Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Mitigate the Consequences What are the Countermeasures?

Published bySukarno Hardja Modified over 5 years ago

Similar presentations

Presentation on theme: "How to Mitigate the Consequences What are the Countermeasures?"— Presentation transcript:

1 How to Mitigate the Consequences What are the Countermeasures?
CYRAIL Final Conference Paris, How to Mitigate the Consequences What are the Countermeasures? Taha Abdelmoutaleb Cherfia fortiss

2 Common Mitigation Strategies
Introduction of common mitigation strategies that are appropriate to address the threats targeting railways in order to prevent or minimize their impact on the different critical assets.

3 Common Mitigation Strategies
System Administration Bastion Hosts Logging and Monitoring Multi-Factor Authentication Administrator Audit Logging 3 4 2 5 1 SA AS NS DP DS Device Security Access Controls Antivirus / Anti-Malware Firewalls Hardware Encryption Application Security Application Firewalls Database Firewalls Application Whitelisting Security Data Leakage Protection Data Protection Data Encryption Secure Socket Layer Transport Layer Security Digital Signature Password Policy Network Security Network Segmentation Network Access Control Internet Protocol Security Network Intrusion Detection/Prevention Virtual Private Network

4 System Administration
Objective: System Administration is the foundation for any infrastructure security measures, and it needs to be a top priority. It provides measures to prevent intruders from getting control over the system. Solutions: Bastion Hosts Logging and Monitoring Host Hardening Multi-Factor Authentication Administrator Audit Logging

5 Application Security Objective:
Application Security provides measures to protect and secure an application from different attacks that exploit its vulnerabilities at different stages of an application lifecycle from design to deployment. Solutions: Application Firewalls Database Firewalls Application Whitelisting Security Data Leakage Protection (DLP)

6 Network Security Objective:
Network Security is is the combination of physical and software preventative measures and activities that protect the underlying network infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure. Solutions: Network Segmentation Network Access Control Internet Protocol Security Network Intrusion Detection/Prevention Virtual Private Network (VPN)

7 Device Security Objective:
Device Security (DS) involves protecting endpoint devices such as personal computers, mobile devices and servers from cyber-attacks. It provides mechanisms to restrict access rights to these endpoints to authorized users. Solutions: Access Controls Antivirus / Anti-Malware Firewalls Hardware Encryption

8 Data Protection Objective:
Data Protection is the process of safeguarding the use of data systems and networks to prevent the unauthorized use of data, and the unintentional or deliberate distortion of data. Solutions: Data Encryption Secure Socket Layer (SSL) Transport Layer Security (TLS) Digital Signature Password Policy

9 Human Factor People play a fundamental role in an effective cybersecurity strategy because they are often the weakest link in the cybersecurity chain. Solution: Railway actors should provide Cybersecurity Awareness Training to their employees including executives, systems administrators, developers, and incident reporters to ensure they are aware of their responsibilities with regard to cybersecurity concerns. Cybersecurity training should include training on policies and potential cybersecurity threats to the railway actor and its business. Verizon, “2018 Data Breach Investigations Report” (2018). Available at:

10 Advanced Mitigation Strategies
Security by Design and Multiple Independent Layers of Security are some of the trending concepts in cybersecurity that may help to provide a strong mitigation strategy.

11 Traditional Security Security cannot be an afterthought!
Before: Security is considered after the definition of the system, meaning that security mechanisms are fitted into its pre-existing design. Conflicts with the system requirements + New vulnerabilities

12 Security by Design Security
Security should play an integral role throughout all phases of the system life cycle. Analysis Design Security Planning Implementation Maintenance

13 Security by Design: Principles
Description Least Privilege An entity should be given only those privileges that it needs in order to complete its task. Fail Safely Unless an entity is given an explicit access to an object, it should be denied access to that object. Economy of Mechanism Security mechanisms should be as simple as possible. Complete Mediation Each and every access to an object must be checked to ensure that it is allowed Open Design Security should not depend on secrecy of its design or implementation. Separation of Privilege A system should not grant permission based on a single condition. Least Common Mechanism Mechanism used to access resources should not be shared Psychological Acceptability Security mechanisms should not make the resource more difficult to access than if the security mechanisms were not present. Defense in Depth Use of multiple security mechanisms such that if one mechanism fails, another will be already in place to prevent a full breach.

14 MILS: Multiple Independent Layers of Security
MILS is a high-assurance security architecture based on the concepts of separation and controlled information flow. MILS is founded on the understanding that security is not a one-size- fits all proposition. MILS supports the coexistence of both trustworthy and untrusted components. Each component is isolated and each may communicate with the others based on the policy enforcements functions. MILS architecture allows the execution of multiple components at different safety/security levels or classifications (mixed-criticality).

15 MILS: Properties In order to be effective, all system security must be NEAT Property Description Non-bypassable Policy enforcement functions cannot be circumvented Evaluatable Policy enforcement functions are small enough and simple enough that proof correctness is practical and affordable Always-invoked Policy enforcement functions are invoked each and every time Tamperproof Policy enforcement functions and the data that configures them cannot be modified without authorization

Download ppt "How to Mitigate the Consequences What are the Countermeasures?"

Similar presentations

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Operating System Security

Operating System Security
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Controls for Information Security

Controls for Information Security
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.

Similar presentations

Ads by Google