Services Industries Cloud Cybersecurity Digital EngineeringNXT HOLMES Geographies

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platforms
Consulting
Infrastructure Services

Client Themes

As a Service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platforms
Consulting
Infrastructure Services

Client Themes

As a Service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public Sector
Retail
Semiconductors
Travel & Transportation
Utilities
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public Sector
Retail
Semiconductors
Travel & Transportation
Utilities
Case Study
Latest Thinking
Solutions
Segments
Offerings
videos
Form
Case Study
Latest Thinking
Solutions
Segments
Offerings
videos
Form
Case study
Latest Thinking
Offerings
Solutions
Form
videos
Case study
Latest Thinking
Offerings
Solutions
Form
videos
Case Study
Latest Thinking
Our Partners
News
Events
Join our Team
Get in Touch
Digital
Case Study
Latest Thinking
Our Partners
News
Events
Join our Team
Get in Touch
Digital
Latest Thinking
Case Study
Offerings
Segments
Solutions
videos
Form
Latest Thinking
Case Study
Offerings
Segments
Solutions
videos
Form
HOLMES™ and Automation Ecosystem
Latest Thinking
Case study
Solutions
Awards, Recognitions & Media
What makes us Different
What?
Why?
How?
Form
videos
Business
IT
Automation Advisory
Representative Applied AI use cases of HOLMES with ecosystem
Business resilience with Wipro HOLMES™ solutions for pandemic assistance
HOLMES™ and Automation Ecosystem
Latest Thinking
Case study
Solutions
Awards, Recognitions & Media
What makes us Different
What?
Why?
How?
Form
videos
Business
IT
Automation Advisory
Representative Applied AI use cases of HOLMES with ecosystem
Business resilience with Wipro HOLMES™ solutions for pandemic assistance

Our Global Presence

Our Showcase Pages Continental Europe View office locations Benelux Nordic Dach France
Our Showcase Pages India & Middle East View office locations India Middle East
Our Showcase Pages India View office locations India English
Our Showcase Pages Asia - Pacific View office locations Asean Korea China Australia Japan (English    Japanese) Taiwan
Our Showcase Pages Africa View office locations Africa
Our Showcase Pages United Kingdom & Ireland View office locations United Kingdom & Ireland
Our Showcase Pages Canada View office locations Canada
Our Showcase Pages United States View office locations United States
Our Showcase Pages Latin America View office locations Brazil (English    Portuguese) Latam > Mexico (English    Spanish)

Our Global Presence

geographies-map.png

Our Showcase Pages

Asean- English
China- English
India- English
Middle East- English
Korea- English
Australia- English
Japan- English
Japan- Japanese
Benelux- English
DACH- English
France- English
Nordic Region- English
United Kingdom & Ireland- English
Brazil- English
Brazil- Portuguese
LATAM- English
Mexico- English
Mexico- Spanish
Africa- English
United States- English
Canada- English
< Saritha Auti

How Safe is Safe Enough?

Services
Industries
Cloud
Cybersecurity
Digital
EngineeringNXT
HOLMES
Geographies
Contact Us
About Wipro
Careers
Locations
Leadership
Investors
Innovation
News & Events
Blogs
Analyst Speak
Products & Platforms
Partner Ecosystem
Sustainability

May | 2014

There is growing unrest among companies regarding the safety of their sensitive data. Importance of securing sensitive data increases multifold when a company is part of the Critical Infrastructure (CI). Few points to ponder about existing security measures and the architecture are - how to classify which data is sensitive? What to secure and what level of security is "appropriate" to secure the critical infrastructure without spending millions of dollars protecting "not so critical" infrastructure?

Governments across the world are waking up and taking notice of Critical Infrastructure Protection (CIP) as one of the highest priorities. With growing threats and attacks targeted at Critical infrastructure companies, there is an impending need for countries to develop a national critical infrastructure strategy which will provide a comprehensive and collaborative approach to enhance the resiliency of critical infrastructure. This common approach will enable stakeholders to respond collectively to risks and concentrate on safeguarding the most vulnerable areas of CI.

It is recommended that the government and the private sector should collaborate to protect a nation’s critical infrastructure. This collaboration calls for the development of trusted partnerships to build regulatory requirements, governance processes, and resilience frameworks jointly based on existing mandates and responsibilities. The figure below explains what the strategy should help achieve.

How Safe is Safe Enough?

Similar to IT Infrastructure, CI has its share of vulnerabilities in a much higher magnitude of impact which is difficult to address due to the proprietary nature of the hardware/OS, multi-vendor environment, legacy devices, and lack of documentation. There is the all-important human factor which influences the Cyber Security posture of a CI primarily through lack of awareness, and difficulties in understanding the paradigm shift of considering security as a business requirement rather than a non-functional requirement.

There are several security governance and operations issues which are attracting adversaries to exploit the CI, such as unpatched devices, 2-way communications on an air-gap network, no baseline security configurations, lack of monitoring and correlation etc. CIs should streamline their operations, categorize assets, define a risk score and outline an acceptable security posture to handle security threats, risks and vulnerabilities in such a way that there is no deviation.

The CI solution platform should address the issues mapping the solution to sector-specific value chain, applying global regulatory requirements and defining points of vulnerability to address known and unknown threat vectors. Cyber security for critical infrastructure should be broadly developed as per the roadmap shown in the illustration below.

How Safe is Safe Enough?

The implications of a CI collapse are huge and need to be looked at from a long-term perspective. Close synergies between the government and the private sector need to be present to develop a comprehensive and robust strategy for thwarting off impending threats from politically motivated groups, cyber criminals and other such rogues. Steps should be taken to ensure CIP across all layers of CI Architecture, with components addressing business and operational processes, applications, data, communication, network and perimeter for IT and Operations Technology Network.

What are your views? Do write in.

About the Author

Saritha Auti has over 17 years of experience in Enterprise Security & Architecture, spanning a wide gamut across product development, application security, systems integration, Enterprise Architecture and security architecture consulting. She heads Enterprise Security Architecture and Industrial Security Practice for Wipro with specific focus on Critical Infrastructure Security. She has devised several security solutions and architecture strategy for Oil & Gas, Telecom, Financial Sectors, Utilities, Defense, and has lead Security Architecture transformation programs.
© 2020 Wipro Limited
Privacy Statement Disclaimer RSS Feed
© 2020 Wipro Limited
X