應對運營風險中的后果：為什么威脅和安全并不那么重要.pdf

1、Addressing Consequence within Operational RiskWhy threats and security are just not that important2024 Aviation Cybersecurity Conference O.T.Gagnon III(Ollie),CISSP,CPP,PSPChief Homeland Security AdvisorIdaho National Laboratory Transportation-Aviation-Airport Dependency Profile(What is the most imp

2、ortant airport infrastructure?)Image source:INL.gov*Source:https:/www.cisa.gov/what-are-dependenciesElements of Risk Threat:A natural or manmade occurrence,individual,entity,or action that has or indicates the potential to harm.Vulnerability:A physical feature or operational attribute that renders a

3、n entity open to exploitation or susceptible.Consequence:The effect of an event,incident,or occurrence.Can your team list the top three critical systems,including their priorities,cyber and physical dependencies(internal/external),degree of IT/OT convergence,key stakeholders(internal/external),and t

4、he incident response and recovery plans?How well do you know your operational risks?Vulnerabilities Operational RiskThreatsConsequencesOperational RiskConsequences Captures“the uncertainties and hazards a company faces when it attempts to do its day-to-day activities.”Results from“breakdowns in inte

5、rnal procedures,people,and systems,”and focuses on“how things are accomplished within an organization.”Determined by analyzing the consequences,vulnerabilities,and threats within its procedures,workforce,and systems.ThreatsOperational RiskVulnerabilities Before an organization can consider vulnerabi

6、lities within and threats to its operations,it must first have a solid understanding of the consequences existing inside its infrastructure environment.Operational Risk(cont.)HumanCyberPhysicalConsiderations:Infrastructure vs.Critical Infrastructure Security vs.Resilience Dependency vs.Interdependen

7、cyVulnerabilities Operational RiskThreatsConsequences Facility Engineer/Maintenance and Security Manager have as much to contribute to understanding the cyber and physical infrastructure environment as the Operations Manager/Director and Chief Information Officer.People(internal/external)involved in

8、 directing,operating,maintaining,and supporting the cyber and physical infrastructure environment are essential to understanding and ultimately enhancing security and resilience.Operational Risk(cont.)RealityMost entities know all the components to be binned,their connections,their complexities,and

9、their potential consequences.ChallengeKnowledge is fractured into operational silos within the entity and/or all the right people needed to contribute to understanding the infrastructure environment are not part of the process.The Realities of CyberspaceINLs technical doctrine is based on the follow

10、ing assumptions:Existing security efforts are insufficient to protect control systems and the infrastructure they support against catastrophic technical attacks.A determined,well-resourced and patient adversary WILL succeed in penetrating and exploiting a critical infrastructure network.Given time a

11、nd resources,cyber attackers WILL have successDisrupting Cyber-enabled Sabotage on Critical Functions Understanding CFA,CIE and CCE(cont.)https:/inl.gov/national-security/cce/Critical Function Assurance(CFA)is a foundational approach to identifying,prioritizing,and mitigating the risk that is inhere

12、nt in the delivery of critical functions that depend on digital technology.(WHY)Cyber-informed Engineering(CIE)is a series of principles focused on integrating cybersecurity considerations into the conception,design,development,and operation of any physical system that has digital connectivity,monit

13、oring or control related to the delivery of a critical function.(WHAT)Consequence-driven Cyber-informed Engineering(CCE)can be thought of as a repeatable process to apply elements of CFA and CIE to achieve assurance of critical functions.(HOW)Pillars of the National CIE Strategyhttps:/www.energy.gov

14、/CIE Principles(What to think about)https:/www.energy.gov/PRINCIPLEKEY QUESTIONConsequence-Focused DesignHow do I understand what critical functions my system must ensure and the undesired consequences it must prevent?Engineered ControlsHow do I implement controls to reduce avenues for attack or the

15、 damage which could result?Secure Information ArchitectureHow do I prevent undesired manipulation of important data?Design SimplificationHow do I determine what features of my system are not absolutely necessary?Layered DefensesHow do I create the best compilation of system defenses?Active DefenseHo

16、w do I proactively prepare to defend my system from any threat?Interdependency EvaluationHow do I understand where my system can impact others or be impacted by others?Digital Asset AwarenessHow do I understand where digital assets are used,what functions they are capable of,and our assumptions abou

17、t how they work?Cyber-Secure Supply Chain ControlsHow do I ensure my providers deliver the security we need?Planned ResilienceHow do I turn“what ifs”into“even ifs”?Engineering Information ControlHow do I manage knowledge about my system?How do I keep it out of the wrong hands?Cybersecurity CultureHo

18、w do I ensure that everyone performs their role aligned with our security goals?Consequence-driven,Cyber-informed Engineering(CCE)(How to achieve it)Structured Evaluation to Achieve Functional AssuranceCCE is a structured process to apply CIE principles to understand how cyber-enabled sabotage could

19、 result in events that threaten national security and business viability,then identify the engineering changes or operational controls that eliminate or significantly reduce the risk of those events.https:/inl.gov/national-security/cce/2019 R&D 100 Award winner for cyber protection of critical infra

20、structure DOE CIE and DHS CISA SBD Relationship“While CISAs Secure by Design campaign by itself has great implications for society at writ large and especially the ICS community,I do want to take a moment to also acknowledge how this effort critically intersects with and supports the Department of E

21、nergys Cyber-Informed Engineering work which supports the resilience of our infrastructure by ensuring that were engineering cyber-attacks out of the system.”“Look,partnership is fundamental,innovation is critical.Balancing and strongly moving forward on both fronts will be essential to ensuring the

22、 security of the nations critical infrastructure.”Jen Easterly,DirectorCybersecurity and Infrastructure Security Agency Hack the Capitol May 30,2024+/-160 software companieshttps:/cisa.govAddressing Consequence within Operational Risk:Why threats(plus vulnerabilities)and security are just not as important asConsequence(First Risk Consideration)and Resilience(Desired Outcome)Thank You!