Cybersecurity Processes And Technologies
vemylami
Discussion.docxWhy does Sifers-Grayson need OPSEC -- especially at the test range?
This question is expected to be asked at the morning meeting with the Sifers-Grayson executives. As a Nofsinger consultant, it's your job to have an answer ready. You should focus on identifying critical information & potential sources of threats, e.g. a hacker getting into the RF transmission streams and taking over a test vehicle. (See attached diagram of the test range & communications between it and the Engineering R&D Center.)
Using this week’s readings and additional sources found on your own, prepare a 3 to 5 paragraph "talking points" paper that your team leader can use to respond. Post your paper in this forum for discussion with your teammates.
Use at least 3 authoritative sources in your response and document those sources using a reference list at the end of your posting.
CASE STUDY
Topic: Operational Security, Incident Reporting Requirements, & Data Backup Strategies
Key Concepts:
· Operations Security (OPSEC)
· Cryptography & Encryption
· Safeguarding Controlled Information (DFARS)
· Reporting Requirements for Incidents (DFARS)
· Data Backups as a Supporting Service for Incident Recovery
This week, our focus moves to how IT can and should support IT Operations and Operational Security.
Sifers-Grayson has a test range where the engineers can fly test vehicles and determine if the drones and robots are operating properly. Communications with the test vehicles can occur via radio frequency (RF) transmission using the industrial, scientific, and medical (ISM) radio bands in the 2.4 - 2.5 GHz range. These bands do not require licenses and may be used by anyone for the stated purposes (fixed, mobile amateur). The test vehicles are controlled via hand-held devices at the test range. These devices are also connected to the Internet through wireless connections to a Wireless Access Point.
The test directors and test engineers communicate between the R&D Center and the test range using cellular phones, line of site RF, and microwave communications. For some tests and test vehicles they also use licensed satellite communications through a commercial SATCOM provider. Up until now, Sifers-Grayson has not used encryption technologies to protect the confidentiality and integrity of these communications.
In an early morning meeting with Sifers-Grayson Managers, Nofsinger Consultants advised the company that, at a minimum, it should encrypt its communications to and from the test vehicles. The sticking point in these discussions has been the company's belief that the Federal Communications Commission regulations ban the use of encrypted communications in the radio frequency (RF) bands used by Sifers-Grayson to communicate with test vehicles.
Clearly, a legal opinion is required to settle the issue of whether or not encryption is allowed for the RF bands currently in use.
In the meantime, the company's managers have accepted the Nofsinger recommendations and directed the R&D engineers to look into design changes required to implement encryption at OSI Layer 2 (Data Link Layer and Media Access Control Sub-Layer). They have also agreed to fund a study as to how the engineers should implement encryption at OSI Layer 3 (Network Layer) and OSI Layer 4 (Transport Layer) for each of the affected product lines (industrial control systems, drones, and robots).
At the end of the discussion about encryption, the Sifers-Grayson managers requested that Nofsinger's consultants perform a broader follow-on assessment of the cybersecurity issues arising from the Sifers-Grayson test range.
The Nofsinger team has decided to start their assessment by examining the company's Operations Security practices at the test range and in the engineering research areas of the firm. The five step OPSEC process used by Nofsinger has been adapted from OPSEC assessment methodologies used within the US Department of Defense. This process is:
1. Identify information that is critical to your business or mission
2. Analyze the threat
3. Analyze vulnerabilities and indicators
4. Assess the risk to your organization
5. Develop and apply countermeasures
Using an OPSEC approach will allow the Nofsinger team to determine what sensitive information about the company's operations, contracts, and R&D efforts may be at risk. The findings from this examination will allow Nofsinger to develop recommendations and propose solutions that can improve the security of the testing processes.
RESOURCES
· What is Operational Security?-
https://digitalguardian.com/blog/what-operational-security-five-step-process-best-practices-and-more
· Chapter 8: Cryptography in The InfoSec Handbook
· Read Chapter 12: Virtual Private Networks in The InfoSec Handbook
