Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill

© AlertEnterprise Confidential Information 2012Slide 1

Eliminate Silos to Enhance Critical Infrastructure Protection

Jasvir Gill,Founder & CEOAlertEnterprise, Inc.


The “Fire Sale” Is Not Fiction Anymore


AlertEnterprise Delivers a Unique Approach to Addressing Critical Infrastructure and Key Resources


Did you know?

Cybersecurity threats against Utilities have grown dramatically making it the #1 Priority for Utility Executives in 2013.

(U) Key Findings(U//FOUO) Disgruntled current and former utility-sector employees havesuccessfully used their insider knowledge to damage facilities and disrupt site operations.

(U//FOUO) Outsiders have attempted to solicit utility-sector employees to obtain specific information about utility infrastructure site operations and facilities that could be useful in conducting physical and cyber attacks.


Threats • Sensitive Asset Diversion

• Cyber Attacks – Critical Infrastructure

• Bio Terrorism (Food & Beverage)

• Drug Diversion (Pharmaceuticals)

• Theft (Retail, Airlines, Airports etc.)

• Disgruntled employees/contractors

Monitoring both Access and Behavior is a must• Who has access to assets (physical, cyber..)

• Any suspicious behavior or activities

• Monitoring Privileged Users (guarding the guards)

Effective Response, Command and Control• Situational Awareness, Incident Response

Complex/Blended Threats Span Across Many Industries


Traditional Security, Incident Management and Response Hard to Scale, Things Get Missed

Geographically Dispersed assets/locations• Guards with guns – not cost-effective

• Impossible to cover all locations

• Putting staff at risk

3 ring binders approach not effective• Organized and State Sponsored Crime

• Too long to respond

Audit trail of incident management• How incident was handled – learning tool

• Protection during emergency

• Monitoring First Responders

Leveraging investments in technology • Existing security systems

• Existing IT/ERP systems, Physical Security Systems

http://www.google.com/url?sa=i&rct=j&q=Rail+Switching+and+Control+Systems&source=images&cd=&cad=rja&docid=Mgv42qmGioXo0M&tbnid=gAyKGHtLIx9TQM:&ved=0CAUQjRw&url=http://www.mta.info/news/stories/?story=137&ei=1TJfUYyaGuK3iwLytIDADw&bvm=bv.44770516,d.cGE&psig=AFQjCNHHLH8dYmpC60BgCve8mgnc3bXBtA&ust=1365279806369584

http://www.google.com/url?sa=i&rct=j&q=ge+diesel+Accella&source=images&cd=&docid=fudOwNMFD03tbM&tbnid=P-Mw0KZ-U2j7JM:&ved=0CAUQjRw&url=http://dc.streetsblog.org/2010/04/08/amtrak-on-pace-to-break-annual-ridership-record/&ei=1TFfUbmvIYXliAKr8IHoDw&bvm=bv.44770516,d.cGE&psig=AFQjCNGEwd2qX4SgPll_aX6ZX5OnXb9ROA&ust=1365279554674622


Main Root Cause: Silos (No one has the Big Picture…)


Silos are Costly, Inefficient: Organizations Respond to Threats in Silos - Attackers Don’t think that Way.

IT Resources

ERP

GRCDirectoryServices

AccessManagement

Compliance Security

IT

Physical Access

AccessManagement

Compliance Security

PHYSICAL

Control Systems

AccessManagement

Compliance Security

SCADA


Bridge the gaps across silos to have a holistic Security Solution and mitigate blended threats

IT Resources Physical Access Control Systems

GRC

Convergence Platform

Identity Risk and Administration

Operational Compliance

Situational AwarenessIncident Response


Unified View of Risk - Unify Logical, Physical and Operational Access Requests in one Screen


Controlling Access to SCADA Operational Systems

OT/SCADA credential management and user provisioning

Active Policy enforcement

Multi-vendor SCADA and OT devices supported


Operational Compliance – Automating NERC Compliance

Pre-loaded compliance framework with current version of standards


Access Governance - Software checks work history, access pattern, analyzes past behavior – returns a risk score


Substation and Control Room Monitoring


Smart Grid Security: Continuous Monitoring of Cyber and Insider Threats to Smart Grid Operations


Customer Example: Smart Grid Security (IT/OT convergence is a must - End Point Relay Attack Alerts)


Key to success: Embed Intelligence (retiring workforce)


Recognized by Gartner ResearchWall Street Journal, May 02, 2013

“The operational technology (OT) associated with the “Internet of Things” ranges from devices to monitor and control power, gas and water systems to ones that monitor and control advanced medical equipment and manufacturing systems.”

“CIOs should ensure that security planning, technology/services procurement, and operations should be integrated and reflect a common IT/OT security program’s vision and mission.”

-Earl Perkins, Vice President, Gartner Research, May 02, 2013

Gartner Magic Quadrant on Identity and Access Governance, 17 Dec. 2012, Earl Perkins:

“Specific industry focus in energy and utilities, transportation, and other industries with OT security requirements have provided AlertEnterprise with early momentum in the market.”

Winner – Most Innovative HANA

Application

http://www.google.com/url?sa=i&rct=j&q=gartner+logo&source=images&cd=&cad=rja&docid=64E14toDs0C2IM&tbnid=DaCYxd0bgqPL3M:&ved=0CAUQjRw&url=http://www.gartnerinfo.com/remove/&ei=ABGEUevuK4iVjALCx4D4BA&bvm=bv.45960087,d.cGE&psig=AFQjCNE4Dcowniy3FLCiZyhfguGtJpxh2Q&ust=1367695992207504


Jasvir GillFounder & CEOAlertEnterprise, Inc.

[email protected]

+1 510 798 9613

Mobile vCard

mailto:[email protected]

Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill

Technology

Transcript of Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill