The Geospatial Approach to Cybersecurity: An Executive Overview. An Esri White Paper January 2014

Similar documents
An Esri White Paper May 2012 ArcGIS for Emergency Management

Esri for Logistics. Logistics Optimization through GIS

The Geospatial Approach to Cybersecurity: Implementing a Platform to Secure Cyber Infrastructure and Operations. An Esri White Paper June 2015

Making Your Mobile Workforce More Efficient

GIS for Real-Time Crime Centers. An Esri White Paper June 2013

Quick Start Guide to. ArcGISSM. Online. for Public Accounts

Put the Where in Your Enterprise. Deliver Better Outcomes with Esri Location Analytics

Virtualization of ArcGIS Pro. An Esri White Paper December 2015

GIS for Transportation Infrastructure Management

ArcGISSM. Online. The Mapping Platform for Your Organization

Location Analytics for Financial Services. An Esri White Paper October 2013

Location Analytics for. Retail A Knowledge Brief

Quick Start Guide to. ArcGISSM. Online. for Insurance

Publishing Hosted 3D Feature Layers. An Esri White Paper September 2015

Open Data. Open Data. Share and map your data with ArcGIS. technology.

Location Analytics for. Marketing A Knowledge Brief

An Esri White Paper April 2011 Esri Business Analyst Server System Design Strategies

Data Fusion Centers. Transforming Public Safety Information into Actionable Knowledge

An Esri White Paper August 2010 Product Library in Esri Aeronautical Solution: Enabling Seamless Product, Data, and Document Management

THE FAST TRACK TO BUILDING SMART COMMUNITIES BENEFITING FROM THE SMALL MUNICIPAL AND COUNTY GOVERNMENT ENTERPRISE AGREEMENT

Quick Start Guide to. ArcGISSM. Online

An Esri White Paper October 2010 Esri Production Mapping Product Library: Spatially Enabled Document Management System

An Esri White Paper June 2010 Tracking Server 10

An ESRI White Paper May 2007 GIS Supporting the Homeland Security Mission

An Esri White Paper June 2011 ArcGIS for INSPIRE

An Esri White Paper January 2010 ArcGIS Server and Virtualization

Esri Location Analytics for Business Intelligence. An Esri White Paper October 2012

Estimating the Cost of a GIS in the Amazon Cloud. An Esri White Paper August 2012

An Esri White Paper April 2011 Geospatial Intelligence for Fusion Centers

GIS Solutions for Highway and Roadway Management. Average Lane Speed (mph)

GIS Platform for National Security. An Esri White Paper July 2014

An ESRI White Paper May 2007 Mobile GIS for Homeland Security

How To Improve Gis Data Quality

Wildland Fire. GIS Solutions for Wildland Fire Suppression

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

ArcGIS. Server. A Complete and Integrated Server GIS

DoD Strategy for Defending Networks, Systems, and Data

Cybersecurity: Mission integration to protect your assets

Making Your Mobile Workforce More Efficient

GIS for the Fire Service. An Esri White Paper June 2012

An ESRI White Paper October 2009 ESRI Geoportal Technology

Cybersecurity Delivering Confidence in the Cyber Domain

An Esri White Paper January 2011 Estimating the Cost of a GIS in the Amazon Cloud

Spatial Data Infrastructure. A Collaborative Network

Geospatial Considerations for Emergency Call-Taking, Computer-Aided Dispatch, and Record Management Systems. An Esri White Paper January 2016

The Comprehensive National Cybersecurity Initiative

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

How To Create An Insight Analysis For Cyber Security

Payment Card Industry Data Security Standard

GIS and Location Analytics Drive Business

An ESRI White Paper June 2009 ESRI K 12 Solutions: School Bus Routing Using ESRI Tools to Address the Problems

North American Electric Reliability Corporation (NERC) Cyber Security Standard

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Solving the Security Puzzle

An ESRI White Paper May 2010 ESRI Business Analyst Enterprise Deployment

GIS and Mapping Solutions for Developers. ESRI Developer Network (EDN SM)

Beyond the Hype: Advanced Persistent Threats

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

An Oracle White Paper October An Integrated Approach to Fighting Financial Crime: Leveraging Investments in AML and Fraud Solutions

FFIEC Cybersecurity Assessment Tool

Microsoft s cybersecurity commitment

RUAG Cyber Security. More security for your data

Preventing and Defending Against Cyber Attacks November 2010

Real-Time Security for Active Directory

Datacenter Management Optimization with Microsoft System Center

Business Analyst Server

ORACLE S PRIMAVERA FEATURES PORTFOLIO MANAGEMENT. Delivers value through a strategy-first approach to selecting the optimum set of investments

CYBER SECURITY GUIDANCE

CA Service Desk Manager

ESRI Business Analyst for Telecommunications

Detect & Investigate Threats. OVERVIEW

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Actions and Recommendations (A/R) Summary

Redefining Incident Response

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

PRIMAVERA PORTFOLIO MANAGEMENT

ICBA Summary of FFIEC Cybersecurity Assessment Tool

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

PROACTIVE ASSET MANAGEMENT

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Transcription:

The Geospatial Approach to Cybersecurity: An Executive Overview An Esri White Paper January 2014

Copyright 2014 Esri All rights reserved. Printed in the United States of America. The information contained in this document is the exclusive property of Esri. This work is protected under United States copyright law and other international copyright treaties and conventions. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or by any information storage or retrieval system, except as expressly permitted in writing by Esri. All requests should be sent to Attention: Contracts and Legal Services Manager, Esri, 380 New York Street, Redlands, CA 92373-8100 USA. The information contained in this document is subject to change without notice. Esri, the Esri globe logo, ArcGIS, esri.com, and @esri.com are trademarks, service marks, or registered marks of Esri in the United States, the European Community, or certain other jurisdictions. Other companies and products or services mentioned herein may be trademarks, service marks, or registered marks of their respective mark owners.

J10245 The Geospatial Approach to Cybersecurity: An Executive Overview An Esri White Paper Contents Page Introduction... 1 Problem... 1 Cybersecurity Defined... 2 Cyber Supply Line... 2 Conclusion... 3 Esri White Paper i

J10245 The Geospatial Approach to Cybersecurity: An Executive Overview Introduction With organizations' increasing reliance on electronic communications comes the inherent risk of cyber attacks and cyber-enabled espionage. Realizing this, US President Barack Obama issued an executive order that cyber systems (computers and related technology) be considered critical infrastructure to the United States and its people and be protected as such. The role of geospatial technology in the support of physical security is well known and understood. It is used for situational awareness, data management, multiple intelligence (multi-int) fusion, analysis, and information sharing. Physical security is interdisciplinary and relies on multiple sources of information. Yet cybersecurity remains cloistered in information technology (IT) departments, separated from the rest of the organization. Cyber defense should be assessed in terms of its direct contribution to the successful execution of an organization's primary mission. Cybersecurity should be integrated with the various business functions it is protecting. However, in the past, this tight integration has been difficult to achieve. Arguably, the reason for its difficulty is the lack of a common framework that can align the activities of mission specialists with experts in all the other security-related activities required to provide full mission assurance. This paper introduces an approach to creating a geospatial framework that provides shared situational awareness (SSA) for the many activities associated with cyber defense. The goal of this framework is to enable a cross-disciplinary approach to providing organizational mission assurance and resilience by maintaining the availability of priority IT devices during and after a cyber attack. The key concept that makes a common framework possible is that cyberspace is a mechanism to deliver digital data where it is needed. If the data isn't delivered (or if it is inaccurate), then missions fail. By organizing network data, physical security systems, and other multi-int sources such as weather, threats and warnings, and social media, Esri ArcGIS can provide the integrative framework for cybersecurity data. Problem Organizational leaders are increasingly concerned about the threat posed by cyber attacks. However, they generally aren't focused on the technical aspects of the event; they want to understand the impacts to their mission. Before a cyber event occurs, leaders will ask What is the risk posed by a device malfunction? What can be done to mitigate the risk? Esri White Paper

The Geospatial Approach to Cybersecurity: An Executive Overview J10245 After the event, leaders need to know What is the mission impact of the event? Was this an attack? How do we recover our capability? How do we strengthen our ability to be resilient to future events? Answering these questions can be a challenge for IT departments. Their work is predominantly focused on devices, and the mission-to-device relationship isn't always clear. IT divisions take action in prevention, protection, response, and recovery to operate and maintain the network. They must maintain the ability to respond to technologydriven maintenance requirements; however, there should be a way to prioritize prevention and monitoring activities based on current, short-term mission requirements. To respond to these challenges, leaders need a way to incorporate cyber data into their SSA tools to show the impact of cyber attacks on the organization's many other functions. Cybersecurity Defined Cyber Supply Line Cybersecurity is a broad area that encompasses the protection of assets from cyber crime, cyberterrorism, and other network service disruptions that affect operations. Cybersecurity is achieved through active monitoring, detection of malicious activity, and timely reaction to threats. While security in the cyber world is different from that of the physical world, many similar security concepts can be applied to both. A key concept is that location is the foundation to which all activity can be organized. Cybersecurity involves the coordination of many (sometimes disparate) departments including those involved in IT, system design, operations, network analysis, and maintenance, as well as industrial control and supervisory control and data acquisition (SCADA). Because of the complexity of these interwoven systems and applications, cybersecurity actions must be prioritized according to the organization's mission and activities. This requires understanding an organization's specific method of protection and, in the event of an attack, the response. Both protection and response require the coordination and sharing of information between operations, IT, and other departments based on an approach that Esri calls the cyber supply line (CSL). Each organizational device exists within a geospatial context and can be affected by both physical and cyber disturbances. Protecting each device from all disturbances requires the unified effort of personnel from a variety of departments including operations, IT, security, utility, and civil engineering. Multiply this effort by the number of devices included in a typical organization and it is clear that the challenge to management is significant. The CSL provides a methodology to identify the most critical devices for the data flow of a specified mission. This reduces the number of devices being managed from thousands to a few dozen that are focused on the organization's most important missions at a particular time. The direct coordination of all involved departments when responding to a cyber attack is generally not possible. Therefore, personnel must coordinate their responsibilities and activities indirectly by working from a common operational picture (COP) with visualizations customized for their specific needs. Those responsible for maintaining the flow of data must be able to identify and assess the impact of all potential disturbances and have the ability to contact individuals supporting the mitigation efforts as required. January 2014 2

The Geospatial Approach to Cybersecurity: An Executive Overview J10245 From an architecture perspective, cybersecurity is simply a configuration of the ArcGIS platform's current capabilities; software development is not required. New customer data can be added to existing infrastructure data to quickly establish a more robust SSA capability. ArcGIS is widely used within the national security community (defense, national intelligence, critical infrastructure protection, and emergency management). The ArcGIS platform is an out-of-the-box solution that provides the technology to fuse the logical, physical, and geographic data layers to provide comprehensive situational awareness. The ArcGIS platform is able to model the behavior of cyberspace. ArcGIS Network Analyst and other Esri tools can be used to display the various data flows involved in sending organizational data between two locations. However, the real advantage in cybersecurity is the ability of ArcGIS to model effect propagation between layers. For example, a device outage caused by a flood could have a significant negative impact to organizational operations half a world away. Conclusion The ArcGIS platform can be used to fuse location data, cyber activity data, and other information to better anticipate, detect, respond to, and recover from cyber incidents while providing SSA of cyberspace and associated activities. The platform includes tools, workflows, and applications that can be implemented with an organization's existing cybersecurity data and technologies to improve Data management (big data from various sources including security logs and social media). Analysis and fusion (incident analysis, pattern analysis, predictive analysis and multi-int fusion). Visualization for situational awareness (real-time visualization of network/node status, incidents, current network traffic, and continuity of operations). Information sharing (dashboards for a COP of the network, data traffic, and incidents). If you would like to know more about the use of ArcGIS for cybersecurity and the implementation of the cyber supply line, we welcome the opportunity to discuss your requirements and provide a demonstration of the power of ArcGIS for cybersecurity. Please contact us at cybersecurity@esri.com. Esri White Paper 3

Esri inspires and enables people to positively impact their future through a deeper, geographic understanding of the changing world around them. Governments, industry leaders, academics, and nongovernmental organizations trust us to connect them with the analytic knowledge they need to make the critical decisions that shape the planet. For more than 40 years, Esri has cultivated collaborative relationships with partners who share our commitment to solving earth s most pressing challenges with geographic expertise and rational resolve. Today, we believe that geography is at the heart of a more resilient and sustainable future. Creating responsible products and solutions drives our passion for improving quality of life everywhere. Contact Esri 380 New York Street Redlands, California 92373-8100 usa 1 800 447 9778 t 909 793 2853 f 909 793 5953 info@esri.com esri.com Offices worldwide esri.com/locations Printed in USA

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information