Cyber Hygiene and Awareness on a Practical Level

Transcription

1 Cyber Hygiene and Awareness on a Practical Level Presented by: Capt. Rohit Tandon from FML

2 The Story of Data Breach

3 We all know about the Cyber Risks Yet, we wait till an incident like this shakes us up, before we actually start taking any actions!!!!

4 Why Cyber Competence matters to us

5 Knowledge & Implementation Research shows that most attackers, regardless of their motives, funding or control, tend to operate in a certain pattern.

6 Knowledge & Implementation Following the Swiss Cheese model of security, allows us to reduce the risk to a great extent.

7 Risk to one, risk to all

8 Awareness: The 1st step to Cyber Competence!!! Security Procedures are always there, yet Cyber crimes happen It is essential to increase the awareness, by involving the people in making of procedures and then testing them for the same on regular basis.

9 Determination of Vulnerability

10 Determination of Vulnerability

11 The 4 corner stones of Cyber Hygiene

12 Behavioural Safety Making Cyber Hygiene a Routine 1. Identify and prioritize Key organizational services and products 2. Identify the risks to these services & Products 3. Establish an Incident Response Plan 4. Conduct activities to increase awareness 5. Establish Network Security and monitoring 6. Control access based on least privilege & maintain user access account 7. Manage technology changes 8. Implement controls to protect and recover data. 9. Perform Cyber threat & vulnerability monitoring

13 Developing Contingency Plans Knowing what to do in the case of disabling, or manipulation, of all types of electronic navigational equipment. Knowing what to do in the case of disabling, or manipulation, of industrial control systems for propulsion, auxiliary systems and other critical systems. Knowing how to verify that data is intact in cases where penetration is suspected but not confirmed. Procedures for handling ransom ware incidents.

14 Knowing your Response Plan As with a successful cyber incident itself, an effective response has four stages: 1. Identify the cyber security incident. 2. Define the objectives for response and investigate the situation. 3. Take appropriate action to address a cyber incident that effects systems and/or data and 4. Recover systems, data and connectivity.

15 Knowing your Response Plan The response plan should, as a minimum, include the following considerations: Which systems does this apply to? Should systems be shut down immediately or kept running? Should certain office/ ship communication links be shut down? Should certain pre-installed security system be activated? Who is the correct person in the IT department to contact immediately? In addition, what to do if communication links are severed?

16 Recovery Recovery plans should be accessible to all on board & ashore. Essential information and software backup facilities should be available to ensure recovery can take place following a cyber incident. Recovery of essential ship or system functions related to the safe operation and navigation of the ship may have to take place with assistance from ashore.

17 ISO (ISMS) A Roadmap for Cyber Competence IT Infrastructure Analysis Preliminary Gap Analysis Developing Response Plan Cyber security Policies & Audit Risk Analysis with Risk Mitigation Plan Simulated External/Internal Risk

18

19 IF WE LEARN FROM EACH SUCCESS, AND EACH FAILURE, AND IMPROVE OURSELVES THROUGH THIS PROCESS THEN, AT THE END, WE WILL HAVE FULFILLED OUR POTENTIAL AND PERFORM WELL. -Dr. Ferry Porsche

20