Post on 17-Jul-2020
Risk Advisory
Autobot - IoT enabled securityFor Private circulation onlyOctober 2018
01
Autobot - IoT enabled security
Table of contents
Background 02Common Challenges 03About the AutoBot 04Capabilities of the AutoBot 05Future of Autobot 06
The success story 08Oil & Gas 09
Other Industries use cases 10Telecom 12Manufacturing 13Shipping 14Smart Stadiums 15Banking, Financial services and Insurance 16Retail 17Agriculture 18Insurance 19Automotive 20Mining 21Contacts from Deloitte Touche Tohmatsu India LLP 24
02
Autobot - IoT enabled security
While most business models are changing globally towards an interconnected ecosystem, there exist models with a distributed landscape in the form of remote sites, stores or infrastructure. The threat landscape is constantly evolving and challenging the organisations and their security teams. Thus, the need to have a pro-active security testing and tracking mechanism which could provide organisations with holistic coverage of all their sites/ infrastructure in a near real-time basis arises. Organizations not only need to enhance their security posture but also need to adhere to various regulatory / stakeholder compliance requirements. Connectivity issues and the cost of travel to remote locations are few of the key challenges which limit an organization’s ability.
Background
03
Autobot - IoT enabled security
Common ChallengesSome of the common challenges faced by industries
Examples of industries facing similar challenges
Unmanaged&
Unmonitored
Compliance
Cost
Coverage
Connectivity
Oil industries having thousands of retail sites across the globe
Shipping industries running many fleets and loaded with IT systems
Telecom Towers across the globe for connectivity
Manufacturing industries having many plants across the globe for better supply chain
Organised retail having presence at various part of the world
Banking industries having their branch and ATMs at remote places
04
Autobot - IoT enabled security
Features of the AutoBot
The AutoBot is an automated penetration testing solution with built in intelligence to take care of various operations which are otherwise performed as a part of professional services. The solution is aimed at performing security testing with no manual intervention; reducing cost associated with deploying professionals at remote locations; providing near real-time security posture; and enabling wider coverage of security testing for organisations at remote locations with connectivity issues.
About the AutoBot
In-house developed programs and intelligence to perform various operations
Compact and portable with inbuilt encryption. Can be shipped to remote places
Developed in a way that it only needs to be plugged in to a switch and it does the rest
Comes with latest configuration to deliver faster performance. Can be also be connected to Cloud
Built-in Intelligence Compact & Secure
No Manual Intervention Faster and IOT Enabled
05
Autobot - IoT enabled security
Capabilities of the AutoBot
Asset Identification and Profiling
Asset Inventory Audit for Statutory
Critical Infrastructure & Site Monitoring
Rogue System Detection
Software License Management Audit
Configuration & Patch Management for Remote Systems
Site Security Maturity Assessment for Cyber Insurance
Automated IT Controls Testing
Automated Penetration Testing
Continuous Control Monitoring
06
Autobot - IoT enabled security
Future of AutobotSensor Equipped
Autobot
01 02 03 04
OT Gateway Autobot
IOT Gateway Autobot
Autobot on Drone
Sensor equipped Autobot can not only monitor cyber attacks on critical infrastructure, but also detect breaches / defects / malfunctions with the help of pressure, smell, vapor sensors.
Can collect logs from OT systems to integrate with IT Systems for monitoring.
Can collect security logs from IOT devices & Systems and can push over Internet to SIEM for central monitoring of remote sites.
Autobot mounted on drones, with RFID and GPS capability, can assist in Asset / Fleet tracking, asset movement and asset inventory reconciliation.
07
Autobot - IoT enabled security
08
Autobot - IoT enabled security
The success story
09
Autobot - IoT enabled security
Oil & GasBackgroundThe client currently operates with around 45000 retail sites of which 18000 are client owned sites and 27000 retail sites operate in the franchisee model. In an endeavor to comply with the PCI-DSS requirement, the client with support from it's service partners, currently conducts an annual penetration testing (PT) exercise on a select set of 120 retail sites.
How did we help
• Conducting Penetration Testing (PT) for sites/Infrastructure with connectivity constraints (viz. slow VSAT connectivity)
• Increased cost due to travel required for manual penetration testing at sites across the globe.
Coverage
• Coverage of the PT of all the remote sites across the globe is minimal due to accessibility and cost
• Delay in getting the complete security posture in near real time encompassing from all sites.
Compliance
• Meeting Regulatory/ Compliance requirements (PCI DSS) for organisations at regular interval.
Understands the retail network and gets itself assigned on their IP address
Identifies live hosts (systems and devices) in the retail network (multiple VLANS)
Captures hosts hostname, MAC address for asset inventory
Identifies vulnerabilities in the host
Automated exploitation of vulnerabilities
Challenges
10
Autobot - IoT enabled security
Other Industries use cases
11
Autobot - IoT enabled security
12
Autobot - IoT enabled security
TelecomBackgroundTelecom Tower Infrastructure spreads across the globe for seamless network connectivity. The new generation telecom network (4G, 5G) hosts many IT equipments.
How can we help
Automated Penetration Testing
Critical Infrastructure & Site Monitoring
Rogue System Detection
Accessibility
• Installed on remote places and usually unguarded
• Increased cost due to travel required for site maintenance and monitoring of the devices from performance and security perspective
Compliance & Coverage
• Meeting Regulatory / Compliance requirements (eg. Telecom Regulations) by conducting periodic Penetration Testing (PT)
• Coverage of the PT of all the remote sites across the globe is minimal due to accessibility and cost
Monitoring
• Absence of mechanisms to continuously monitor any attacks or security posture of the tower equipments
Challenges
13
Autobot - IoT enabled security
ManufacturingBackgroundManufacturing plants spread across the globe, for better supply chain of the products. These plants / stores undergo multiple audits such as Statutory Audit for asset, InfoSec Audits etc.
How can we help
Asset Inventory Audit for Statutory
Critical Infrastructure & Site Monitoring
Software License Management Audit
Time Consuming Asset Reconciliation
• Statutory auditors spend significant amount of time in taking stock of the assets at the plants and store
Monitoring ICS Systems
• Absence of security monitoring mechanism for ICS systems at plants
Connectivity
• Connectivity to plants and stores due to their presence in remote sites
Challenges
14
Autobot - IoT enabled security
ShippingBackgroundShipping industries operate multiple fleets, which carry many IT systems on board. These are critical and prone to cyber attacks.
How can we help
Automated Penetration Testing
Rogue System Detection
Continuous Control Monitoring
Configuration & Patch Management for Remote Systems
Connectivity
• Even though ships are equipped with state of the art internet connectivity and GPS, these are not connected to a corporate network
Cyber Attacks
• Since ships are always mobile, these are prone to external cyber attacks
Monitoring
• Since ships are not connected to a corporate network, these are unmanaged and unmonitored
• Delay in getting the complete security posture in near real time encompassing from all sites
Challenges
15
Autobot - IoT enabled security
Smart StadiumsBackgroundTo improve digital engagement and in-arena experience for fans, smart stadiums are now IOT enabled to facilitate features like stadium directions, in-seat concessions ordering, games' stats parking availability, digital signage, replays, restroom availability, seat upgrades, loyalty program, players' tracking and safety.
How can we help
Automated Penetration Testing
Rogue System Detection
Critical Infrastructure & Site Monitoring
Monitoring
• Huge numbers of sensors and systems are deployed for monitoring the movement of players and fans using various features, however security posture of these are not monitored
Cyber Attacks
• Since sensors are IOT enabled, these are prone to various cyber attacks from fans with malicious intent
Challenges
16
Autobot - IoT enabled security
Banking, Financial services and Insurance
Connectivity
• Not all branches and ATMs are connected to core banking network over MPLS or High Speed network
Monitoring
• Since ATMs are not connected to a corporate network, they are unmanaged and unmonitored.
• Delay in getting the complete security posture in near real time encompassing from all sites
Challenges
BackgroundBusiness models demand banks to have their presence in form of branches & ATMs at various parts of the world including cities, villages and remote locations.
How can we helpAutomated Penetration Testing
Continuous Control Monitoring
Configuration & Patch Management for Remote Systems
Asset Identification and Profiling
17
Autobot - IoT enabled security
Retail
BackgroundRetail chains spread across the globe with various IT equipments, devices and scanners in each site.
Asset Management & Cost
• Absence of view of the assets at retail sites and its security posture
• Increased cost due to travel required for asset profiling, inventorying and manual penetration testing at sites
Coverage
• Coverage of the PT of all the remote sites across the globe is minimal due to accessibility and cost
• Delay in getting the complete security posture in near real time encompassing from all sites
Compliance
• Meeting Regulatory / Compliance requirements (PCI DSS) for sites at regular interval
Challenges
How can we helpAutomated Penetration Testing
Asset Identification and Profiling
Continuous Control Monitoring
Automated IT Controls Testing
18
Autobot - IoT enabled security
AgricultureBackgroundThis industry now heavily relies on modern equipment, IT systems and sensors for faster production and delivery to consumers.
Monitoring
• Huge numbers of sensors and systems are deployed for monitoring the plants, however security posture of these are not monitored
Cyber Attacks
• Since sensors are IOT enabled, these are prone to various cyber attacks
Connectivity
• Agricultural sites are at remote places with slow connectivity
Challenges
How can we help
Automated Penetration Testing
Rogue System Detection
Asset Identification and Profiling
19
Autobot - IoT enabled security
Insurance
How can we help
Site Security Maturity Assessment for Cyber Insurance
Time Consuming
• Insurance companies spend good effort in studying and understanding the security posture of their sites
Cost
• Spend on external consultants to understand their clients' security posture
Connectivity
• Insurance companies are not generally connected to a client environment for remote study
Challenges
BackgroundInsurance industries make huge efforts and bear high costs to gauge the current security postures of their clients before issuing cyber insurance. They rely on external consultants or their team to study the security posture and maturity of their clients.
20
Autobot - IoT enabled security
Automotive
How can we help
Continuous Control Monitoring
Asset Identification and Profiling
Automated Penetration Testing
BackgroundThe Automobile Industry works with it's dealer network for a more efficient distribution of vehicles. The dealer network requires to be connected to the automobile industry for demand-supply insights.
ChallengesMonitoring
• Due to a larger number of dealer networks connected, it is difficult to manage and monitor any security threats coming from them
Cost
• Incurs huge cost in periodic review of the dealer network to ensure security posture and control implementations
21
Autobot - IoT enabled security
MiningBackgroundMining industries heavily rely on OT/ICS systems for their operations at remote places. These OT machines are not connected to IT Systems hosted at corporate network.
How can we help
Critical Infrastructure & Site Monitoring
Monitoring
• Due to limitations and constraint in protocols, OT systems are not connected to corporate network, hence not monitored from security and performance prospective centrally
Cyber Attacks
• OT systems are prone to various sophisticated cyber attacks.
Connectivity
• Mining OT systems are hosted at remote places of the world making them difficult to access, and for connectivity
Challenges
22
Autobot - IoT enabled security
23
Autobot - IoT enabled security
24
Autobot - IoT enabled security
Contacts from Deloitte Touche Tohmatsu India LLPShree ParthasarathyPartnersparthasarathy@deloitte.com
Maninder BharadwajPartnermanbharadwaj@deloitte.com
Gaurav ShuklaPartnershuklagaurav@deloitte.com
Santosh JinuguDirectorsjinugu@deloitte.com
25
Autobot - IoT enabled security
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.
This material is prepared by Deloitte Touche Tohmatsu India LLP (DTTILLP). This material (including any information contained in it) is intended to provide general information on a particular subject(s) and is not an exhaustive treatment of such subject(s) or a substitute to obtaining professional services or advice. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. None of DTTILLP, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this material, rendering any kind of investment, legal or other professional advice or services. You should seek specific advice of the relevant professional(s) for these kind of services. This material or information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser.
No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person or entity by reason of access to, use of or reliance on, this material. By using this material or any information contained in it, the user accepts this entire notice and terms of use.
©2018 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited