1 / 45

Comprehensive Cyber Security Architecture for Compliance Auditors

Learn about the essentials of cyber security architecture and compliance in the context of the modern grid. Explore the evolution of NERC CIP standards and how to secure the Bulk Electric System effectively.

guerra
Download Presentation

Comprehensive Cyber Security Architecture for Compliance Auditors

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comprehensive Cyber Security Architecture Thomas (Tom) Williams Compliance Auditor – Cyber Security WECC Reliability & Security Workshop San Diego, CA – October 23–24, 2018 Western Electricity Coordinating Council

  2. Comprehensive Cyber Security Architecture Learning Scope Western Electricity Coordinating Council

  3. North American Electric Reliability Corporation Federal Energy Regulatory Commission Western Electricity Coordinating Council Critical Infrastructure Protection Electric Power Act Federal Power Act Compliance & Regulatory Context NERC FERC WECC CIP EPAct FPA Western Electricity Coordinating Council

  4. Western Electricity Coordinating Council

  5. Approved by industry and on FERC’s desk

  6. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda How does Cyber Security Architecture help us secure the Bulk Electric System? Western Electricity Coordinating Council

  7. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  8. What is IT Enterprise Architecture? • ISO/IEC/IEEE 42010:2011 The fundamental concepts or properties of a system in its environment embodied in its elements, relationships, andin the principles of its design and evolution • TOGAF The structure of components, their inter-relationships, and the principles and guidelines governing their design and evolution • Gartner Enterprise architecture is the process of translating business vision and strategy into effective enterprise change by creating, communicating, and improving the key principles and models that describe the enterprise's future state and enable its evolution IT Enterprise Architecture Western Electricity Coordinating Council

  9. Cyber Security Architecture is a discipline within Security Architecture and Enterprise Architecture The architecture should include a compliance framework • ISO/IEC 27001 Information Security Management System An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes, and IT systems by applying a risk management process. It can help small, medium, and large businesses in any sector keep information assets secure • CIP-003-6 – Security Management Controls To specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES) Cyber Security Architecture This is our overarching security objective Western Electricity Coordinating Council

  10. National Institute of Standards and Technology SP 800-160 — Systems Security Engineering Volume 1 Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems Defines security architecture Volume 2 Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems Complements Volume 1 “to support organizations that require cyber resiliency as a property or characteristic of their systems” Security Architecture Western Electricity Coordinating Council

  11. What is missing from this definition? Security Architecture – SP 800-160 v1 Western Electricity Coordinating Council

  12. Cyber Security Architecture A systematic enterprise structure of cyber security components, principles, processes, and people designed meet compliance objectives and support continuous risk mitigation • An electronic fortification that forms an effective foundation for compliance • Useless without supporting policies and practices • Enforces trust models • Multidisciplinary • Aligns security and business strategy • Supports strategic portfolio management CIP-005 CIP-007 CIP-010 CIP-012

  13. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda What are we protecting? Western Electricity Coordinating Council

  14. Security Posture Attack Surface Anti-Predator Adaptation Network Perimeters Zero-Trust Model Essential Concepts We are protecting systems against compromise that could lead to misoperation or instability in the Bulk Electric System Western Electricity Coordinating Council

  15. Refers to the overall health and strength of an organization’s security and compliance programs Implies defense in depth, holism, and interdependence Defeated by silos Incorporates every aspect of the supply chain, including disposal Security Posture Systems should be viewed as a whole, not as a collection of parts Western Electricity Coordinating Council

  16. BOO! COMPLIANCE IS SCARY BUSINESS!

  17. Attack Surface refers to the number of points or vectors which an attacker could compromise or exploit (network, software, or physical) • Goal: as few attack vectors as possible • Example of attack vector: an open port/service • Focus on network boundaries / trust zones • Types of network boundaries: • Narrow and deep • Wide and shallow Attack Surface Which type aligns with the defense-in-depth principle? Western Electricity Coordinating Council

  18. NARROW AND DEEP 2722 FT Empire State Building 1250 FT Warner Point, Black Canyon of the Gunnison National Park

  19. Narrow and Deep Small Attack Surface

  20. NET CA US COM ORG MIL GOV EDU JP CN TW AU DE UK IT PL FR BR KR NL UNKNOWN • Partial map of the internet in 2005 • Lines connect two nodes / IP addresses • Based on 30% of Class C networks

  21. We can apply principles of evolutionary adaption against cyber predators • Avoiding detection • Cloaking • Reducing attack surface • Mimicking choice targets • Deception technologies • Honeypots/honeynets • Attacking back Anti-Predator Adaptation Western Electricity Coordinating Council

  22. A network boundary (perimeter or edge) defines a security or trust zone Trust zone implies permissionsand protections This concept enters the CIP standards as Electronic Security Perimeter (ESP) Industry is evolving toward virtualization and micro-perimeters Network Boundary Western Electricity Coordinating Council

  23. Zero Trust refers to a state in which an identity or process on a network has zero permissions by default; all permissions must be granted Principles of a Zero-Trust Model • Verify before trust • Provide access based on need to know • Inspect and log “interesting” network traffic • Secure access regardless of location • Establish the smallest possible attack surface • Proxy as close to the client as possible • Design the network for scalable segmentation from the inside to the outside Zero Trust Western Electricity Coordinating Council

  24. A highly distributed and automated utility network will require more advanced cyber security architecture • Immunity to service denial and fuzzing • Pre-authenticated whitelisted “Things” • Continuously learning anomaly detection • Diverse encrypted software-defined networks • Non-repudiation of message delivery and receipt Advanced Concepts The absence of “digital doubt” for SCADA signals Protection against false denial of having sent or received information Western Electricity Coordinating Council

  25. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  26. The Ridiculous Western Electricity Coordinating Council

  27. The Unthinkable Western Electricity Coordinating Council

  28. The Right Direction Western Electricity Coordinating Council

  29. Not Bad, But Does Not Scale Well Big Attack Surface Western Electricity Coordinating Council

  30. Optimal (Or Close) Western Electricity Coordinating Council

  31. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  32. The modern grid • Digital • Real-time assessment and response • Geo-diverse data centers Telecommunications • Software-defined networks • Network isolation at multiple layers • Roaming identity edge Real challenges • Standardization lags technical innovation • The pace of technical innovation is increasing • How can standards adapt to technical innovation? Trends • Managed Security Services • Cloud and virtualization • Machine learning Challenges of the Modern Grid OPPORTUNITIES • More • Digital • Precise • Distributed • Automated • Less • Analog • Forgiving • Centralized • Supervised Western Electricity Coordinating Council

  33. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  34. How to create silos • Don't share bad news • Don't reward sharing knowledge • Share knowledge only with your peers • Reinvent the wheel • Don't challenge your mental models • Hoard knowledge • Trivialize knowledge acquisition • Tribalize knowledge • Politicize the workplace • Tolerate a culture of misattribution • Marginalize taciturn people • Don't care for or feed your data sources • Assume others learn in the same way you do Silos By Zelenazaba - Own workCC BY-SA 4.0 https://commons.wikimedia.org/w/index.php?curid=36483382 Western Electricity Coordinating Council

  35. Types of Silos • Vertical (functional) • Horizontal (organizational) Compliance Must • Be associative and collaborative • Reach across functional and organizational boundaries • Leverage “dotted lines”

  36. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid Compliance • Cuts across silos of expertise • Implies collaboration Adaptive Cyber Security Architecture Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  37. The Psychology of Information, or Why We Don’t Share Stuff Posted on September 19, 2005, by Dave Pollard http://howtosavetheworld.ca/2005/09/19/the-psychology-of-information-or-why-we-dont-share-stuff/

  38. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid • Compliance • Cuts across silos of expertise • Implies collaboration • Adaptive Cyber Security Architecture • Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  39. Architectural principle of creative destruction • Creating business and compliance value through innovation inevitably destroys standard methods • Unadaptive architectures cause “stranded risk” • Standardization lags innovation • Technology evolves faster than standards • This increases compliance risk • Paradox: a highly cyber-secure technology solution can break customary compliance and audit approaches • Debate: prescriptive vs non-prescriptive standards Adaptive Security Architecture Western Electricity Coordinating Council

  40. Cyber Security Architecture • Definition • Essential concepts • Security architectures: from ridiculous to optimal • Challenges of the modern grid • Compliance • Cuts across silos of expertise • Implies collaboration • Adaptive Cyber Security Architecture • Evolution of the NERC CIP standards Agenda Western Electricity Coordinating Council

  41. Does your organization have a security architecture practice? • Are there any security technologies that you are reluctant to implement because you think they would increase compliance risk? • Trends • Virtualization • System-Centric Approach • Managed Security Services • Cloud The NERC CIP Standards Are Evolving Western Electricity Coordinating Council

  42. Characteristics of a comprehensive Cyber Security Architecture • Collaborative to increase compliance value • Adaptive to decrease compliance risk • NERC CIP Standards need to adapt to the rapid pace of technical change • Big trends such as virtualization are driving a more system-centric approach to compliance Review Western Electricity Coordinating Council

More Related