0 оценок0% нашли этот документ полезным (0 голосов)
14 просмотров3 страницы
CISOs must address the risk these adversaries pose to their organization. Gather intelligence mine for cyber threat indicators Respond to information security alerts. Dell SecureWorks is a market leading provider of world-class information security services.
CISOs must address the risk these adversaries pose to their organization. Gather intelligence mine for cyber threat indicators Respond to information security alerts. Dell SecureWorks is a market leading provider of world-class information security services.
CISOs must address the risk these adversaries pose to their organization. Gather intelligence mine for cyber threat indicators Respond to information security alerts. Dell SecureWorks is a market leading provider of world-class information security services.
No matter the size of your organization, advanced cyber-attacks, such as
Advanced Persistent Threats, represent a credible threat and risk to your organization. Whether a cybercriminal, disgruntled activist, competitor or nation-state actor, Chief Information Security Officers (CISOs) must address the risk these adversaries pose to their organization. Information security research and analysis firm Securosis presents a four-step process in their eBook, The CISOs Guide to Advanced Attackers. Gather intelligence Mine for cyber threat indicators Respond to information security alerts Break the kill chain or cyber-attack process Dell SecureWorks can help you at every step: Global threat intelligence from our Counter Threat Unit (CTU) about emerging cyber threats against your organization Threat hunting services to mine deep within the environment for threat indicators Active incident responders contain the advanced threat and break the kill chain About Dell SecureWorksDell SecureWorks is a market leading provider of world-class information security services with over thousands of customers worldwide. Organizations of all sizes, including more than 15 percent of the Fortune 500, rely on Dell SecureWorks to protect information assets, improve compliance and reduce costs.
Threats Cyber Security
The pervasiveness of the Internet has created significant personal, organizational, and infrastructure dependencies that are not confined by national borders. Globalization and the advent of the Information Age have empowered individuals, national subgroups, and non-state actors. Disruptive attacks can be perpetrated not only by nation-states, but also by national opposition groups, ideological radicals, terrorist organizations, and individuals. Several sorts of threats emerge from this new environment, each with varying levels of national security concern. The first is the threat of disruption of communication flows, economic transactions, public information campaigns, electric power grids, and political negotiations. Second is the threat of exploitation of sensitive, proprietary, or classified information. Third is the threat of manipulation of information for political, economic, military, or trouble-making purposes. And last is the threat of destruction of information or, potentially, of critical infrastructure components that can have deleterious economic and national security consequences. Government can improve cooperation with the private sector through information sharing on vulnerabilities; continued facilitation of discussions within industry sectors; and through national coordination for cyber concerns and alerts. Government can also provide specific incentives to the private sector to better protect its systems by establishing liability limits against disruption of service for companies using security best practices; and providing specific awards or credits for information leading to hacker arrests. Government can also increase its credibility with the private sector by taking certain internal measures by agreeing on a clear definition of the problem and a clear delineation of responsibilities; improving education and training of professionals and government employees; and working toward comprehensive legislation for international collaboration for the prevention and prosecution of cyber crimes. 29 footnotes
Measures Cyber Security
In this paper, we analyze the cyber security of state estimators in Supervisory Control and Data Acquisition (SCADA) systems operating in power grids. Safe and reliable operation of these critical infrastructure systems is a major concern in our society. In current state estimation algorithms there are bad data detection (BDD) schemes to detect random outliers in the measurement data. Such schemes are based on high measurement redundancy. Although such methods may detect a set of very basic cyber attacks, they may fail in the presence of a more intelligent attacker. We explore the latter by considering scenarios where deception attacks are performed, sending false information to the control center. Similar attacks have been studied before for linear state estimators, assuming the attacker has perfect model knowledge. Here we instead assume the attacker only possesses a perturbed model. Such a model may correspond to a partial model of the true system, or even an out-dated model. We characterize the attacker by a set of objectives, and propose policies to synthesize stealthy deceptions attacks, both in the case of linear and nonlinear estimators. We show that the more accurate model the attacker has access to, the larger deception attack he can perform undetected. Specifically, we quantify trade-offs between model accuracy and possible attack impact for different BDD schemes. The developed tools can be used to further strengthen and protect the critical state-estimation component in SCADA systems