This page is fully or partially automatically translated.

Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Header of macmon secure GmbH
Forums it-sa Expo Knowledge Forum C

No panic on the Titanic - How to prevent the security disaster of an industrial network with NAC

What do security measures on the Titanic and an industrial network have in common?

calendar_today Thu, 12.10.2023, 11:45 - 12:00

event_available On site

place Forum, Booth 7-641

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Network Security / Patch Management

Key Facts

  • Cyber Robustness: Minimise Damage, Preserve Functions
  • Automated isolation for security
  • Parallels in cyber security: layers of protection on tit

Event

This action is part of the event Forums it-sa Expo

Action Video

grafischer Background
close

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

The RMS Titanic, the largest passenger ship in the world at the time, considered unsinkable, tragically sank on its maiden voyage on April 15, 1912 after striking an iceberg off the coast of Newfoundland. The loss of over 1,500 lives marked one of the worst disasters in shipping history.
The Titanic, which we today always associate with its tragedy and uncertainty, was, however, a very modern and very safe ship for its time. More than 2.5 hours passed between the collision with the iceberg at 11:45 p.m. and the time it sank. This time made it possible for some passengers to leave the ship safely and, despite poor organization in the allocation of seats, to save themselves in the lifeboats. At least a third of the passengers were able to survive. Individual safety mechanisms on the Titanic worked as designed and enabled at least the evacuation of hundreds of passengers.

Similar to the Titanic disaster, IT managers in industrial companies today often find themselves faced with sometimes hopeless situations during a cyber attack. In an attack situation that can often remain undetected for a long time, as with the construction of the Titanic, the previously designed and implemented security and structural measures are important. Surprisingly, these measures and their effects show certain similarities to the well-known steamship. We therefore attempt a somewhat daring comparison between structural measures to protect the passenger ship and measures to protect a network. A little warning up front: some analogies fit very well, others require a bit of imagination.

An important design and protection feature of the Titanic was its waterproof partitions, which were installed transversely to the direction of travel. These partitions divided the ship into a total of 16 compartments. This meant that even if any two compartments were completely flooded, the ship could still be kept afloat. When compartments were flooded towards the stern, three or four could have flooded without the ship sinking. Unfortunately, the iceberg tore into six compartments over a length of 90 meters. Nevertheless, the Titanic was able to stay afloat for a considerable time. In addition, state-of-the-art, automatically closing bulkhead doors were installed to seal off the departments. These were triggered by a swimmer without human intervention, which allowed the doors to close even when departments were already flooding.

One goal in achieving robustness against cyber attacks in an industrial network is to limit the damage to the system and keep as many areas as possible still safe and functional. This goal coincides with the goals of shipbuilders and therefore it is not surprising that the measures taken to achieve this goal are also very similar. Instead of divisions, zones are introduced, which hinder the attacker's progress at the zone borders. In Ethernet industrial networks, this zoning is usually achieved by dividing the system into subnets. At the boundaries of the subnets, the traffic is then limited by firewalls or deep packet inspection packet filters. However, a purely architectural topological division of a network into subnets is complex and inflexible. In practice, a VLAN-based division is usually used - combined with a network access control solution - in order to keep the necessary organization and configuration to a manageable extent. With the help of this NAC solution, individual devices can even be isolated or partially isolated from the network in an emergency to prevent the threat from spreading. Similar to the floats in the doors of the Titanic, this can also be done automatically, allowing a quick response even without constant human monitoring.
... read more

Language: German

Questions and Answers: No

Speaker

show more
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.