Embed Size (px)
Citation preview
Cybersecurity Strategy – Active Defense
Presented by: Jeff PackCIGRE Grid of the Future ConferenceOctober 23, 2017
2
Agenda
History
Threats Change
Strategic Shift
Situational Awareness
Action Plan
Summary
3
History – Risk Management
NIST Special Publication 800-39
How long does this cycle take?We need to account for the modern threat model.
4
Threats Change
Dragos, Inc.
Symantec CorporationICS is becoming a major targetWe need to spend resources on the right things
5
ICS• Specialized devices Powerful general hardware• Digital Relay Multi-function Protective Devices• Serial Ethernet
Strategy Shift – Active Defense
6
World defined by software• Dedicated devices Virtualization• Analog CT/PT Digital merging
units
Strategy Shift – Active Defense
7
Cybersecurity controls evolve• Network Monitoring Self-
defending IED and Anomaly Detection
• Authentication IED challenge-response
Strategy Shift – Active Defense
8
Situational Awareness
Operational devices and data• Point boundaries• Physical characteristics
Analytics• Leverage existing analytical
tools with virtual processing and storage
• Add NSM and SIEM enhancements
• Explore predictive analytics
Courtesy BARCO
9
Update threat assessment• E-ISAC, othersUpdate risk assessment• Consider dynamic change and third-party reviewPrioritize funding and resourcesCommunicate direction to staff• Utilize change management conceptsReview guidance documents
Action Plan
10
Summary
Dynamic threats - need to adapt quicklyActive Defense• Use intelligent edge devices to protect themselvesSituational Awareness• Include operational data and consider analyticsDevelop an action plan to adopt active defense
