More Related Content Similar to Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill Similar to Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill (20) More from TheAnfieldGroup More from TheAnfieldGroup (8) Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill1. © AlertEnterprise Confidential Information 2012Slide 1
Eliminate Silos to Enhance Critical
Infrastructure Protection
Jasvir Gill,
Founder & CEO
AlertEnterprise, Inc.
3. © AlertEnterprise Confidential Information 2012Slide 3
AlertEnterprise Delivers a Unique Approach to Addressing
Critical Infrastructure and Key Resources
4. © AlertEnterprise Confidential Information 2012Slide 4
Did you know?
Cybersecurity threats
against Utilities have grown
dramatically making it the
#1 Priority for Utility
Executives in 2013.
(U) Key Findings
(U//FOUO) Disgruntled current and former utility-sector employees have
successfully used their insider knowledge to damage facilities and disrupt
site operations.
(U//FOUO) Outsiders have attempted to solicit utility-sector employees to
obtain specific information about utility infrastructure site operations and
facilities that could be useful in conducting physical and cyber attacks.
5. © AlertEnterprise Confidential Information 2012Slide 5
Threats
• Sensitive Asset Diversion
• Cyber Attacks – Critical Infrastructure
• Bio Terrorism (Food & Beverage)
• Drug Diversion (Pharmaceuticals)
• Theft (Retail, Airlines, Airports etc.)
• Disgruntled employees/contractors
Monitoring both Access and Behavior is a must
• Who has access to assets (physical, cyber..)
• Any suspicious behavior or activities
• Monitoring Privileged Users (guarding the guards)
Effective Response, Command and Control
• Situational Awareness, Incident Response
Complex/Blended Threats Span Across Many Industries
6. © AlertEnterprise Confidential Information 2012Slide 6
Traditional Security, Incident Management and
Response Hard to Scale, Things Get Missed
Geographically Dispersed assets/locations
• Guards with guns – not cost-effective
• Impossible to cover all locations
• Putting staff at risk
3 ring binders approach not effective
• Organized and State Sponsored Crime
• Too long to respond
Audit trail of incident management
• How incident was handled – learning tool
• Protection during emergency
• Monitoring First Responders
Leveraging investments in technology
• Existing security systems
• Existing IT/ERP systems, Physical Security Systems
8. © AlertEnterprise Confidential Information 2012Slide 8
Silos are Costly, Inefficient: Organizations Respond to Threats in
Silos - Attackers Don’t think that Way.
IT Resources
ERP
GRC
Directory
Services
Access
Management
Compliance Security
IT
Physical Access
Access
Management
Compliance Security
PHYSICAL
Control Systems
Access
Management
Compliance Security
SCADA
9. © AlertEnterprise Confidential Information 2012Slide 9
Bridge the gaps across silos to have a holistic Security Solution
and mitigate blended threats
IT Resources Physical Access Control Systems
GRC
Convergence Platform
Identity Risk and
Administration
Operational
Compliance
Situational Awareness
Incident Response
10. © AlertEnterprise Confidential Information 2012Slide 10
Unified View of Risk - Unify Logical, Physical and
Operational Access Requests in one Screen
11. © AlertEnterprise Confidential Information 2012Slide 11
Controlling Access to SCADA Operational Systems
OT/SCADA credential
management and user
provisioning
Active Policy
enforcement
Multi-vendor SCADA
and OT devices
supported
12. © AlertEnterprise Confidential Information 2012Slide 12
Operational Compliance – Automating NERC Compliance
Pre-loaded compliance framework
with current version of standards
13. © AlertEnterprise Confidential Information 2012Slide 13
Access Governance - Software checks work history, access
pattern, analyzes past behavior – returns a risk score
15. © AlertEnterprise Confidential Information 2012Slide 15
Smart Grid Security: Continuous Monitoring of Cyber and
Insider Threats to Smart Grid Operations
16. © AlertEnterprise Confidential Information 2012Slide 16
Customer Example: Smart Grid Security
(IT/OT convergence is a must - End Point Relay Attack Alerts)
18. © AlertEnterprise Confidential Information 2012Slide 18
Recognized by Gartner Research
Wall Street Journal, May 02, 2013
“The operational technology (OT) associated
with the “Internet of Things” ranges from
devices to monitor and control power, gas and
water systems to ones that monitor and control
advanced medical equipment and
manufacturing systems.”
“CIOs should ensure that security planning,
technology/services procurement, and
operations should be integrated and reflect a
common IT/OT security program’s vision and
mission.”
-Earl Perkins, Vice President, Gartner
Research, May 02, 2013
Gartner Magic Quadrant on Identity
and Access Governance, 17 Dec.
2012, Earl Perkins:
“Specific industry focus in energy
and utilities, transportation, and
other industries with OT security
requirements have provided
AlertEnterprise with early
momentum in the market.”
Winner – Most
Innovative HANA
Application
19. © AlertEnterprise Confidential Information 2012Slide 19
Jasvir Gill
Founder & CEO
AlertEnterprise, Inc.
Jasvir@AlertEnterprise.com
+1 510 798 9613
Mobile vCard
Editor's Notes So then, one of the complains the customers have was all the control risk repositories, libraries was too complicated for customers to understand, to configure. So we made it very powerful we made it very intuitive that any business person can understand- how the risk is defined, what kind of controls is it related to and again you know having English controls; English like risk libraries. And then doing all the heavy lifting by the software itself. So again hiding complexity and bringing in a lot more automation. Via the SCADA interface the application detects unauthorized disabling of 2-levels of protection by disabling protective relays at a generation facility. The application delivers a geo-spatial view delivering situational awareness. In this slide we can view that an alert has been received and the user can confirm and initiate the remedial action scripts workflow.