Presentation is loading. Please wait.

Presentation is loading. Please wait.

C4I, Internet of Things and Critical Infrastructure Protection

Published byChad Marshall Modified over 6 years ago

Similar presentations

Presentation on theme: "C4I, Internet of Things and Critical Infrastructure Protection"— Presentation transcript:

1 C4I, Internet of Things and Critical Infrastructure Protection
Blake Davis Director of Engineering for C4ISR, Lockheed Martin

2 What Systems? Military Command and Control Military Infrastructure
Military Command and personnel Sensors (Radars, optical, vibration, heat, RF, etc) Defensive systems (kinetic and non-kinetic) Offensive Weapon systems (kinetic and non-kinetic) Security trained system builders Military Infrastructure Public Infrastructure Commercial Infrastructure All public source Image already received PIRA approval from prior C2BMC brief Lockheed Martin Proprietary Information

3 Critical Infrastructure
Energy and Distribution Transportation Health Civil protection and emergency response Government Communications (Fiber and Radio Frequency and Laser) Water (and Wastewater) and Food Supply Information Technology (including Industrial Control Systems) Financial System Critical Manufacturing All public source Lockheed Martin Proprietary Information

4 How? Threat Examples Real life attack vectors
2014 Target Store attack through HVAC system to Payment systems credit/debit cards 2017 Austrian Hotel ransom through Door Lock system 2015 Ukraine electric grid (PCC) leaving 230,000 without power thru industrial control systems 2016 Ukraine Artillery Units through Android All public source Target: Ukraine power: & Ukraine Artillary: Austrian Hotel:

5 Why? Insider Threat more prevalent
Older industrial control systems with no design reqts for cyber end up added to and contribute to vulnerable networks No anti-virus, no security, no protection S/W Component controls are targets as well as back up control systems Protection is needed at multiple entry points Air gapping system still not sufficient (High latency network) Remote admins, vendor supply chain, 3rd party maintainers Protection and Risk Postures Can’t assume device is secure Can’t assume network is secure Cost is major driver to securing or not securing Not just at customer side but at manufacturing side All public source Image already received PIRA approval from prior C2BMC brief Lockheed Martin Proprietary Information

6 Internet of Things Estimates are 20-30 billion IoT in next few years
Cameras Cars / Trucks Door locks and facility related management equipment 100+ billion microcontrollers 100+ billion RFID devices Threat: New entry points Easy DDOS source Trend: Some attention to strengthen security at “the thing” Secure comm, encryption All public source

7 Key is Response ahead of attack
NIST Criticality Analysis Prioritize Protection nistir8179-draft.pdf Move to Cyber resilient architecture survivability under attack – continuous feedback Radical shift in how control systems are designed Reduce attack vectors, entry points Understanding Normal – behavior based protection Increased monitoring and comparison to normal All public source

8 Cyber Security: Lockheed Martin Cyber Kill Chain®
Reconnaissance 1 Weaponization 2 Delivery 3 Aggressor has to successfully pass through every step Defenders can block just one step in the chain Exploitation 4 Installation 5 Command & Control 6 PIRA approved confirmed with Kathleen Hohendal Actions on Objectives 7

9 Solutions From Headlines to Best Practices
“This is a must-read for anyone tracking APT.” – Trend Micro Kill Chain part of Structured Threat Information Exchange format since Version 0.3 DoD AT&L DT&E incorporates Cyber Kill Chain into cyber security testing supporting weapons systems acquisition LM’s Cyber Kill Chain garners attention from cyber security and technology industry experts “LM’s seminal paper on Intelligence-Driven Computer Network Defense published Indicator Sharing with Defense Industrial Base done using Kill Chain phases Information Sharing DHS To Apply CKC method for internal network Security Senate Commerce Committee analyzes Target breach using LM methodology PIRA approved confirmed with Kathleen Hohendal

10

Download ppt "C4I, Internet of Things and Critical Infrastructure Protection"

Similar presentations

Breaking Kill Chains A “How To” Guide for SecurityCenter.

Breaking Kill Chains A “How To” Guide for SecurityCenter.
Sensors and location technologies – the front end of ISR

Sensors and location technologies – the front end of ISR
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 Critical Mission Support Through Energy Security Susan Van Scoyoc Concurrent Technologies Corporation 16 August 2012 Energy Huntsville Meeting Huntsville,

1 Critical Mission Support Through Energy Security Susan Van Scoyoc Concurrent Technologies Corporation 16 August 2012 Energy Huntsville Meeting Huntsville,
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
CARVER+Shock Vulnerability Assessment Tool “As Agile As the Enemy” The Foundation for Institutional Development.

CARVER+Shock Vulnerability Assessment Tool “As Agile As the Enemy” The Foundation for Institutional Development.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Cyber Attacks Threaten: privacy reliability safety resiliency 2.

Cyber Attacks Threaten: privacy reliability safety resiliency 2.
Ethical Hacking License to hack. OVERVIEW Ethical Hacking ? Why do ethical hackers hack? Ethical Hacking - Process Reporting Keeping It Legal.

Ethical Hacking License to hack. OVERVIEW Ethical Hacking ? Why do ethical hackers hack? Ethical Hacking - Process Reporting Keeping It Legal.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Surveillance and Security Systems Cyber Security Integration.

Surveillance and Security Systems Cyber Security Integration.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Industrial Control Systems.

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Industrial Control Systems.
Proactive Incident Response

Proactive Incident Response
Understanding Cyber Attacks: Technical Aspects of Cyber Kill Chain

Understanding Cyber Attacks: Technical Aspects of Cyber Kill Chain
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
Industrial Control System Cybersecurity

Industrial Control System Cybersecurity

Similar presentations

Ads by Google