The Cyber Physical Divide

1
The Cyber Physical Divide

• Critical Infrastructure Protection

Atif Ahmad CPP - Pinkerton (Australia) Pty Ltd
2
Concept of Critical Infrastructure

• What do we mean by CI?
• Executive Order 13010 (Clinton 1996)

3
CIP Process (1)

• Identifying CI
• Network and interdependency analysis
• Identify critical assets

4
CIP Process (2)

• Apply classic risk driven security assessment
• Implement enhanced security measures

5
Issues in the Protection Process

• Acquiring a rigid network-centric mindset
• Consultative processes lack the rigor of a
  systematic approach
• Agreement on level of granularity is difficult
• Risks are modeled separately but they occur in
  combinations
• Organizations lack the governance structures to
  maintain enhanced security measures

6
Complexity Interdependencies

• Critical services can be predominantly physical
  or cyber
• Critical services can be interdependent
• Interdependencies also exist within an asset
• Power is managed by computer networks
• Over the past few decades the complexity of our
  infrastructure has increased dramatically
  primarily because of our growing reliance on
  computing systems

7
Threats to Cyber Systems

• Primary weapon Malicious Agent
• Primary attacks Denial of Service and
  Modification
• Attack on Availability
• Network grinds to a halt (agent absorbs
  resources)
• Attack on Integrity
• Network behavior departs from norm (agent hijacks
  system)

8
Connectivity Factor

• Cyber attack through the Internet
• Services are breached and trust abused
• Cyber attack on an isolated network
• Get into the update channels

9
Indications of Risk of Cyber Attacks?

• CI controllers are the subject of interest
• Laptops from the warzone
• Controllers have been almost hit before
• The 12 year old hacker
• A disgruntled employee has done it!
• Vitek Boden

10
Security Countermeasures?

• Coverage is typically poor
• Reliance on virus protection software
• Prevention
• Quarantine
• Recovery
• Safe-mode

11
Defence-in-Depth Model
Cyber Service (Controlling Software)
Controlled Entity
Network Traffic
Logical Layers of Protection
Physical Layers of Protection
12
Information-centric Security
StakeholdersVendorsContractors /
ConsultantsEx-employeesRetirees
Conversation
PERSONALIZATION
Read / Hear
Write
Type
Read
Copy
Photocopy
Print
Digital Media
10011010110 00 1 00110
10011010110 00 1 00110
CODIFICATION
Scan
DesktopsMobile DevicesUbiquitous IT
PaperMicrofiche
13
First Responder Security

• Organizational readiness
• Rapid Response
• Decisiveness in Decision Making

Security Policy Lifecycle
14
Cyberspace is the Future Battleground

• Economics of weapon production
• Distance is negated
• Advantage to mobile units
• Disadvantage to fixed assets
• Only one agent needs to get through!