CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018

Slides:

Advertisements

Similar presentations

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Advertisements

CIRAS PROJECT OVERVIEW

Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.

1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

Security Controls – What Works

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Computer Security: Principles and Practice

Controls for Information Security

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Stephen S. Yau CSE , Fall Security Strategies.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

IT:Network:Microsoft Applications

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Dell Connected Security Solutions Simplify & unify.

Cloud services security Prof. Manel Medina Head of Unit CERT Operations support ENISA

Chapter 6 of the Executive Guide manual Technology.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Introducing Microsoft Azure Government Steve Read Barbara Brucker.

How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.

Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Mark Gilbert Microsoft Corporation Services Taxonomy Building Block Services Attached Services Finished Services.

LSEC H2020-DS - & CIP Ulrich Seldeslachts, Brussels, January 27th, 2016.

IS3220 Information Technology Infrastructure Security

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT CIRAS PROJECT OVERVIEW 2nd Stakeholders’ Workshop Aschaffenburg, November, 26th, 2015 Jaime Martín, Project.

SIEM Rotem Mesika System security engineering

Horizon 2020 Secure Societies European Info Day and Brokerage Event

OIT Security Operations

Research & Innovation Action

Hot Topics:Mobility in the Cloud

CIRAS FINAL CONFERENCE

Critical Infrastructure Protection Policy Priorities

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Infrastructure, Data Center & Managed Services

Healthcare security posture

Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop

Identity & Access Management

Securing the Threats of Tomorrow, Today.

Security Management Platform

FORTH’s Honeypots CIPSEC workshop Frankfurt 16/10/2018

MFX CORPORATE DECK INTRODUCTION 23 February 2019.

AMI Security Roadmap April 13, 2007.

Denial-of-Service Jammer Detector Training Course Worldsensing

Security for Safety: Enabling Digitalization of Railway Systems

CIPSEC Framework components: XL-SIEM

The Antimalware component: Bitdefender Gravity Zone

CIPSEC Future Activities

Matteo Merialdo RHEA Group Innovative aspects in cyber range solutions.

Experiences from testing security solutions in the railway use-case

Salesforce.com Salesforce.com is the world leader in on-demand customer relationship management (CRM) services Manages sales, marketing, customer service,

IT Management Services Infrastructure Services

EOSC-hub Contribution to the EOSC WGs

Presentation transcript:

CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018 Rubén Trapero Burgos, ATOS Co-funded by the Horizon 2020 Framework Programme of the European Union

CIPSEC Framework Design Principles Critical Infrastructures Commonalities Security Threats CIPSEC pilot requirements Data Lifecycle in Critical Infrastructures CIPSEC architecture

Data Acquisition Data Consumption Data Dissemination Host and Network Sensors SOC Expertise Agents, sensors, sniffing, etc Data Acquisition Security Decision-Making Security Compliance Activity and Security Data (LOG) Status Heartbeats Reports Data Consumption Data Dissemination User Credentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure Sotware Repository Dashboards Human End-Users (CI System admins) Post-Mortem Incident Analysis Security Operation Center Personnel Visualization of data Recommendations System administration Aggregate data Filter Data Reasoning Detect anomalies Document Management Repository Security and Activity monitoring engine

Acquisition Data Acquisition Data Consumption Data Dissemination Host and Network Sensors SOC Expertise Agents, sensors, sniffing, etc Acquisition CIPSEC Core Framework Data Acquisition Security Decision-Making Security Compliance Activity and Security Data (LOG) Status Heartbeats Reports Data Consumption Data Dissemination User Credentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure Sotware Repository Dashboards Human End-Users (CI System admins) Post-Mortem Incident Analysis Security Operation Center Personnel Aggregate data Filter Data Reasoning Presentation Detection Layer Visualization of data Recommendations System administration User/System manager Data Processing Document Management Repository Network Security Critical Infrastructure Components (sensors, computers, network, servers, routers, …) Security and Activity monitoring engine

High Level CIPSEC Framework Critical Infrastructure Platform User/System manager Layer Presentation Layer Acquisition Layer Detection Layer Data Processing Layer Updating/Patching User training Compliance Management CIPSEC Core Framework Critical Infrastructure Components (sensors, computers, network, servers, routers, …) logs events/alerts correlator admin inferred threats, risks aggregated info (reports, etc) contingency (reconfigurations, etc) CIPSEC security features Compliance report Network Security security data CI security requirements

CIPSEC Framework Reference Architecture

Critical Infrastructure Platform Compliance Management Partners’ role in CIPSEC Reference Architecture Critical Infrastructure Platform CIPSEC Core Framework System manager User/System manager Layer Contingency plan Recommendations Presentation Layer Forensics Analysis Visualization tool Dashboard Data Processing Layer Anonymized Sensitive Data Historic anomalies DB Forensics service Data anonymization and Privacy Updating/Patching Detection Layer Compliance Management Anomaly detection reasoner Acquisition Layer External Security Services Future security services plugged Endpoint Detection and Response Vulnerability Assessment Identity Access Management Integrity Management Crypto services Network Security (DPI firewalls, routers with ACL, network segmentation, DMZ, NAC, etc.) Critical Infrastructure Components (sensors, computers, network, servers, routers, …) User Training

CIPSEC Blocks Covered with Products Reference Architecture Block Products Involved Dashboard Forensics Analysis Visualization tool Data anonymization and Privacy Anomaly detection reasoner Identity Access Management Integrity Management Crypto services Endpoint Detection and Response CIPSEC Pilots

CIPSEC Blocks Covered with Services CIPSEC Core Services Service Leader Contingency Plan Forensics Service Vulnerability Assessment Updating / Patching User Training Compliance Management CIPSEC Pilots

Innovation targeted by CIPSEC Framework CIPSEC proposal is not centred on providing an isolated solution for cybercrime but a more broad solution. CIPSEC which is not addressing individual aspects of large crisis but provides a global solution including additional services related with CIP. CIPSEC provides a more generic solution, focusing not only on securing network edge services of cloud infrastructures in CI scenarios, but also on the global picture, taking into account existing interdependencies. CIPSEC offers a close-to-market security platform with real validation trials on real CI operational scenarios.

Thanks for your attention! Questions? Contact: Antonio Álvarez ATOS antonio.alvarez@atos.net Rodrigo Díaz ATOS rodrigo.diaz@atos.net Rubén Trapero ATOS ruben.trapero@atos.net www.cipsec.eu @CIPSECproject https://www.linkedin.com/in/cipsec-project/ https://www.youtube.com/channel/UCekxicSFAwZdIPAV3iLHttg CIPSEC Technical Review Meeting Barcelona 22/11/2017