JACKSONVILLE TRANSPORTATION The Role of Cyber ... Threat Landscape Recap External Threats are almost

Click here to load reader

download JACKSONVILLE TRANSPORTATION The Role of Cyber ... Threat Landscape Recap External Threats are almost

of 17

  • date post

    21-Sep-2020
  • Category

    Documents

  • view

    0
  • download

    0

Embed Size (px)

Transcript of JACKSONVILLE TRANSPORTATION The Role of Cyber ... Threat Landscape Recap External Threats are almost

  • JACKSONVILLE TRANSPORTATION AUTHORITYThe Role of Cyber Security in Safety

    Kevin Holzendorf

    Jacksonville Transportation Authority

  • Safety Culture

    ▪ Proactive approach to safety ▪ Identify risky behavior ▪ Provide mentoring ▪ Internal audits ▪ Safety committees ▪ Review policies and procedures

  • Safety Performance Objectives

    FY17 OCT 1.00 1.32 1.32

    FY17 NOV 1.00 0.87 1.09

    FY17 DEC 1.00 1.21 1.13

    FY17 JAN 1.00 0.98 1.09

    FY17 FEB 1.00 0.59 0.99

    FY17 MAR 1.00 1.31 1.05

    FY17 APR 1.00 1.08 1.05

    FY17 MAY 1.00 1.43 1.10

    FY17 JUN 1.00 0.79 1.06

    FY Month Target MTD YTD

  • JACKSONVILLE TRANSPORTATION AUTHORITY

    Cyber Security

    ▪ Endangerment of public or employee safety ▪ Impact on regional/national security ▪ Loss of public confidence ▪ Violation of regulatory requirements ▪ Loss of proprietary or confidential information ▪ Economic loss

    Cyber Security is the protecting of systems and data from attacks, damage or unauthorized access

  • Cyber Security = Risk Management

    What’s at Risk if we fail? ▪ Public or employee safety ▪ Public confidence ▪ Regulatory violation ▪ Proprietary or confidential info ▪ Economic loss ▪ Regional/national security

  • Presentation Title

    Your Title

    Cyber Breach Probability

  • 2015 Data Breaches by Industry Sector

    Source: Verizon 2016 Data Breach Investigations Report

    Less than 0.7% of all reported breaches occurred in the

    Transportation Sector

  • JACKSONVILLE TRANSPORTATION AUTHORITY

    Your Title

    Why do anything?

  • What Technology is Vulnerable?

    Information Technology

    Operational Technology

  • JACKSONVILLE TRANSPORTATION AUTHORITY

    Transportation Operations Systems

    Adapted from the National Academy of Sciences, “Protection of Transportation Infrastructure from Cyber Attacks: A Primer”

    TYPE CATEGORY HIGHWAYS TRANSIT Operational Technology (OT) Control Systems Advanced Traffic Management System

    (ATMS) Train Control System

    Bus Control System

    SCADA Road/Weather Systems Traction Power Traffic Monitoring and Surveillance Emergency Ventilation System

    RR Crossings Monitoring (Pumps, Alarms)

    GPS

    Signaling Highway Signals Train Signals Signal Priority Systems

    Communications Advance Traveler Information System (ATIS)

    Communications

    DSRC

    Fare Collection Systems

    Electronic Toll Collection (ETC) Entry/Exit Gates

    Ticket Vending Machines, Fare Boxes, Fare Validators, Ticket Encoding

    HVAC/Building Management

    HVAC HVAC Systems

    Tunnel Ventilation "People Movers"

    Information Technology (IT) Enterprise systems: Finance, HR, Productivity, Archives

    Driver, Vehicle and Crash systems Asset Management

    Asset Management BYOD

    BYOD

    Design, Construction CADD, Electronic Bidding Track Inspection

    Typical IT & OT systems

  • JACKSONVILLE TRANSPORTATION AUTHORITY

    Your Title

    Who is breaching our Systems?

    ~85% of data breaches are External

    Percent of Breaches by Threat

    ~15% are Internal

    Source: Verizon 2016 Data Breach Investigations Report

  • Your Title

    How are they getting in?

    Source: Verizon 2016 Data Breach Investigations Report

  • 10%

    16%

    6%

    26% 6%

    36%

    Transportation Cyber Incidents by Pattern

    Crimeware

    Espionage

    Misc Errors

    Denial of Service

    Privilege Misuse

    Web Apps

    What about the Transportation Sector?

    Source: Verizon 2016 Data Breach Investigations Report

  • Threat Landscape Recap

    ▪ External Threats are almost 6x more likely than Internal ▪ Hacking, Malware, and Social Engineering are the primary

    methods to breach an environment ▪ Primary incident scenarios in the Transportation Sector are:

    ▪ Hacking into our Web Applications ▪ Denial of Service attacks ▪ State Actors committing acts of Espionage

    Since time and resources are limited, our initial Cyber Strategy efforts should focus on the top 3 first

  • Network Security Best Practices

    Internal Vulnerability Scanning

    External Vulnerability Scanning External Penetration Testing

    At a minimum…

    Policy & Procedure

    Intrusion Detection/Prevention

    System Hardening

    Firewall Protection

    Email Scanning/Spam Filtering

    Web Content Filtering

    Anti-virus/Anti-malware

    Patch Management

  • Summary

    Is your agency secure?

    Don’t know?

  • APTA TranslTech Conference

    Join us in Jacksonville – April 9-11, 2018