Cyber Security Strategy and Roadmap Template
Cyber Security Strategy and Roadmap Template
by Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security
1 CYBER SECURITY STRATEGY OVERVIEW
The current power grid consists of both legacy and next generation technologies. These new components operate in conjunction with legacy equipment that may be several decades old and provide no cyber security controls. In addition, industrial control systems/supervisory control and data acquisition (ICS/SCADA) systems were originally isolated from the outside world. Sensors would monitor equipment and provide that information to a control room center. As networking technology has advanced and become more accessible, utilities have made decisions to integrate systems. This integration is necessary to take advantage of the new technology that is being deployed.
To adequately address potential threats and vulnerabilities, and develop an effective cyber security strategy, the utility needs to have a current architecture that includes the system assets, communication links, and connections to external systems. Knowing the system boundaries and the assets that are within the boundary may be used to determine what needs to be protected. Currently, with the increase in wireless communications and the connection of Industrial Internet of Things (IIoT) devices, the overall attack surface has increased.
A cyber security strategy includes an integrated strategy to reduce cyber risks by addressing high-priority objectives and activities that will be pursued over the next few years to reduce the risk of energy disruptions due to cyber incidents. Because of the constantly changing threat and technology environments related to the digital infrastructure, the typical time frame for the activities in the strategy is one to three or five years.
In addressing cyber security, achieving 100% security of all systems against all threats is not possible. The number of resources (including funds, staff, and technology) are limited and all systems cannot and should not be protected in the same manner. Risk-based methods should be used to make decisions and prioritize activities. Because threats will not diminish, energy delivery systems must be designed and operated so they can continue to perform critical functions during and after an attack. Finally, cyber security features should not interfere with the energy delivery functions of the devices and components they are meant to protect.
The purpose of this document is to specify a cybersecurity strategy and roadmap template that may be used by utilities. This document is NOT an attempt to develop new guidance but rather document the diverse existing guidance that is available to the electric sector.
Cyber Security Risk Management and Risk Assessment Methodology Template
Cyber Security Risk Management and Risk Assessment Methodology Template
by Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security
1 Risk Management Overview
The current power grid consists of both legacy and next generation technologies. These new components operate in conjunction with legacy equipment that may be several decades old and provide no cyber security controls. In addition, industrial control systems/supervisory control and data acquisition (ICS/SCADA) systems were originally isolated from the outside world. Sensors would monitor equipment and provide that information to a control room center. As networking technology has advanced and become more accessible, organizations have made decisions to integrate systems. This integration is necessary to take advantage of the new technology that is being deployed. With the increase in the use of digital devices and more advanced communications and information technology (IT), the overall attack surface has increased.
Cyber security must address deliberate attacks launched by disgruntled employees and nation states as well as non-malicious cyber security events such as user errors. Because organizations, including utilities, do not have unlimited resources such as personnel and funds, cyber security must be prioritized with the other components of enterprise risk. Risk is the potential for an unwanted impact resulting from an event. Cyber security risk is one component of enterprise risk management, which addresses many types of risk (e.g., financial, mission, public perception).
In addition, to adequately address potential threats and vulnerabilities, cyber security must be included in all phases of the system development life cycle, from the design phase through implementation, operations and maintenance, and disposition/sunset. Cyber security must be constantly assessed and revised to address evolving threats, vulnerabilities, and security incidents.
The purpose of this document is to specify a risk management and risk assessment template that may be used by utilities. This also includes the selection and tailoring of cyber security requirements and measures/controls. This document is NOT an attempt to develop new guidance but rather document the diverse existing guidance that is applicable to the electric sector.
Industrial Control Systems Cybersecurity Strategy, A New Approach
Industrial Control Systems Cybersecurity Strategy, A New Approach
by Annabelle Lee, Nevermore Security
Executive Summary
Threats to Industrial Control Systems (ICS) and Operational Technology (OT) that operate our critical infrastructures are now in daily news media. ICS controls provide automation of operating power plants, oil and natural gas flowing through pipes nationwide, and support critical manufacturing of goods and pharmaceutical products for everyday use. Attacks on these systems can cause interruptions of major critical infrastructures, physical damage, and potentially threaten human health and safety.
The advances in technology and today’s offerings of the Industrial Internet of Things (IIoT) devices expands the attack surface of the ICS with the impact extending to all parts of the organization operating the critical infrastructures, the supply chain, and ultimately the end-use customers. Current cybersecurity solutions today cannot provide comprehensive protection against all the known and unknown threats of the automation components that operate the critical infrastructures, and specifically the energy sector. Particularly with the constantly changing threat and technology environments, this defensive approach results in the critical infrastructures constantly trying to play catch up in cybersecurity. Cyber attacks may be launched, for example, by malicious insiders, via the supply chain, and/or by unauthorized remote access. Attackers only have to be effective once and defenders need to be effective 100% of the time. It is not realistic to be 100% effective in identifying and addressing all known and potential cyber attacks. In addition, with the increasing availability of attack tools and techniques, the end result is that the defenders keep falling further behind in addressing cybersecurity.
This white paper proposes an alternative to the current defensive paradigm. The paradigm proposed in this paper augments this defensive approach and considers cybersecurity from the attacker’s perspective and includes identifying attack surfaces, attack vectors, and impacts. Because it is not possible to mitigate all potential cyber events, the objective is to identify the most common attack paths and mitigate the highest impact cyber events, independent of the specific attack method. This will include known and potential cybersecurity events. The unknown cyber events will be determined based on the impact to the ICS and the reliability of the grid. This paradigm will allow the energy sector to be more proactive in addressing cybersecurity and more resilient in the event of cyber attacks.