autobot - iot enabled security - deloitte us · 2020-05-09 · autobot - iot enabled security smart...

Risk Advisory

Autobot - IoT enabled securityFor Private circulation onlyOctober 2018

01

Autobot - IoT enabled security

Table of contents

Background 02Common Challenges 03About the AutoBot 04Capabilities of the AutoBot 05Future of Autobot 06

The success story 08Oil & Gas 09

Other Industries use cases 10Telecom 12Manufacturing 13Shipping 14Smart Stadiums 15Banking, Financial services and Insurance 16Retail 17Agriculture 18Insurance 19Automotive 20Mining 21Contacts from Deloitte Touche Tohmatsu India LLP 24

02


While most business models are changing globally towards an interconnected ecosystem, there exist models with a distributed landscape in the form of remote sites, stores or infrastructure. The threat landscape is constantly evolving and challenging the organisations and their security teams. Thus, the need to have a pro-active security testing and tracking mechanism which could provide organisations with holistic coverage of all their sites/ infrastructure in a near real-time basis arises. Organizations not only need to enhance their security posture but also need to adhere to various regulatory / stakeholder compliance requirements. Connectivity issues and the cost of travel to remote locations are few of the key challenges which limit an organization’s ability.

Background

03


Common ChallengesSome of the common challenges faced by industries

Examples of industries facing similar challenges

Unmanaged&

Unmonitored

Compliance

Cost

Coverage

Connectivity

Oil industries having thousands of retail sites across the globe

Shipping industries running many fleets and loaded with IT systems

Telecom Towers across the globe for connectivity

Manufacturing industries having many plants across the globe for better supply chain

Organised retail having presence at various part of the world

Banking industries having their branch and ATMs at remote places

04


Features of the AutoBot

The AutoBot is an automated penetration testing solution with built in intelligence to take care of various operations which are otherwise performed as a part of professional services. The solution is aimed at performing security testing with no manual intervention; reducing cost associated with deploying professionals at remote locations; providing near real-time security posture; and enabling wider coverage of security testing for organisations at remote locations with connectivity issues.

About the AutoBot

In-house developed programs and intelligence to perform various operations

Compact and portable with inbuilt encryption. Can be shipped to remote places

Developed in a way that it only needs to be plugged in to a switch and it does the rest

Comes with latest configuration to deliver faster performance. Can be also be connected to Cloud

Built-in Intelligence Compact & Secure

No Manual Intervention Faster and IOT Enabled

05


Capabilities of the AutoBot

Asset Identification and Profiling

Asset Inventory Audit for Statutory

Critical Infrastructure & Site Monitoring

Rogue System Detection

Software License Management Audit

Configuration & Patch Management for Remote Systems

Site Security Maturity Assessment for Cyber Insurance

Automated IT Controls Testing

Automated Penetration Testing

Continuous Control Monitoring

06


Future of AutobotSensor Equipped

Autobot

01 02 03 04

OT Gateway Autobot

IOT Gateway Autobot

Autobot on Drone

Sensor equipped Autobot can not only monitor cyber attacks on critical infrastructure, but also detect breaches / defects / malfunctions with the help of pressure, smell, vapor sensors.

Can collect logs from OT systems to integrate with IT Systems for monitoring.

Can collect security logs from IOT devices & Systems and can push over Internet to SIEM for central monitoring of remote sites.

Autobot mounted on drones, with RFID and GPS capability, can assist in Asset / Fleet tracking, asset movement and asset inventory reconciliation.

07


08


The success story

09


Oil & GasBackgroundThe client currently operates with around 45000 retail sites of which 18000 are client owned sites and 27000 retail sites operate in the franchisee model. In an endeavor to comply with the PCI-DSS requirement, the client with support from it's service partners, currently conducts an annual penetration testing (PT) exercise on a select set of 120 retail sites.

How did we help

• Conducting Penetration Testing (PT) for sites/Infrastructure with connectivity constraints (viz. slow VSAT connectivity)

• Increased cost due to travel required for manual penetration testing at sites across the globe.

Coverage

• Coverage of the PT of all the remote sites across the globe is minimal due to accessibility and cost

• Delay in getting the complete security posture in near real time encompassing from all sites.

Compliance

• Meeting Regulatory/ Compliance requirements (PCI DSS) for organisations at regular interval.

Understands the retail network and gets itself assigned on their IP address

Identifies live hosts (systems and devices) in the retail network (multiple VLANS)

Captures hosts hostname, MAC address for asset inventory

Identifies vulnerabilities in the host

Automated exploitation of vulnerabilities

Challenges

10


Other Industries use cases

11


12


TelecomBackgroundTelecom Tower Infrastructure spreads across the globe for seamless network connectivity. The new generation telecom network (4G, 5G) hosts many IT equipments.

How can we help




Accessibility

• Installed on remote places and usually unguarded

• Increased cost due to travel required for site maintenance and monitoring of the devices from performance and security perspective

Compliance & Coverage

• Meeting Regulatory / Compliance requirements (eg. Telecom Regulations) by conducting periodic Penetration Testing (PT)


Monitoring

• Absence of mechanisms to continuously monitor any attacks or security posture of the tower equipments

Challenges

13


ManufacturingBackgroundManufacturing plants spread across the globe, for better supply chain of the products. These plants / stores undergo multiple audits such as Statutory Audit for asset, InfoSec Audits etc.

How can we help

Asset Inventory Audit for Statutory


Software License Management Audit

Time Consuming Asset Reconciliation

• Statutory auditors spend significant amount of time in taking stock of the assets at the plants and store

Monitoring ICS Systems

• Absence of security monitoring mechanism for ICS systems at plants

Connectivity

• Connectivity to plants and stores due to their presence in remote sites

Challenges

14


ShippingBackgroundShipping industries operate multiple fleets, which carry many IT systems on board. These are critical and prone to cyber attacks.

How can we help





Connectivity

• Even though ships are equipped with state of the art internet connectivity and GPS, these are not connected to a corporate network

Cyber Attacks

• Since ships are always mobile, these are prone to external cyber attacks

Monitoring

• Since ships are not connected to a corporate network, these are unmanaged and unmonitored

• Delay in getting the complete security posture in near real time encompassing from all sites

Challenges

15


Smart StadiumsBackgroundTo improve digital engagement and in-arena experience for fans, smart stadiums are now IOT enabled to facilitate features like stadium directions, in-seat concessions ordering, games' stats parking availability, digital signage, replays, restroom availability, seat upgrades, loyalty program, players' tracking and safety.

How can we help




Monitoring

• Huge numbers of sensors and systems are deployed for monitoring the movement of players and fans using various features, however security posture of these are not monitored

Cyber Attacks

• Since sensors are IOT enabled, these are prone to various cyber attacks from fans with malicious intent

Challenges

16


Banking, Financial services and Insurance

Connectivity

• Not all branches and ATMs are connected to core banking network over MPLS or High Speed network

Monitoring

• Since ATMs are not connected to a corporate network, they are unmanaged and unmonitored.


Challenges

BackgroundBusiness models demand banks to have their presence in form of branches & ATMs at various parts of the world including cities, villages and remote locations.

How can we helpAutomated Penetration Testing




17


Retail

BackgroundRetail chains spread across the globe with various IT equipments, devices and scanners in each site.

Asset Management & Cost

• Absence of view of the assets at retail sites and its security posture

• Increased cost due to travel required for asset profiling, inventorying and manual penetration testing at sites

Coverage



Compliance

• Meeting Regulatory / Compliance requirements (PCI DSS) for sites at regular interval

Challenges

How can we helpAutomated Penetration Testing



Automated IT Controls Testing

18


AgricultureBackgroundThis industry now heavily relies on modern equipment, IT systems and sensors for faster production and delivery to consumers.

Monitoring

• Huge numbers of sensors and systems are deployed for monitoring the plants, however security posture of these are not monitored

Cyber Attacks

• Since sensors are IOT enabled, these are prone to various cyber attacks

Connectivity

• Agricultural sites are at remote places with slow connectivity

Challenges

How can we help




19


Insurance

How can we help

Site Security Maturity Assessment for Cyber Insurance

Time Consuming

• Insurance companies spend good effort in studying and understanding the security posture of their sites

Cost

• Spend on external consultants to understand their clients' security posture

Connectivity

• Insurance companies are not generally connected to a client environment for remote study

Challenges

BackgroundInsurance industries make huge efforts and bear high costs to gauge the current security postures of their clients before issuing cyber insurance. They rely on external consultants or their team to study the security posture and maturity of their clients.

20


Automotive

How can we help




BackgroundThe Automobile Industry works with it's dealer network for a more efficient distribution of vehicles. The dealer network requires to be connected to the automobile industry for demand-supply insights.

ChallengesMonitoring

• Due to a larger number of dealer networks connected, it is difficult to manage and monitor any security threats coming from them

Cost

• Incurs huge cost in periodic review of the dealer network to ensure security posture and control implementations

21


MiningBackgroundMining industries heavily rely on OT/ICS systems for their operations at remote places. These OT machines are not connected to IT Systems hosted at corporate network.

How can we help


Monitoring

• Due to limitations and constraint in protocols, OT systems are not connected to corporate network, hence not monitored from security and performance prospective centrally

Cyber Attacks

• OT systems are prone to various sophisticated cyber attacks.

Connectivity

• Mining OT systems are hosted at remote places of the world making them difficult to access, and for connectivity

Challenges

22


23


24


Contacts from Deloitte Touche Tohmatsu India LLPShree [email protected]

Maninder [email protected]

Gaurav [email protected]

Santosh [email protected]

25


Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.

This material is prepared by Deloitte Touche Tohmatsu India LLP (DTTILLP). This material (including any information contained in it) is intended to provide general information on a particular subject(s) and is not an exhaustive treatment of such subject(s) or a substitute to obtaining professional services or advice. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. None of DTTILLP, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this material, rendering any kind of investment, legal or other professional advice or services. You should seek specific advice of the relevant professional(s) for these kind of services. This material or information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser.

No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person or entity by reason of access to, use of or reliance on, this material. By using this material or any information contained in it, the user accepts this entire notice and terms of use.

©2018 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited

autobot - iot enabled security - deloitte us · 2020-05-09 · autobot - iot enabled security smart...

Documents