![Page 1: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/1.jpg)
Mapping the Dividebetween OT and IT
Imagination at work.
Industrial Controls and Security BarriersJanuary 29, 2014
Mapping the Dividebetween OT and IT
![Page 2: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/2.jpg)
What’s driving theconvergence?
2
![Page 3: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/3.jpg)
Individual vs. EcosystemWhat Happened When 1B People
Became Connected?What Happens When 50B Machines &
People Became Connected?
Entertainment is Digitized
Social Marketing Emerged
Retail & Ad Transformed
Entertainment is Digitized
Consumer Internet
Communications Mobilized
IT Architecture Virtualized
Industrial Internet
Remote monitoring
Predictive Analytics
Virtualized OT
Machine Learning & Automation
Employee Productivity
![Page 4: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/4.jpg)
Technology to Drive OutcomesBrilliant machines Advanced analytics People at work1 2 3
CUSTOMER OUTCOMES
Asset optimizationincrease fuel efficiency
strive for zero unscheduled downtimeOperations optimization
improve processes
GE INVESTMENTS
Domain ExpertiseTechnology
OrganizationEcosystem
![Page 5: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/5.jpg)
Barriers to security inindustrial controls
5
![Page 6: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/6.jpg)
Security Challenges within ICS
http://ics-cert.us-cert.gov/content/recommended-practices
![Page 7: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/7.jpg)
OT is Dated Relative to IT
“Average controllers that are installedtoday are not much more complexthan controllers that were installed 30years ago, and even top-of-the-linemodern controllers look antiquatedand simple compared to any smartphone. In terms of capacity, anaverage controller is comparable toan 1980s-style personal computerwith little processing power andmemory, the latter often beingmeasured in kilobytes.”
“Average controllers that are installedtoday are not much more complexthan controllers that were installed 30years ago, and even top-of-the-linemodern controllers look antiquatedand simple compared to any smartphone. In terms of capacity, anaverage controller is comparable toan 1980s-style personal computerwith little processing power andmemory, the latter often beingmeasured in kilobytes.”
7
Langner, R., Pederson, P. , Bound to Fail: WhyCyber Security Risk Cannot Simply Be“Managed” Away, February 2013.
![Page 8: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/8.jpg)
Long Life Systems
ICS have a span of 15 to30 years.• Operators are slow to maintain
ICS on supported OS platforms.
• High quality lifecycle supportlimiting interruptions willdifferentiate ICS vendors.
ICS have a span of 15 to30 years.• Operators are slow to maintain
ICS on supported OS platforms.
• High quality lifecycle supportlimiting interruptions willdifferentiate ICS vendors.
8
![Page 9: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/9.jpg)
Composed of Disparate Systems
Asset owners’ controls anddevices from multiple controlsproviders–Disparate systems
complicate changemanagement efforts
– Owners haveunprecedented influence todrive standards in M2M
Asset owners’ controls anddevices from multiple controlsproviders–Disparate systems
complicate changemanagement efforts
– Owners haveunprecedented influence todrive standards in M2M
9
![Page 10: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/10.jpg)
Asymmetric risk of updates
Maintaining the process is thenumber one objective.Common practices include:• Infrequent updating to
underlying systems• Resistance to applying
critical, tested updates onsystems with redundancywhile on line.
• Critical infrastructureregulations will drive morefrequent updates.
Maintaining the process is thenumber one objective.Common practices include:• Infrequent updating to
underlying systems• Resistance to applying
critical, tested updates onsystems with redundancywhile on line.
• Critical infrastructureregulations will drive morefrequent updates.
10
![Page 11: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/11.jpg)
Closing the divide –Improving Security in ICS
![Page 12: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/12.jpg)
Foundational Security
Significant strides attainablein ICS security through:
• Personnel training• Incident response• Defined “BYOD” policies
Significant strides attainablein ICS security through:
• Personnel training• Incident response• Defined “BYOD” policies
12
![Page 13: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/13.jpg)
Configuration Management
Industry struggles with basevulnerability assessment andchange management.• Automated reporting on
component and system levelconfiguration.
• Operators and Suppliers workingto define lifecycle managementpolicies, ability to support testingand provision of developmentenvironments.
Industry struggles with basevulnerability assessment andchange management.• Automated reporting on
component and system levelconfiguration.
• Operators and Suppliers workingto define lifecycle managementpolicies, ability to support testingand provision of developmentenvironments.
13
![Page 14: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/14.jpg)
Conclusion
14
![Page 15: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/15.jpg)
“There's an old saying about those who forgethistory. I don't remember it, but it's good.”
― Stephen Colbert
Conclusion
Seek tounderstand the
process
Acknowledgethe asymmetry
of risk in
Study thecultural shift asexperienced in
otherindustries
![Page 16: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/16.jpg)
![Page 17: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/17.jpg)
![Page 18: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/18.jpg)
Transforming and Securing Data
From Bitsand Bytes…
…To a key part ofAT&T’s Value Chain
![Page 19: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/19.jpg)
Growing Security Concerns2013, Forrester asked IT decision makers…What challenges, if any, does your firm face whendeveloping and managing smartphone/tabletapplications and devices?
56%Securing theapps and data
61%Plan to Implementor Expand MobileSolutions
Mobile Security Is a Priority overNext 12 Mos.?
Forrsights Mobility Survey, Q2 2013, Forrester Research, Inc.Forrsights Mobile Survey Q2 2013- Base 2,258 global IT decision-makers
40%
54%
56%
Managing devices thatare both for personal
and corporate use
Providingdevice security
Securing theapps and data
61%Plan to Implementor Expand MobileSolutions
70%Update securitytechnology andprocesses tosupport mobile
![Page 20: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/20.jpg)
Security is a Top Priority for BusinessesAT&T DDoS Mitigations
2011 2012 2013
Increase in DDOS attacksin the last 2 yearsTen-Fold
614%Mobile malware increaseMarch ’12 to March ’13Juniper Networks Mobile Threats Report 2013
MobileSecurity
Securing a mobile workforce- BYOD
CloudSecurity
Protecting sensitive dataand Cloud transactions
614%Mobile malware increaseMarch ’12 to March ’13Juniper Networks Mobile Threats Report 2013
Mobile Attacks Top the List of 2013Security Threats
Cost of managing cyber security breach:ranges from $1.4 million to $46 million/year(56 businesses studied)
![Page 21: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/21.jpg)
How AT&T can help securing your Apps and Data..
Network EnabledUtilizing the network for robustvisibility and control
Highly SecureMobile Business
End to end security for mobile devices,network, and apps
Highly SecureMobile Business
End to end security for mobile devices,network, and apps
Cloud based solutionsScalable, flexible security servicesbuilt in the Cloud
Threat ManagementComprehensive threat detection,response, and mitigation
![Page 22: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/22.jpg)
MultipleOperatingSystems
VaryingDevices
EmployeeRequests andDemandsApplication
Explosion
Mobility Forces Impacting Organizations
22% workers useFile Share/Synch
905M tabletsby 2017
29% workforceAnytime, Anywhere
Sources: Forrester, Mobile Workforce Adoption Trends, February 4, 2013Forrester, Five Seismic Forces Reshuffle the Workforce Vendor Ecosystem, May 10, 2013
MultipleOperatingSystems
VaryingDevices
![Page 23: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/23.jpg)
![Page 24: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/24.jpg)
Device Security Application Security
Security Event &Threat Analysis
![Page 25: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/25.jpg)
Mobile Device Managementmanages the entire DEVICE- Ideal for company-owneddevices
Mobile App Managementmanages the APPLICATION
Device Security Application Security
• Application Lock• Wipe Application• Separate personal and
business data
• Full Device Lock• Wipe full Device• Device VPN
Enables Security & PolicyManagementComplete Visibility into MobileInventory
Secure Content Distribution &Management
Visibility into Applications on device
• Application Lock• Wipe Application• Separate personal and
business data
• Full Device Lock• Wipe full Device• Device VPN
Complementaryor Standalone
Solutions
![Page 26: Mapping the Divide between OT and IT - TMCnet · Juniper Networks Mobile Threats Report 2013 Mobile Security Securing a mobile workforce - BYOD Cloud Security Protecting sensitive](https://reader033.vdocuments.site/reader033/viewer/2022050413/5f89db167fcb8c53fb293622/html5/thumbnails/26.jpg)
Security Event & Threat Analysis
Unparalleled Data Collection Robust Analytics Expert Response & Mitigation
NetworkServerApplicationCustomerIndustryClassified Signatures
10
• 265 Billion flow records processedeach day
• 6.5 Trillion packets/day• 4.4 PetaBytes/day
NetworkServerApplicationCustomerIndustryClassified Signatures
• Daytona Data Mining System• Patented analytic capabilities• Malicious Entity DB (MED) with
1.2M threat signatures• 100s of Millions of events
translated to 100s of alerts daily
• 7x24 redundant SOCs• Over 500 Analysts & Ops SME’s• Tightly integrated with GNOC and
Government SOAC• Reports via BusinessDirect and
Customer Portal