Preview Webinar: Defend Against New Security Threats to Your Data Center

By Amy Daly | |

December 15, 2016 |

Webinar on December 20th, 2016 at 2pm EST

Executive Summary for Defend Against New Security Threats to Your Data Center

 The modern data center presents a well-known array of IT related security challenges, but an additional area of risk now arises from the operational technology (OT) equipment required to support and maintain the modern data center. These OT devices, which primarily relate to the physical operations and security of the data center itself, are now being connected to the Internet.

Chris Kubecka will present actionable methods of preventing novel threats, discovering cyber attacks, detecting the level of damage, and rebuilding after a breach. Susan Lutz will discuss a detailed case study of how an enterprise US telecom hardened their data centers against attack.

View the Presentation:   Infrastructure and Data Center Security

Download White Paper:  Defend Against New Security Threats to Your Data Center

Presenters

Screenshot 2016-12-12 09.12.56.png

Famed Cybersecurity Expert Chris Kubecka 

Chris will share her experiences from two decades of discovering, defending, and rebuilding after cyber attacks on critical infrastructure for military, government, public and private enterprise.
 
Chris formerly led the Security Operations Centre for Aramco Overseas Company. Her expertise includes smartphone/Android OS exploitation, cyber warfare, process and automated control systems, DNS and IPv6 protocols, cryptography, SIEM’s/correlation engines and cyber-intelligence.  Her career has spanned the US Air Force, Space Command, private and public sector.
 

Susan Lutz Bio.jpgSecurity Industry Luminary Susan Lutz

Susan will share a case study on cyber-hardening data centers for a US-based telecommunications giant.
 
Susan has over 20 years of experience, including as CEO and Founder of ETSec, a managed security service provider acquired by ANX. Susan was a pioneer in managed UTM gateway and SaaS where she was awarded 9 patents. She co-founded SecureIT, an early information security company acquired by Verisign.

View the Presentation:   Infrastructure and Data Center Security

Download White Paper:  Defend Against New Security Threats to Your Data Center


Webinar
Topic: Understanding Vunerable Technology in the Data Center

Operational technology (OT) is a broad term that basically refers to computerized industrial equipment. Examples of OT equipment often found in modern data centers include the following:

  • Heating, ventilation, and air conditioning (HVAC) systems

  • Fire suppression systems

  • Power generators and power conditioning systems

  • Telecommunications switches

  • Physical access control system, such as human badge readers

  • Building automation systems

Safeguarding the Data Center with an IT OT Gateway.png

The integration of these assets with external systems may not be well understood. Some devices have embedded phone home capabilities for services and support. Often wireless routers or other less obvious connection points are routinely enabled during installation.

Understanding the risks inherent in linking IT and OT assets is an important step in addressing them, as is understanding the varying approaches to protecting IT and OT assets.

There are certainly good reasons these assets need online access. For example, OT equipment needs to be accessible at all times for monitoring, maintenance and troubleshooting from IT devices. Additionally, IT applications are helpful for analyzing data on datacenter operations and security.

While the value of allowing online access to OT equipment is compelling, these links cause additional risks. The 2013 security breach at a Target store that exposed information on approximately 40 million credit and debit cards originated through remote access to HVAC systems at Target facilities.

Conversely external OT related attacks can compromise IT assets, as may have been the case with the recent Delta Airlines power outage that took reservations systems offline for hours.

And, unfortunately, internal threats – whether intentional or accidental – continue to be the biggest risk. An employee connecting a malware- infected laptop or flash drive can spread the infection throughout the data center, affecting both IT and OT assets.

Understanding the risks inherent in linking IT and OT assets is an important step in addressing them, as is understanding the varying approaches to protecting IT and OT assets. IT security often focuses preventing unauthorized access to sensitive data and applications. OT gives greater weight to safety and availability of operations.

 

Topic: Identifying and Assessing OT-Based Threats

Traditional security tools do not effectively support OT environments. Most OT devices don’t support direct access to the operating system, let alone the installation or use of third-party security tools. So, the key to securing OT devices is securing OT network traffic, and traffic between IT business networks and OT control networks.

Conventional IT network security controls, such as traditional firewalls, can’t effectively monitor and analyze OT device traffic in real time to identify known and unknown threats specific to OT. Traditional firewalls are designed to find IT-specific threats in packets, ranging from the use of spoofed IP addresses to the use of illegal commands in IT application protocols. These firewalls rely on a ruleset that specifies which traffic is to be allowed or denied based on IP addresses, port numbers, and other basic traffic characteristics.

Traditional firewalls don’t have the ability to parse OT protocols for both content and context, to understand the syntax and semantics of the OT commands, or to support the complex rules required to secure and protect OT equipment.

 

 

Topic: Preparing to Meet Future Data Center Needs

Preparing to Meet Future Data Center Needs.png

Attackers are already taking advantage of Internet-connected OT devices to infiltrate data centers and cause data breaches and other compromises. With the anticipated growth in IIoT adoption, IIoT devices and other OT devices will collectively impose greater risks to the security, safety, and availability of data centers.

Conventional security technologies do not address these risks and cannot protect against OT-based threats. IT/OT gateways offer sophisticated capabilities to identify and stop OT threats, and enable centralized monitoring and analysis of OT operational data by specialized IT applications. These applications can identify preventative maintenance needs to prevent OT failures and the ensuing outages. They also give data center staff the “big picture” view of OT operations, safety, and security that’s never been available before, enabling much better decision making for both short-term and long-term needs.

Learn More About Securing Against These Novel Threats

December 20th, 2016 at 2pm EST

View the Presentation:   Infrastructure and Data Center Security

Download White Paper:  Defend Against New Security Threats to Your Data Center