a long-term perspective. Close synergies between the government and the private sector need to be present to develop a comprehensive and robust strategy for thwarting off impending threats from politically motivated groups, cyber criminals and other such rogues. Steps should be taken to ensure CIP across all layers of CI Architecture, with components addressing business and operational processes, applications, data, communication, network and perimeter for IT and Operations Technology Network. 09

About the Author Saritha Auti, Practice Head - Enterprise Security Solutions, Wipro Saritha has over 17 years of experience in Enterprise Security & Architecture, spanning a wide gamut across product development, application security, systems integration, Enterprise Architecture and security architecture consulting. She heads Enterprise Security Architecture and Industrial Security Practice for Wipro with specific focus on Critical Infrastructure Security. She has devised several security solutions and architecture strategy for Oil & Gas, Telecom, Financial Sectors, Utilities, Defense, and has lead Security Architecture transformation programs. Apart from technology she is an ardent trekker, culture enthusiast and loves connecting with people. To know more, contact: saritha.auti@wipro.com About Wipro Ltd. Wipro Ltd. (NYSE:WIT) is a leading Information Technology, Consulting and Outsourcing company that delivers solutions to enable its clients do business better. Wipro delivers winning business outcomes through its deep industry experience and a 360 degree view of "Business through Technology" - helping clients create successful and adaptive businesses. A company recognized globally for its comprehensive portfolio of services, a practitioner's approach to delivering innovation and an organization wide commitment to sustainability, Wipro has a workforce of 140,000 serving clients across 61 countries. For more information, please visit www.wipro.com. 10

DO BUSINESS BETTER NYSE:WIT OVER 140,000 EMPLOYEES 61 COUNTRIES CONSULTING SYSTEM INTEGRATION OUTSOURCING WIPRO TECHNOLOGIES, DODDAKANNELLI, SARJAPUR ROAD, BANGALORE - 560 035, INDIA. TEL : +91 (80) 2844 0011, FAX : +91 (80) 2844 0256, Email: info@wipro.com North America South America United Kingdom Germany France Switzerland Poland Austria Sweden Finland Benelux Portugal Romania Japan Philippines Singapore Malaysia Australia China South Korea New Zealand WIPRO LTD. 2014 No part of this booklet may be reproduced in any form by any electronic or mechanical means (including photocopying, recording and printing) without permission in writing from the publisher, except for reading and browsing via the world wide web. Users are not permitted to mount this booklet on any network server. IND/BRD/MAR 2014-MAY2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information