Friday, 19 June 2015

How to Protect Critical Infrastructure From Hackers

With enterprises moving towards new technologies to minimize costs and optimize resources, they face increased security risks as cyber-criminals adopt new techniques to target BYOD devices, corporate networks and backend servers. As a result, it has become crucial for stakeholders to understand how to balance the security management landscape with enterprise operations.

Organizations need to place more focus on ESM (enterprise security management) to create a security management framework so that they can create and sustain security for their critical infrastructure. Enterprise security management is a holistic approach to integrating guidelines, policies and proactive measures for various threats.

ESM pertains to all risks that may affect the core business of an organization. It includes failed software processes, inadvertent or deliberate mistakes committed by staff members, internal security threats, and external security threats. The concept also takes into account the following factors related to security architecture framework:

*Enterprisewide compliance: The number of regulatory requirements can affect the end product/service delivery. The ESM framework aims to resolve conflicting business objectives, as well as fulfill regulatory and internal compliance requirements.

*Business-focused outcome: In a standard ESM framework, security risks and company objectives drive the selection of security implementations. As it is a top-down architecture, it ensures the identification and control of all policies.

*Clarity at data-infrastructure level: The key challenge for the enterprise is to gain clarity around resolving conflicts pertaining to data privacy requirements, vulnerability vectors and company objectives. The ESM approach to clarity enables the enterprise to gain transparency around the aforementioned, both at the infrastructure and data security level.

*Transformation of security at all levels: ESM adopts the approach called “architecting a security framework at all levels’”of an organization. It defines security capabilities from the governance level all the way through architecture, and involves planning to build, monitor and deliver security within all organizational units, processes and business functions.

Deploying ESM Framework

All stakeholders will look to the CISO/CSO/CIO to deploy and manage ESM frameworks, as well as the steps the organization is taking to reduce risk to the enterprise. How does a CIO integrate ESM framework and cultivate a security culture that finds long-term success throughout the organization? The answer lies in adopting a strategic approach towards enterprise security management. The following steps should be undertaken:

Patch management

Software vulnerabilities are one of the leading issues in the enterprise environment. Patches are additional code to replace flaws in software. Patch management is part of the SDLC (software development life cycle) and can occur in any primary process of SDLC.

The importance of implementing patch management as a part of ESM is gaining value, as there have been a plethora of exfiltration and data breaches around the globe. Scanning and updating of patches to prevent and mitigate undiscovered vulnerabilities is important and requires security management at all phases: QA, development, staging and maintaining strict policies to avoid any unexpected events.

Threat modeling

Who might attack the enterprise? Is it only cyber-criminals, or nation states as well? What about company insiders? Start thinking about the list of possible adversaries and get detailed, without ruling out outlandish ideas your team may come up with. Threat modeling requires the following steps:

*Identification of security objectives

*Companywide survey

*Decomposition

*Identification of threats

*Identification of vulnerabilities

Typically, a threat model takes longer to construct, but a sample structured list can be followed. Usually, the model is based on the following assumptions:

*Data validation may enable SQL injection

*Authorization may fail, so authorization checks are required

*SSL should be used as the risk of eavesdropping is high

*Anti-caching directive should be implemented in HTTP headers as browser cache may contain man-in-the-middle vulnerabilities.

View the original content and more from this author here: http://ift.tt/1Lkl6T0



from critical infrastructure alliance http://ift.tt/1Swxcta
via IFTTT

No comments:

Post a Comment