d5_cyber security directions-transform2016-final
TRANSCRIPT
Cyber Security DirectionsRuss DietzChief Security Officer – GE Digital
2 PREDIX TRANSFORM
Agenda
Security is a GOOD word…
2
Shrink vulnerabilities &
cost
3
Application to infrastructure
4
Isolating BAD stuff
5
Coordinating security
6
Advancement of Cyber threat globalization
1
3 PREDIX TRANSFORM
Say goodbye to Cyber-crime…
Life changing scenario
Collateral damage – risk-based approach
Global Cyber WarForget about user-based
devices
Internet of Things
Machine-to-machine cyber attacks
Data and AnalyticsStandard processes &
get Certified…
Security & PrivacyMoving from
Defense to Risk…
New Cyber Solutions
4 PREDIX TRANSFORM
3.3%
10.3%
Significant Increase…Cyber Espionage & Warfare
(well under-reported!)
UNKNOWN
*HACKMAGEDDON.COM - 2016
*
*
*
5 PREDIX TRANSFORM
Crime
Activism
Terrorism State Sponsored
Weaponized
Globalized
Complexity & Cost
6 PREDIX TRANSFORM
Source: IDC IIoT - 2016
7 PREDIX TRANSFORM
High Impact Low
Common “data” attacks…
Source: IDC IIoT - 2016
8 PREDIX TRANSFORM
9 PREDIX TRANSFORM
Even with massive OT connected growth…… only an 2 – 8% of power generation data is used today.
Energy Processing & Production automation will drive higher use of data across Industrial Internet
Hyper connectivity
10 PREDIX TRANSFORM
Attack the problem…
Content Images © 2015
11 PREDIX TRANSFORM
Machine-to-Machine – Data Security
Content Images © 2015
12 PREDIX TRANSFORM
Predix Cyber & Operational SecurityEnd-to-end Trust – Machine – IT – App - User
PROTECT OT/IT IN AN
APP FACTORY DELIVERY MODEL
SECURE & CERTIFY
OPERATIONAL INFRASTRUCTU
RE
BRING OPERATIONAL AVAILBILITY & GOVERNANCE
WITH “IT”
ESTABLISH USER-BASED WORLD FOR INDUSTRIAL
APPS
… app users to operational… at every connection & layer… automated secure apps … absolute visibility
13 PREDIX TRANSFORM
Inspection, Detection and MonitoringVisibility across the
stack Continuous Monitoring
Network
Web TierCF
PlatformVM Platform
Access
• DDoS Mitigation (16Q1)
• DNS Protection (16Q1)• Edge ACLs & NG FW• Multiple Layers IDS/IPS• SDN Cross Boundary
FWs
Inspection & Detection
• Web Application FW• Runtime Application
Security Protection (16Q1)
• CF App Containerization and Security Groups
Host and OS
• VM and ESXi Host Logs• Linux and Windows
Logs• Host AV• Host IPS , FIM, etc.
(16Q1)• PAM – CF UAA/ACS • PAM –
Apps/Infrastructure
Mon
itorin
g
Point of Presence
SOC SIEM
Predix SOC
Predix Security Analytics
Predix Cyber Security Analysts
Division of LaborPredix Application Security
Predix Platform
Core Infrastructure, Services & GE Enterprise
• Business-specific response team • Deal with inbound infections from customers and
data spill• Secure by design, development and deployment• Face to the Customers & Product Engineering teams
• Predix Ecosystem Defense• Responsible for East/West microservice defense• Growing Security Operations “Muscle Mass”• Joint SOC Operations with GE• Leverage of GE Parent where needed
• Defense of the Enterprise focused• Scaffolding Predix defense needs where appropriate• Threat Intelligence and SIEM integration • Incident Response coordination where needed (multi-business
impact)
PREDIX
15 PREDIX TRANSFORM
Security Operations Center The SOC Offers
• 24 x 7 x 365 network security monitoring for the following technologies:o Integrated Security Information & Event Management
(SIEM)o Signature-based Intrusion Detection & Preventiono Behavioral-based enterprise network securityo Log monitoring & management
• Incident Response (Security Alert and Response Procedure) & Forensics
• Research Alerts, Events, Vulnerabilities • Reporting – Weekly, Monthly, Quarterly,
Ad-hoc, Compliance, and Custom• Vulnerability Scanning & Reporting• Signature Updates• Custom Signatures• Tuning
Predix SOC
16 PREDIX TRANSFORM
Secure by Design - SecDevOps
17 PREDIX TRANSFORM
Secure by Deploy – Strong Chain
Design
DevelopIdentit
y
Individuals
Devices
Software
Data
On-bo
ard
Ingest
ACL La
yers
Tenancy SAST
DAST
Code Vault
OSCARVetted Delivery
Artifacts
18 PREDIX TRANSFORM
Predix – Universal Compliance & Governance
All customer engagements begin with a Predix Controls Matrix (PCM) mappingexercise based on the controls requested by the customer and their regulatory needs
Predix leverages the Cloud Security Alliance Common Control Matrix (CCM) as the baseline for our controls in order to meet shared and cloud security requirements with visibility and transparency.
Our underlying policies, procedures, processes, practices & TSRs are implemented around ISO/IEC 27001/2, AICPA 2014 TSC (SOC), NIST 800-53 & HIPAA – built into 133 policy controls across these 16 areas:
Application & Interface Security 4
Audit Assurance & Compliance 3Business Continuity Management & Operational Resilience 11
Change Control & Configuration Management 5Data Security & Information Lifecycle Management 7Datacenter Security 9
Encryption & Key Management 4Governance and Risk Management 11
Human Resources 11Identity & Access Management 13
Infrastructure & Virtualization Security 13Interoperability & Portability 5
Mobile Security 20Security Incident Management, E-Discovery & Cloud Forensics 5Supply Chain Management, Transparency and Accountability 9
Threat and Vulnerability Management 3Grand Total 133
All customer engagements begin with a Predix Controls Matrix (PCM) mappingexercise based on the controls requested by the customer and their regulatory needs
19 PREDIX TRANSFORM
Solution areas of focusMicro-
containerization & Micro-
segmentation
Data heritage and lineage
Standardized controls &
certifications
Analytic proofing & verification
Multi-party Security
Operations
Risk-based defensive systems
Incident profiling
Anomaly Detection &
Modeling
20 PREDIX TRANSFORM
Wrap it up…
Cyber landscape evolving, increased complexity & cost
Globalization of cyber patterns driving high impact collateral damage
IIoT – Machines making decisions on data – sweet spot
Pure data set & clean analytics – next generation of cyber
Get yourself cyber-aware, certified & SecDevOps
Cyber areas are risk-focused going forward – full defense in depth
21 PREDIX TRANSFORM
Any questions?
22 PREDIX TRANSFORM
Rate Sessions, Submit QuestionsUsing your Mobile App (event code ‘pt2016’)
General Electric reserves the right to make changes in specifications and features, or discontinue the product or service described at any time, without notice or obligation. These materials do not constitute a representation, warranty or documentation regarding the product or service featured. Illustrations are provided for informational purposes, and your configuration may differ. This information does not constitute legal, financial, coding, or regulatory advice in connection with your use of the product or service. Please consult your professional advisors for any such advice. GE, Predix and the GE Monogram are trademarks of General Electric Company. ©2016 General Electric Company – All rights reserved.