White Cyber Knight – a Risk Assessment Tool for Network Resilience Evaluation

The Communication Sector is one of the areas which, over the past several years, evolved most significantly and caused revolutions in both system-wide and system-use aspects. These revolutions have resulted in many communication networks being set up without adequate consideration of the risks involved. The existing RM (Risk Management) concepts are high level, and must be adapted to cope with the specific needs and risks of the communication world. This article aims to: • Analyze the main existing RM concepts and point out those which can be applied to complex communication systems. • Define the specific elements which need to be examined while assessing the risks to communication systems, and define how RM software can aid in the process. The use of RM applications applied specifically to critical and complex communication systems can significantly assist in bridging the gap in communication systems RM which was created in the past few years, and cut down IT Management costs. Introduction: Risk Management in Telecom Today Today, increasingly complex and IT-dependent digital elements (computers, networks, contents, etc.) or infrastructures are at the center of our lives; they constitute the essential pillars of our communication, economic, social and institutional infrastructures. Security and threat mitigation within those systems has thus implicitly become a fundamental stake for the citizen (to preserve his privacy), for the company (to protect digital assets and transactions), and for the states (to protect their critical infrastructures, and ensure the smooth continuity of the government and government services, etc.) Generalized access to infrastructures like the Internet or mobile 3G telephone infrastructures has profoundly modified users’ behaviors and has radically changed the risks they and the infrastructures are facing. Although several security measures exist, trust in the digital world is not sufficient for several reasons. On the one hand, security technologies are not yet widespread due to the complexity involved in deploying them. On the other hand, ICT (Information and Communication Technologies) are particularly vulnerable due to the heterogeneity of systems, terminals, users, and infrastructures, which all require regular upgrades, and to the interconnectivity of infrastructures, the mobility of the users, and the facility to launch remote or distributed attacks. Risk assessment is therefore an essential stake in our societies, and it remains a burden because of its complexity. Actually, it is necessary to adopt a global vision that takes into account not only technical elements like cryptographic protocols used to provide confidentiality or infrastructures resilience, but also economic aspects like the impact an attack could have on the business or on the corporate image of a company. Interdependencies between infrastructures will also play a major role in the near future since they will certainly be exploited to build attacks using their interplay, while the attacked infrastructure may not necessarily be the final designated target. The effects of such attacks will be disseminated rapidly through a domino effect and the chain of events will be difficult to predict or control in time before a major breakdown happens. Therefore, infrastructure and service risk and crisis management must play an increasing role: since it is impossible to make a system error-free and invulnerable, it is necessary to cope with identifiable, controllable and quantifiable risks. This must be accomplished through various types of actions: the design of efficient risk assessment tools, the development of crisis management models, the certification of systems and products, etc. In subsequent sections of the paper, we will first examine the challenges related to complex risk management in telecommunication. We will then present existing frameworks and methodologies for risk analysis. Then, we will focus on specific parameters for telecom risk assessment and provide an example evaluation checklist. Finally, we will introduce WCK (White Cyber Knight), a software tool which constitutes a possible answer to risk assessment requirements. Dealing with Complex Risk Management Challenges The growing field of risk management plays an important role in mitigating and managing risks of complex and distributed architectures and environments. However, this field is not yet fully standardized, and different RM methods cover different RM aspects. Within the different frameworks which currently exist for assessing risk in such environments, many methods are very high level oriented. From industry inputs, there is little use of these methodologies by IT operations staff on a day-to-day basis. The products used often include software tools that address specific IT platforms, and lack the "over-all" security assessment ability. In order to adapt these frameworks towards a more practical application for the telecom world, a layer of additional analysis is needed; such a layer must rely upon a thorough and multi-faceted understanding of the telecom world's unique business needs and requirements, and its specific systems and protocols. This assessment layer should include concrete checklists which will adhere to these parameters. Practical methodologies that can bridge this gap are required. These should enable the identification of critical paths through an understanding of the telecommunications unique business processes as well as the ability to apply an additional assessment layer which deals with the specific parameters which will be discussed in this article. A solution to the complex problems we have stated here lies in utilizing a combination of 3 realms: • RM framework or methodology layer which includes risk analysis • Controls and policies – IT governance layer • Specific checklists (detailed controls) or questionnaires aimed to identify the telecom specific vulnerabilities IT Governance and Management (RM Life Cycle) Security Governance (Assessment Fields) Detailed Controls (Technical, Policy, Operational) COBIT, ITIL ISO17799, ISF, GAISP, OCTAVE, SysTrust NIST, CIS, FFIEC, EESA Evaluate Using Automated Software Tool Figure 1: Describes how these 3 elements operate and interact RM Framework or Methodology Layer Which Includes Risk Analysis The following are examples of some of the leading RM frameworks: • Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE®): The Octave approach is a systematic way for an organization to address its information 1 http://www.cert.org/octave/ security risks, sorting through the complex web of organizational and technological issues. The OCTAVE approach includes a set of criteria that defines the requirements for a comprehensive, self-directed information security risk evaluation, and a set of methods consistent with the criteria. Octave was developed by Software Engineering Institute at Carnegie Mellon University. COBIT® • Information and related Technology, is an • complete system that combines different : COBIT, Control Objectives for IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT® is Sponsored and funded by the IT Governance Institute (affiliate of the Information Systems Audit and Control Association). The Framework emphasizes best practices and leverages other recognized methodologies and tools such as COSO, ISO, ITIL, NIST and AICPA. Its Focus is on helping leaders understand and manage the risks relating to IT and the links between the management process, the technical questions, the need for control and the risks Thales SHIELDTM: Thales SHIELD is a areas from intelligence gathering and analysis, communications and network security, physical security to crisis management, to provide a fully integrated solution for nations, regions and institutions potentially vulnerable to intrusive security strikes or threats. Figure 2: the COBIT® risk assessment framework Focusing on the RM framework layer, in this context we will recommend COBIT® as a risk • It is one of the only RM frameworks which deal with organizational processes. ganization to speak the management framework, due to the following advantages: • It is a well respected and recognized tool even by regulators. • It is an excellent methodology for getting various parts of an or same language. 2 http://www.isaca.org/cobit/ 3 http://shield.thalesgroup.com/ • t IT in general not just at security, and it includes detailed • cutives and provides an excellent • with other methods, which makes it an open Controls and Policies – IT Governance Layer ISO 17799 COBIT® looks a assessment domains, systems and programs. It facilitates communication with top level exe management perspective (e.g., CMM). It was planned and designed to interface framework.