The National Academies Press

Currently Skimming:

Pages 81-97

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 81... ... 81 Chapter 5 Countermeasures: Protection of Operational Systems There are countermeasures and approaches that transportation agencies can utilize to reduce risks and mitigate impacts of cyber incidents. Significant work has been accomplished in cybersecurity, especially in the areas of IT/network security and most recently in control system (ICS) Read the entire page →
From page 82... ... 82 address operational conditions that are "actively targeted and exploited", (2) those that address known "initial entry points", (3) Read the entire page →
From page 83... ... 83 • Cyber Hygiene • Boundary Defense and Network Separation • Configuration Management The rest of this chapter will address each of these in turn, starting with cyber hygiene – the basic practices that can improve cybersecurity. Cyber Hygiene Annual cybersecurity surveys regularly find that only a small percentage of cyber breaches (3% in 2012) Read the entire page →
From page 84... ... 84 network or hardware without permission. • Making passwords complex and changing passwords regularly (every 45-90 days) Read the entire page →
From page 85... ... 85 jeopardy. Physical damage can compromise cyber assets. Read the entire page →
From page 86... ... 86 Selected Access Control Technical Resources: NIST SP: 800-73-2, Interfaces for Personal Identity Verification (4 parts) , September 2008. Read the entire page →
From page 87... ... 87 Organizations includes an extensive catalog of management, operational and technical security controls that can be applied to transportation agencies as well. Data Security and Information Protection Basics • Protect data-at-rest and data-in-transit with encryption, when possible. Read the entire page →
From page 88... ... 88 Selected Data Security Technical Resources: NIST SP 800-53 Rev 4, Recommended Security and Privacy Controls for Federal Information Systems and Organizations, 2013. NIST SP: 800-57 Recommendation for Key Management, March 2007 Part 1, General (Revised) Read the entire page →
From page 89... ... 89 recommended practice. In some transportation systems, physical isolation of one network from another or air gapping, has been considered as a security technique. Read the entire page →
From page 90... ... 90 Figure 17: Typical Transportation System Network with Countermeasures Figure 18: Typical Transportation System Network without Countermeasures Read the entire page →
From page 91... ... 91 It is critical to be aware of how and what systems are connected in agency networks. For example, it is not uncommon to connect HVAC equipment to the rest of the network. Read the entire page →
From page 92... ... 92 Configuration Management Basics • Create and maintain a baseline configuration of information technology and control systems. • Follow strict configuration management. Read the entire page →
From page 93... ... 93 raises the issues of separating agency data from private data. Applying controls to the data rather than the device may be a more practical solution. Read the entire page →
From page 94... ... 94 Monitoring and Detection Many resources have cited the importance of monitoring, logging, and analyzing successful and attempted intrusions to systems/networks as a critical component of cybersecurity. These elements are essential to "establishing a continuing process for security improvement". Read the entire page →
From page 95... ... 95 Selected Monitoring and Detection Technical Resources NIST SP: 800-12, An Introduction to Computer Security: The NIST Handbook. NIST SP: 800-61, Rev 2, Computer Security Incident Handling Guide, 2012. Read the entire page →
From page 96... ... 96 Figure 19: CSET Four Step Process In December, 2012, the DHS conducted a two-day onsite consultation and assisted MARTA in using CSET. Based on MARTA's answers to questions on the consequences of a successful cyber attack, Security Assurance Levels (SALs) Read the entire page →
From page 97... ... 97 ICS Administrative-level Access Control results identified gaps and were matched with APTA controls. They were then analyzed according to Availability, Probability, and Severity. Read the entire page →

From page 81...

... 81 Chapter 5 Countermeasures: Protection of Operational Systems There are countermeasures and approaches that transportation agencies can utilize to reduce risks and mitigate impacts of cyber incidents. Significant work has been accomplished in cybersecurity, especially in the areas of IT/network security and most recently in control system (ICS)