Embed Size (px)
Citation preview
1
Cybersecurity UpdateCybersecurity Update
Public Utilities Board
October 27, 2021
1
YesterdayYesterday
2
2
TodayToday
3
Field Staff
Data Center
Electric
Water
Telecommuters
Cloud ServicesData
DataData
Business Partners
Data DataData
ThreatsThreats
● Organized Crime Groups
● Nation States
● Black Hat
● Hactivists
● Insiders Gone Rogue
4
● Malware
● Ransomware
● Data Theft
● Denial of Service
● Phishing
Types of Attacks Bad Actors
3
Cyber AttacksCyber Attacks
5
Data BreachesRansomware
Energy / Water Breaches
Colonial Pipeline – Ransomware, Fuel pipeline shutdown
Oldsmar Water – Increased sodium hydroxide to dangerous levels
Supply Chain Hack
Police Dept.
Protecting APU & Customer DataProtecting APU & Customer Data
● Risk Management
● Defense In Depth ‐ Layering
● Least Privilege
● Privacy
● Zero Trust
6
Guiding Principles
4
NIST Cybersecurity FrameworkNIST Cybersecurity Framework
7
800-53
National Institute of Standards & Technology
Billing / Customer
Info
Meter Data
Work & Asset Mgt
All other City Department Systems
Customers
Cloud Services
Business Partners
City Network EnvironmentCity Network Environment
8
Remote City Employees
5
How We Protect APU & DataHow We Protect APU & Data
● Physical Security◌ Badges, Doors, Locks,
◌ Guards, Cameras
● Firewalls
● Email Filtering
● Website Filtering
9
● User Access Controls
● Network Permissions
● End‐point Security
● Encryption
● Operating System Patching
● Vulnerability Scanning
Technical Controls
How We Protect APU & DataHow We Protect APU & Data
● Policies & Procedures◌ Technology Use
◌ Passwords
◌ Customer Data Access
◌ Third‐Party Agreements / NDAs
◌ Change Management
● Cybersecurity Plan
● Security Assessments
10
● Awareness and Training
● Cyber Liability Insurance
● Industry Information Sharing
Administrative Controls
6
Recent ImprovementsRecent Improvements
● 24/7 Security Operations Center (SOC)
● Security Information & Event Management (SIEM)
● Next Generation Firewalls
● Malicious Domain Blocking
● Email Link Protection / External Alert
● Remote Access Control
● Laptop Hard Drive Encryption
● Water Reclamation Facility SCADA Network
● New Backup Solution with Immutable Storage
11
Current InitiativesCurrent Initiatives
● System Upgrades (Middleware, Meter Data Management, …)
● IVR Payment Processing (migrate to Cloud)
● Cybersecurity Incident Response Plan Update
● Water Network and Camera Upgrade
● Social Engineering (Phishing) Assessment
12
7
The FutureThe Future
● Continuous and Incremental Improvements
● System Upgrades◌ Customer Information / Web Portal
◌ Work and Asset Management
◌ Advanced Meter Infrastructure, …
● Zero Trust Architecture
● Multi‐Factor Authentication
● City WiFi Improvements
● Selective Cloud Services
13
Cloud Security ResponsibilityCloud Security Responsibility
14
XaaS <X> “as a Service”• IaaS = Infrastructure• PaaS = Platform• SaaS = Software
DataData
Application/DatabaseApplication/Database
Operating SystemOperating System
Servers, VirtualizationServers, Virtualization
Compute, Network, StorageCompute, Network, Storage
Physical FacilityPhysical Facility
MiddlewareMiddleware
Anah
eim
On Premises IaaS PaaS SaaS
Cloud Provider
Anah
eim
Cloud Provider
Anah
eim
Cloud Provider
A
Types of Cloud Services
8
Security is a Journey, not a Destination
Thank you
Security is a Journey, not a Destination
Thank you
15
