Cyber Security DirectionsRuss DietzChief Security Officer – GE Digital

2 PREDIX TRANSFORM

Agenda

Security is a GOOD word…

2

Shrink vulnerabilities &

cost

3

Application to infrastructure

4

Isolating BAD stuff

5

Coordinating security

6

Advancement of Cyber threat globalization

1

3 PREDIX TRANSFORM

Say goodbye to Cyber-crime…

Life changing scenario

Collateral damage – risk-based approach

Global Cyber WarForget about user-based

devices

Internet of Things

Machine-to-machine cyber attacks

Data and AnalyticsStandard processes &

get Certified…

Security & PrivacyMoving from

Defense to Risk…

New Cyber Solutions

4 PREDIX TRANSFORM

3.3%

10.3%

Significant Increase…Cyber Espionage & Warfare

(well under-reported!)

UNKNOWN

*HACKMAGEDDON.COM - 2016

*

*

*

5 PREDIX TRANSFORM

Crime

Activism

Terrorism State Sponsored

Weaponized

Globalized

Complexity & Cost

6 PREDIX TRANSFORM

Source: IDC IIoT - 2016

7 PREDIX TRANSFORM

High Impact Low

Common “data” attacks…

Source: IDC IIoT - 2016

8 PREDIX TRANSFORM

9 PREDIX TRANSFORM

Even with massive OT connected growth…… only an 2 – 8% of power generation data is used today.

Energy Processing & Production automation will drive higher use of data across Industrial Internet

Hyper connectivity

10 PREDIX TRANSFORM

Attack the problem…

Content Images © 2015

11 PREDIX TRANSFORM

Machine-to-Machine – Data Security

Content Images © 2015

12 PREDIX TRANSFORM

Predix Cyber & Operational SecurityEnd-to-end Trust – Machine – IT – App - User

PROTECT OT/IT IN AN

APP FACTORY DELIVERY MODEL

SECURE & CERTIFY

OPERATIONAL INFRASTRUCTU

RE

BRING OPERATIONAL AVAILBILITY & GOVERNANCE

WITH “IT”

ESTABLISH USER-BASED WORLD FOR INDUSTRIAL

APPS

… app users to operational… at every connection & layer… automated secure apps … absolute visibility

13 PREDIX TRANSFORM

Inspection, Detection and MonitoringVisibility across the

stack Continuous Monitoring

Network

Web TierCF

PlatformVM Platform

Access

• DDoS Mitigation (16Q1)

• DNS Protection (16Q1)• Edge ACLs & NG FW• Multiple Layers IDS/IPS• SDN Cross Boundary

FWs

Inspection & Detection

• Web Application FW• Runtime Application

Security Protection (16Q1)

• CF App Containerization and Security Groups

Host and OS

• VM and ESXi Host Logs• Linux and Windows

Logs• Host AV• Host IPS , FIM, etc.

(16Q1)• PAM – CF UAA/ACS • PAM –

Apps/Infrastructure

Mon

itorin

g

Point of Presence

SOC SIEM

Predix SOC

Predix Security Analytics

Predix Cyber Security Analysts

Division of LaborPredix Application Security

Predix Platform

Core Infrastructure, Services & GE Enterprise

• Business-specific response team • Deal with inbound infections from customers and

data spill• Secure by design, development and deployment• Face to the Customers & Product Engineering teams

• Predix Ecosystem Defense• Responsible for East/West microservice defense• Growing Security Operations “Muscle Mass”• Joint SOC Operations with GE• Leverage of GE Parent where needed

• Defense of the Enterprise focused• Scaffolding Predix defense needs where appropriate• Threat Intelligence and SIEM integration • Incident Response coordination where needed (multi-business

impact)

PREDIX

15 PREDIX TRANSFORM

Security Operations Center The SOC Offers

• 24 x 7 x 365 network security monitoring for the following technologies:o Integrated Security Information & Event Management

(SIEM)o Signature-based Intrusion Detection & Preventiono Behavioral-based enterprise network securityo Log monitoring & management

• Incident Response (Security Alert and Response Procedure) & Forensics

• Research Alerts, Events, Vulnerabilities • Reporting – Weekly, Monthly, Quarterly,

Ad-hoc, Compliance, and Custom• Vulnerability Scanning & Reporting• Signature Updates• Custom Signatures• Tuning

Predix SOC

16 PREDIX TRANSFORM

Secure by Design - SecDevOps

17 PREDIX TRANSFORM

Secure by Deploy – Strong Chain

Design

DevelopIdentit

y

Individuals

Devices

Software

Data

On-bo

ard

Ingest

ACL La

yers

Tenancy SAST

DAST

Code Vault

OSCARVetted Delivery

Artifacts

18 PREDIX TRANSFORM

Predix – Universal Compliance & Governance

All customer engagements begin with a Predix Controls Matrix (PCM) mappingexercise based on the controls requested by the customer and their regulatory needs

Predix leverages the Cloud Security Alliance Common Control Matrix (CCM) as the baseline for our controls in order to meet shared and cloud security requirements with visibility and transparency.

Our underlying policies, procedures, processes, practices & TSRs are implemented around ISO/IEC 27001/2, AICPA 2014 TSC (SOC), NIST 800-53 & HIPAA – built into 133 policy controls across these 16 areas:

Application & Interface Security 4

Audit Assurance & Compliance 3Business Continuity Management & Operational Resilience 11

Change Control & Configuration Management 5Data Security & Information Lifecycle Management 7Datacenter Security 9

Encryption & Key Management 4Governance and Risk Management 11

Human Resources 11Identity & Access Management 13

Infrastructure & Virtualization Security 13Interoperability & Portability 5

Mobile Security 20Security Incident Management, E-Discovery & Cloud Forensics 5Supply Chain Management, Transparency and Accountability 9

Threat and Vulnerability Management 3Grand Total 133

All customer engagements begin with a Predix Controls Matrix (PCM) mappingexercise based on the controls requested by the customer and their regulatory needs

19 PREDIX TRANSFORM

Solution areas of focusMicro-

containerization & Micro-

segmentation

Data heritage and lineage

Standardized controls &

certifications

Analytic proofing & verification

Multi-party Security

Operations

Risk-based defensive systems

Incident profiling

Anomaly Detection &

Modeling

20 PREDIX TRANSFORM

Wrap it up…

Cyber landscape evolving, increased complexity & cost

Globalization of cyber patterns driving high impact collateral damage

IIoT – Machines making decisions on data – sweet spot

Pure data set & clean analytics – next generation of cyber

Get yourself cyber-aware, certified & SecDevOps

Cyber areas are risk-focused going forward – full defense in depth

21 PREDIX TRANSFORM

Any questions?

22 PREDIX TRANSFORM

Rate Sessions, Submit QuestionsUsing your Mobile App (event code ‘pt2016’)

General Electric reserves the right to make changes in specifications and features, or discontinue the product or service described at any time, without notice or obligation. These materials do not constitute a representation, warranty or documentation regarding the product or service featured. Illustrations are provided for informational purposes, and your configuration may differ. This information does not constitute legal, financial, coding, or regulatory advice in connection with your use of the product or service. Please consult your professional advisors for any such advice. GE, Predix and the GE Monogram are trademarks of General Electric Company. ©2016 General Electric Company – All rights reserved.