Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT...
Transcript of Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT...
![Page 1: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/1.jpg)
www.eurecat.org
Unit of IT SecurityCapabilities
![Page 2: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/2.jpg)
www.eurecat.org
IT Security – The Unit
• The IT Security Unit of Eurecat is formed by a multidisciplinary team (computer, electronic andtelecommunications engineers, mathematicians and ethical hackers) that carry out both researchand innovation activities in cybersecurity and ethical hacking actions on technological devicesand infrastructures
• IT Security has extensive experience in different sectors such as critical infrastructure,automotive, health, public administration, electronic voting and financial, among the mostrelevant.
![Page 3: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/3.jpg)
www.eurecat.org
IT Security – Areas of knowledge
Eurecat was Involved inwriting ENISA report onrecommendations inelectronic identitysystems authentication
Cibersecurity
Cryptography
DistributedSecurity
Digital Identityand Privacy
Cybercrime (Deep Web), Cyber Threat Intelligence (Prevent, detect and respond to sophisticated cyber threats), Ethical Hacking, Radio Frequency Security (SDR), etc.
Access Control Systems, AdaptiveAuthentication, Implicit Authentication, User-Centric Approaches, Identity & Blockchain, Interoperability, etc.
Distributed Security (Cloud Fog & Edge Computing), Security in Mobile Platforms, Artificial Intelligence (Machine and Deep Learning), Secure SDLC, Post-Quantum Cryptography, Blockchain Technology, etc.
![Page 4: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/4.jpg)
www.eurecat.org
IT Security - Laboratories
![Page 5: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/5.jpg)
www.eurecat.org
IT Security – Application areas
Penetration testing (IoT, PLCs, ECUs, etc.)
Vulnerability Analysis(Industrial networks
and criticalinfraestructures)
AI-basedsolutions
Blockchain-based
solutions
AppliedCryptography
Identity and authentication
systems
DistributedSecurity solutions
Pattern-based
solutions
DetectProtectIdentify
Analysis of vulnerability
impact
Threat Intelligence
CriticalInfraestructures
IT Networks
OT Networks
Industry4.0
IoTCloud
ServicesMobile devices
Social Networks
![Page 6: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/6.jpg)
Call of Interest and capabilities for the topic SU-INFRA-02-2019
“Security for smart and safe cities, including for public spaces”
www.eurecat.org
![Page 7: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/7.jpg)
www.eurecat.org
Full audits
• The automation of productive processes is one of the aspects that has evolved most in the industry
• The integration of classical technologies, such as mechanics and electricity, with more modern ones (electronics, IT, telecommunications, Internet of things, etc.) is creating a series of interdependenciesbetween them, causing the digitization of productive and basic services sectors
• In every digitization and automation process started on an infrastructure, intelligent sensors and actuators must be deployed to support the new productive and service model.
• Other devices (smartphones, tablets, connection points, Wi-Fi, RF, GSM, etc.) are also required, which will send and receive information through the IP protocol, integrating the internal network of the organization through the global network (Internet).
![Page 8: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/8.jpg)
www.eurecat.org
Objectives of a Full Audit
• The main objective is the analysis of risks and evaluation of the security of a critical infrastructure.
• This analysis includes aspects of both logic security (cybersecurity), and physical security (safety), its impact, and the necessary actions to be performed.
• As a summary, the most specific objectives of a complete audit - including pen-testing tasks - are indicated:– Study and understanding of the infrastructure digitalization project,
– Search for public information,
– Analysis of networks and communications,
– Analysis of systems and infrastructure,
– Analysis of applications and databases,
– Analysis of industrial protocols,
– Impact analysis,
– Definition of technical measures,
– Definition of organizational measures,
– Support to the digitization process.
![Page 9: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/9.jpg)
Comprehensive management of critical infrastructure: detection of threats and attacks
Objective: detect unknown and combined attacks and threats
![Page 10: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/10.jpg)
1. Big Data Architecture in the field of security. There are architectures likeApache Metron or OpenSOC.
2. Sensors for collecting information from different sources: IT logs, operations, context, social, intelligence centers, etc.
3. Design, implementation and deployment of solutions based on artificial intelligence for the detection of unknown threats and attacks, such as zero-days and APTs.
4. Intelligence sharing center: interoperability of information from incidents, vulnerabilities, threats and attacks.
Comprehensive management of critical infrastructure: detection of threats and attacks
![Page 11: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/11.jpg)
Integral Segurity: Physical access
1. Detect intruders in delimited areas.
1. No cameras; no privacy vulnerability
2. Detection through walls, furniture… no dead angles
3. Detection without the need of light
4. No additional installation
2. Counting of people in a room.
1. Control of the capacity of the rooms
2. Detect number of people in case of accident
![Page 12: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/12.jpg)
www.eurecat.org
Projects on Cybersecurity
PROJECT H2020: STOP-IT
STOP-IT focuses on the strategic, tactical and operational protection ofcritical water infrastructures against physical and cyber threats
Anomaly detector capable of detecting unknown anomalies in real time usingdifferent sources of information (physical and cyber)
o with automatic learning skills,
o and with the supervision of a specialist that validates the complex threats.
PROJECT RIS3CAT: SECUTIL (leaders)
Security and cybersecurity solutions in Utilities for critical infrastructure protection.
• Anomaly detector
• Securization of IoT infraestructures.
![Page 13: Unit of IT Security - MCSTmcst.gov.mt/wp-content/uploads/2019/05/EURECAT_INFRA_02_2019.pdf · IT Security –The Unit • The IT Security Unit of Eurecat is formed by a multidisciplinary](https://reader030.fdocuments.net/reader030/viewer/2022040921/5e9a2f59d4c1850b514ac8c7/html5/thumbnails/13.jpg)