Cyber sec round-up

CERT/CEI threat models ‘too optimistic.’ OSIsoft on securing PI. LR and Petras. More cyber help from Honeywell, Leidos, Schneider, Claroty, Waterfall, Siemens. Deloitte on how not to do it.

Lots of recent activity sets out to secure industrial control systems (ICS) and the ‘internet of things’ (IoT). Why? Best read the 120 page CERT/CEI report on Coordinated Vulnerability Disclosure which states that ‘we have observed that overly optimistic threat models are de rigueur among IoT products. Many IoT products are developed with what can only be described as naïve threat models that drastically underestimate the hostility of the environments into which the product will be deployed.’ Ouch!

Recent Ponemon Institute research on the state of cybersecurity in the US oil and gas industry found that cybersecurity measures ‘are not keeping pace with the growth of digitalization in oil and gas operations.’ 61% reported that their organization’s industrial control systems protection and security is ‘not adequate.’

When you are through with CERT and supposing you have a PI System deployed then you will likely want to review a recent presentation from Harry Paul, Cyber Security Advisor at OSIsoft titled, ‘How secure are your PI Systems? A primer for PI System security baselining.’

Lloyds Register is also interesting itself in ‘safety and security’ in the IoT and, through its LR Foundation, is supporting Petras, a £10 million multi-industry consortium investigating ICS threats, block chain applications for resilience in the smart energy sector, using the IoT ‘to understand dynamic risks’ and mitigating botnet attacks.

Honeywell observes that ‘those little connectors can cause big cybersecurity trouble at plants’ and has introduced the Secure Media Exchange. Users check a USB thumb drive by plugging it into an SMX Intelligence Gateway to analyze and secure the entire drive or specific files. SMX also runs in the background on the network to control and log USB device connections. Elsewhere, Honeywell and the Singapore Economic Development Board have established a new industrial cyber security center of excellence for Asia Pacific in Singapore.

A six page white paper from Leidos proffers advice on ‘proactive detection of advanced persistent threats’ and introduces the Cyber Kill Chain. The CKC looks at cyber security from the adversarial standpoint and models the actions they take to achieve a breach. CKC analysis is represented as a threat campaign heat map, a high-level view of a potential hack. A corresponding mitigation scorecard helps an organization assess its internal security posture against specific threats.

Schneider Electric has teamed with ICS security boutique Claroty to address safety and cybersecurity challenges for the world’s industrial infrastructure. Claroty’s real-time OT/ICS network monitoring and detection solution are now available to users of Schneider’s EcoStruxure IoT-enabled, open and interoperable system architecture.

Atos has launched a ‘prescriptive’ security operations center (SOC) to leverage big data and analytics to ‘predict security threats before they occur.’ Detection and neutralization time is improved significantly compared to existing solutions. The SOC runs on the Atos data lake appliance and embeds McAfee’s Open data exchange layer (Open-DXL) and Threat defense life cycle technologies.

Waterfall Security Solutions has partnered with FireEye to integrate the FireEye cloud-based Threat analytics platform with industrial networks using Waterfall’s unidirectional CloudConnect. Customers can monitor and protect their ICS networks using FireEye’s cloud-based Helix service.

Siemens has teamed with PAS Global on a strategic ICS cybersecurity offering. The partnership promises deep analytics to identify and inventory proprietary assets and to detect and respond to attacks across the operating environment. The offering targets utilities and oil and gas, sectors that regularly confront ‘sophisticated, persistent and aggressive’ cyber threats to their operational environments.

A final salutary tale from the hapless Deloitte whose own system was breached recently. The Guardian reported that emails between Deloitte’s 244,000 staff stored in the Microsoft Azure cloud were compromised and client information obtained. In 2012, Deloitte was ranked the ‘best cybersecurity consultant in the world.’ Ouch again!

Click here to comment on this article

Click here to view this article in context on a desktop

© Oil IT Journal - all rights reserved.