mapping the divide between ot and it - tmcnet · juniper networks mobile threats report 2013 mobile...
TRANSCRIPT
Mapping the Dividebetween OT and IT
Imagination at work.
Industrial Controls and Security BarriersJanuary 29, 2014
Mapping the Dividebetween OT and IT
What’s driving theconvergence?
2
Individual vs. EcosystemWhat Happened When 1B People
Became Connected?What Happens When 50B Machines &
People Became Connected?
Entertainment is Digitized
Social Marketing Emerged
Retail & Ad Transformed
Entertainment is Digitized
Consumer Internet
Communications Mobilized
IT Architecture Virtualized
Industrial Internet
Remote monitoring
Predictive Analytics
Virtualized OT
Machine Learning & Automation
Employee Productivity
Technology to Drive OutcomesBrilliant machines Advanced analytics People at work1 2 3
CUSTOMER OUTCOMES
Asset optimizationincrease fuel efficiency
strive for zero unscheduled downtimeOperations optimization
improve processes
GE INVESTMENTS
Domain ExpertiseTechnology
OrganizationEcosystem
Barriers to security inindustrial controls
5
Security Challenges within ICS
http://ics-cert.us-cert.gov/content/recommended-practices
OT is Dated Relative to IT
“Average controllers that are installedtoday are not much more complexthan controllers that were installed 30years ago, and even top-of-the-linemodern controllers look antiquatedand simple compared to any smartphone. In terms of capacity, anaverage controller is comparable toan 1980s-style personal computerwith little processing power andmemory, the latter often beingmeasured in kilobytes.”
“Average controllers that are installedtoday are not much more complexthan controllers that were installed 30years ago, and even top-of-the-linemodern controllers look antiquatedand simple compared to any smartphone. In terms of capacity, anaverage controller is comparable toan 1980s-style personal computerwith little processing power andmemory, the latter often beingmeasured in kilobytes.”
7
Langner, R., Pederson, P. , Bound to Fail: WhyCyber Security Risk Cannot Simply Be“Managed” Away, February 2013.
Long Life Systems
ICS have a span of 15 to30 years.• Operators are slow to maintain
ICS on supported OS platforms.
• High quality lifecycle supportlimiting interruptions willdifferentiate ICS vendors.
ICS have a span of 15 to30 years.• Operators are slow to maintain
ICS on supported OS platforms.
• High quality lifecycle supportlimiting interruptions willdifferentiate ICS vendors.
8
Composed of Disparate Systems
Asset owners’ controls anddevices from multiple controlsproviders–Disparate systems
complicate changemanagement efforts
– Owners haveunprecedented influence todrive standards in M2M
Asset owners’ controls anddevices from multiple controlsproviders–Disparate systems
complicate changemanagement efforts
– Owners haveunprecedented influence todrive standards in M2M
9
Asymmetric risk of updates
Maintaining the process is thenumber one objective.Common practices include:• Infrequent updating to
underlying systems• Resistance to applying
critical, tested updates onsystems with redundancywhile on line.
• Critical infrastructureregulations will drive morefrequent updates.
Maintaining the process is thenumber one objective.Common practices include:• Infrequent updating to
underlying systems• Resistance to applying
critical, tested updates onsystems with redundancywhile on line.
• Critical infrastructureregulations will drive morefrequent updates.
10
Closing the divide –Improving Security in ICS
Foundational Security
Significant strides attainablein ICS security through:
• Personnel training• Incident response• Defined “BYOD” policies
Significant strides attainablein ICS security through:
• Personnel training• Incident response• Defined “BYOD” policies
12
Configuration Management
Industry struggles with basevulnerability assessment andchange management.• Automated reporting on
component and system levelconfiguration.
• Operators and Suppliers workingto define lifecycle managementpolicies, ability to support testingand provision of developmentenvironments.
Industry struggles with basevulnerability assessment andchange management.• Automated reporting on
component and system levelconfiguration.
• Operators and Suppliers workingto define lifecycle managementpolicies, ability to support testingand provision of developmentenvironments.
13
Conclusion
14
“There's an old saying about those who forgethistory. I don't remember it, but it's good.”
― Stephen Colbert
Conclusion
Seek tounderstand the
process
Acknowledgethe asymmetry
of risk in
Study thecultural shift asexperienced in
otherindustries
Transforming and Securing Data
From Bitsand Bytes…
…To a key part ofAT&T’s Value Chain
Growing Security Concerns2013, Forrester asked IT decision makers…What challenges, if any, does your firm face whendeveloping and managing smartphone/tabletapplications and devices?
56%Securing theapps and data
61%Plan to Implementor Expand MobileSolutions
Mobile Security Is a Priority overNext 12 Mos.?
Forrsights Mobility Survey, Q2 2013, Forrester Research, Inc.Forrsights Mobile Survey Q2 2013- Base 2,258 global IT decision-makers
40%
54%
56%
Managing devices thatare both for personal
and corporate use
Providingdevice security
Securing theapps and data
61%Plan to Implementor Expand MobileSolutions
70%Update securitytechnology andprocesses tosupport mobile
Security is a Top Priority for BusinessesAT&T DDoS Mitigations
2011 2012 2013
Increase in DDOS attacksin the last 2 yearsTen-Fold
614%Mobile malware increaseMarch ’12 to March ’13Juniper Networks Mobile Threats Report 2013
MobileSecurity
Securing a mobile workforce- BYOD
CloudSecurity
Protecting sensitive dataand Cloud transactions
614%Mobile malware increaseMarch ’12 to March ’13Juniper Networks Mobile Threats Report 2013
Mobile Attacks Top the List of 2013Security Threats
Cost of managing cyber security breach:ranges from $1.4 million to $46 million/year(56 businesses studied)
How AT&T can help securing your Apps and Data..
Network EnabledUtilizing the network for robustvisibility and control
Highly SecureMobile Business
End to end security for mobile devices,network, and apps
Highly SecureMobile Business
End to end security for mobile devices,network, and apps
Cloud based solutionsScalable, flexible security servicesbuilt in the Cloud
Threat ManagementComprehensive threat detection,response, and mitigation
MultipleOperatingSystems
VaryingDevices
EmployeeRequests andDemandsApplication
Explosion
Mobility Forces Impacting Organizations
22% workers useFile Share/Synch
905M tabletsby 2017
29% workforceAnytime, Anywhere
Sources: Forrester, Mobile Workforce Adoption Trends, February 4, 2013Forrester, Five Seismic Forces Reshuffle the Workforce Vendor Ecosystem, May 10, 2013
MultipleOperatingSystems
VaryingDevices
Device Security Application Security
Security Event &Threat Analysis
Mobile Device Managementmanages the entire DEVICE- Ideal for company-owneddevices
Mobile App Managementmanages the APPLICATION
Device Security Application Security
• Application Lock• Wipe Application• Separate personal and
business data
• Full Device Lock• Wipe full Device• Device VPN
Enables Security & PolicyManagementComplete Visibility into MobileInventory
Secure Content Distribution &Management
Visibility into Applications on device
• Application Lock• Wipe Application• Separate personal and
business data
• Full Device Lock• Wipe full Device• Device VPN
Complementaryor Standalone
Solutions
Security Event & Threat Analysis
Unparalleled Data Collection Robust Analytics Expert Response & Mitigation
NetworkServerApplicationCustomerIndustryClassified Signatures
10
• 265 Billion flow records processedeach day
• 6.5 Trillion packets/day• 4.4 PetaBytes/day
NetworkServerApplicationCustomerIndustryClassified Signatures
• Daytona Data Mining System• Patented analytic capabilities• Malicious Entity DB (MED) with
1.2M threat signatures• 100s of Millions of events
translated to 100s of alerts daily
• 7x24 redundant SOCs• Over 500 Analysts & Ops SME’s• Tightly integrated with GNOC and
Government SOAC• Reports via BusinessDirect and
Customer Portal