Cybersecurity for BROADCASTERS David Meltzer CTO, Tripwire
WHAT HAPPENS WHEN WE ADOPT IP? IT INDUSTRIAL
“UNIQUE CHALLENGES” OF INDUSTRIAL CONTROL SYSTEMS PROPRIETARY PROTOCOLS MOVING TO IP LONG LIFESPANS HIGH AVAILABILITY LATENCY SENSITIVE
4
SECURITY IS NOT WORKING EXAMPLE: PHISHING dmeltzer@tripwire.com
IT VULNERABILITIES 80000 70000 60000 50000 40000 30000 20000 10000 0 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
ICS VULNERABILITIES 1600 1400 1200 1000 800 600 400 200 0 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
ATTACKER SOPHISTICATION VS. INSIDER KNOWLEDGE
STUXNET
High
ICS Attack PoC Code
Spoofing Sniffing Password Cracking
SHODAN
NA ONG Cyber
1995
HAVEX Dragonfly
SCADA Enumeration
DOS App-specific Malware Automated Probes
Insider Knowledge
Low 1990
Attack Sophistication
2000
2005
2010
2015 Source: ICS-CERT
INDUSTRIAL CYBERSECURITY VS. BROADCAST OPERATIONS SECURITY
60 CATEGORIES OF SECURITY CONTROLS Security Landscape
IAM
Network
Endpoint
Messaging
Web
SVM
Cloud
Other
Industrial
STAP
Services
Provisioning
Firewall
Anti-Malware
Anti-Malware
URL Filtering
SIEM
CASB
Mobile
Network
Endpoint
Consulting
Advanced Auth
UTM
Server Security
Anti-Spam
Anti-Malware
GRC
Other
Encryption
System
Boundary
Training
SSO
IDS/IPS
Endpoint Suites
Content Filtering
WAF
UBA
Database
IOT
Network Analysis
MSSP
Legacy Auth
VPN
Access Protection
Collaboration
Web Services
FII
Storage
SI
Policy Compliance
DLP
Resellers
SDSM
DDOS Defense
Device VA
Threat Intelligence
App Scanners
Honeypots
PAM
PERM
APPROACHING SECURITY
SECURITY FRAMEWORKS
NIST CyberSecurity Framework ISO/IEC 27001/27002:2013 CIS Critical Security Controls COBIT FFIEC COSO HITRUST CSF ISA 99 / IEC 62443
APPROACHING SECURITY
MOVE UP THE SUPPLY CHAIN
APPROACHING SECURITY DO THE FUNDAMENTALS RIGHT CONTINUOUS IMPROVEMENT
Thank You
tripwire.com
|
@TripwireInc