*NSTAC Report to the President on the Internet of Things.

Similar documents
Towards Trustworthy Internet of Things for Mission-Critical Applications. Arjmand Samuel, Ph.D. Microsoft Azure - Internet of Things

USING DEVICE LIFECYCLE MANAGEMENT TO FUTURE PROOF YOUR IOT DEPLOYMENT

Threat Modeling for System Builders and System Breakers!! Dan Copyright 2014 Denim Group - All Rights Reserved

Windows 10 IoT Core Azure Connectivity and Security

Application Security Design Principles. What do you need to know?

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Achieving End-to-End Security in the Internet of Things (IoT)

Secure Development Lifecycle

Comodo Certificate Manager

IoT Edge within the IoT Framework

Cisco Connected Factory Accelerator Bundles

German OWASP Day 2016 CarIT Security: Facing Information Security Threats. Tobias Millauer

Cybersmart Buildings: Securing Your Investments in Connectivity and Automation

Teradata and Protegrity High-Value Protection for High-Value Data

Innovation policy for Industry 4.0

Monitoring and Managing IIoT Security

Securing Your Microsoft Azure Virtual Networks

Internet of Things (IOT) What It Is and How It Will Impact State Pools

Technical Brief Distributed Trusted Computing

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

CYBERSMART BUILDINGS. Securing Your Investments in Connectivity and Automation

Securing Devices in the Internet of Things

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Welcome to the Second Annual Intelligence & National Security Forum

SECURING DEVICES IN THE INTERNET OF THINGS

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Analysis of OpenFlow Networks.

Firewalls (IDS and IPS) MIS 5214 Week 6

Aviation & Airspace Solutions MODERNIZING SYSTEMS TRANSFORMING OPERATIONS DELIVERING PERFORMANCE

RiskSense Attack Surface Validation for IoT Systems

CSWAE Certified Secure Web Application Engineer

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Whiteboard Hacking / Hands-on Threat Modeling. Introduction

Securing Your Most Sensitive Data

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

Strong Security Elements for IoT Manufacturing

IPMA State of Washington. Disaster Recovery in. State and Local. Governments

How Threat Modeling Can Improve Your IAM Solution

Threat Modeling OWASP. The OWASP Foundation Martin Knobloch OWASP NL Chapter Board

Using and Customizing Microsoft Threat Modeling Tool 2016

SECURING DEVICES IN THE INTERNET OF THINGS

IDACCS Wireless Integrity protection in a smart grid environment for wireless access of smart meters

Building a Better Mousetrap:

Securing Your Amazon Web Services Virtual Networks

The Future of Industrial Control Systems Security

AKAMAI CLOUD SECURITY SOLUTIONS

Solution Overview Vectored Event Grid Architecture for Real-Time Intelligent Event Management

Security Considerations for Cloud Readiness

Verasys Enterprise Security and IT Guide

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Building Trust in the Internet of Things

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices

Launch Smart Products With End-to-End Solutions You & Your Customers Can Trust

The Common Controls Framework BY ADOBE

THALES DATA THREAT REPORT

Unit Level Secure by Design Approach

NIST Revision 2: Guide to Industrial Control Systems (ICS) Security

Security Fundamentals for your Privileged Account Security Deployment

Safety & Cybersecurity of embedded softwares in product and process

SECURING THE CONNECTED ENTERPRISE.

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security

Building Resilience in a Digital Enterprise

Cyber Resilience: Developing a Shared Culture. Sponsor Guide

BUFFERZONE Advanced Endpoint Security

IANS Pragmatic Threat Modeling. Michael Pinch, IANS Faculty

EXABEAM HELPS PROTECT INFORMATION SYSTEMS

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

NIST Special Publication

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

CERT Secure Coding Initiative. Define security requirements. Model Threats 11/30/2010

CyberArk Privileged Threat Analytics

Case Study: Security Implementation for a Pharmaceutical Company

Mapping BeyondTrust Solutions to

Medigate and Palo Alto Networks Integration

COMPUTER NETWORK SECURITY

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Using Defense in Depth to Safely Present SCADA Data for Read-Only and Corporate Reporting. Rick Bryson

Layer Security White Paper

Compliance Brief: The National Institute of Standards and Technology (NIST) , for Federal Organizations

the SWIFT Customer Security

Development*Process*for*Secure* So2ware

Think You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help.

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Threat Modeling Using STRIDE

An Example of use the Threat Modeling Tool

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

MigrationWiz Security Overview

Data and AI LATAM 2018

Security and Architecture SUZANNE GRAHAM

Security enhancing CAN transceivers. Bernd Elend Principal Engineer March 8 th, 2017

Security

Transcription:

North Carolina Highway Signs Compromised By a Foreign Hacker* Penetration of a Water Treatment Facility by a Foreign Hacker* *NSTAC Report to the President on the Internet of Things. www.dhs.gov/sites/default/files/publications/

System of Systems Information Technology Operational Technology

Information Technology (IT) the application of computers and telecommunications equipment to store, retrieve, transmit and manipulate data* Mission of IT Design and maintain software, hardware and network resources which run securely and provide privacy How? Secure Development Lifecycle Secure Network Technologies Threat & Vulnerability Mitigation Monitoring and Alerting Software/Firmware Auto-Updates Privacy Models *en.wikipedia.org/wiki/information_technology

Operations Technology (OT) collects information and causes changes in the physical world through the direct monitoring and control of physical devices in industrial contexts Mission of OT Design and maintain machines which run reliably, and safely (do not cause injury or harm to other machines, humans, and the environment) How? Robust machines, with built-in safety features Automated monitoring and control Isolate and control cut off all interaction with the world Design to protect against natural and man-made disasters

System of Systems Information Technology Operational Technology

System of Systems Information Technology Specialists Hardware Device Specialist

Why is IoT vulnerable?

Many Industrial IoT deployments are brownfield Size and capital expense involved with building and retrofitting Brownfield industrial deployments Rely on physical security (remove all interaction with the outside world) Based on obscure or proprietary protocols and systems Most industrial IoT systems will be old and out of date - at greater risk of attacks Not always possible to rip-and-replace industrial machines to bring them up to modern security standards

Environment Threats Security Privacy Trustworthy IoT Reliability Safety Human Errors System faults

Partha: Remove the background pictures, need to move Trusted pillar in the place of connected and connected moves to the bottom. Slide 10 should become the next slide and should have a similar design as this slide with IoT Core. PRODUCTIVE Commercial OS platform that brings modern user experience to your things TRUSTED Trusted platform for cloudconnected devices WINDOWS 10 IOT CONNECTED Open platform that easily connects things, endpoints, and the cloud

Windows 10 IoT Enterprise Windows 10 Enterprise for IoT devices Windows 10 IoT Mobile Windows 10 Mobile for IoT devices Windows 10 IoT Core Windows 10 for small footprint IoT devices

Windows platform provides secure key handling Developers can easily build secure cloud applications for Windows IoT Service for Azure IoT Hub Connected

Security from the ground up Microsoft Cloud Largest online services in the world Centers of excellence Operational Security Assurance (OSA) process Security Development Lifecycle (SDL) azure.microsoft.com/documentation/articles/securing-iot-ground-up/

Azure IoT Suite Device Connectivity & Management Data Ingestion and Command & Control Stream Processing & Predictive Analytics Workflow Automation and Integration Dashboards and Visualization Preconfigured Solutions Remote Monitoring Predictive Maintenance

Connect and scale with efficiency Analyze and act on new data Integrate and transform business processes ----101010110101010001101000101 11---- --- 101 0110001010111-- Business Systems And more...

Defense in depth Securely connect millions of devices... Over a secure internet connection... To Microsoft Azure built with security from the ground up ---1010101101010101010110101110100100100010111---- ----1010101101010101010110101110100100100010111---- Device Security Connection Security Cloud Security

represents the use of multiple computer security techniques to help mitigate the risk of one component of the defense being compromised or circumvented* Each role is responsible for a layer of depth, and each layer has further layers of safeguards so as to build defense in depth *en.wikipedia.org/wiki/defence_in_depth#information_security

Roles IoT hardware manufacturer and integrator IoT solution developer IoT cloud and solution provider IoT solution deployer IoT solution operator

The STRIDE model Spoofing Identity Tampering with Data Repudiation Information Disclosure Element S T R I D E External entity Process Data Store Data Flow? Azure Services Zone Remote User Zone Denial of Service Trust Boundary Local Zone Device Zone Field Gateway Zone Cloud Gateway Zone Identity System User Elevation of Privilege User Local User Zone Device Field Gateway Cloud Gateway Front End Services Gateway Zone Backend Services Services Zone Data Federation Partners

Go to www.internetofyourthings.com Partners join the community: http://aka.ms/cepartnerform (select IoT) Follow Us! Blog : https://blogs.microsoft.com/iot/

IoT Site Azure.com Site Learn how to build in security from the ground up Gartner Predicts 2016: Security and the Internet of Things https://azure.microsoft.com/enus/documentation/articles/iot-hubsecurity-ground-up/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback