Infralert Uses the CIS Controls for Remediation and Planning
Infralert, Inc. provides professional monitoring and alerting capabilities for network infrastructure. From data ingestion, to analytics (algorithms application), all the way through visualization, and empowerment of security operations. Mr. Alikhan, owner, said that Center for Internet Security Critical Security Controls (CIS Controls) are the primary practices his firm uses to assess an organization's security posture and develop a plan for remediation. Mr. Alikhan is a security professional with over 15 years of experience in a broad range of industries. He stated he likes the CIS Controls because they are "more comprehensive and holistic" than most frameworks.
Using the Controls
According to Mr. Alikhan, the CIS Controls are a good starting point for remediation. Mr. Alikhan stated, "Our clients like them because they provide an understandable framework for improving their security." Infralert performs security assessments and penetration testing based on organizational needs, and generates executive reports with the ranking of exploits to begin their work.
CIS Controls Appreciation
When asked if Mr. Alikhan encounters any challenges with the CIS Controls, Mr. Alikhan stated, "No, our clients appreciate the Controls because we are actually bringing something to the table. They may have heard of the CIS Controls but they do not see them applied in the way they see some of the other standards. That is definitely where the CIS Controls get appreciation." Mr. Alikhan explained the Controls are useful because there are "just 20 general areas to look into and define from an organizational standpoint." Infralert wants to educate organizations about good governance from a technology standpoint and a people standpoint. "We come in and help and guide them with questions."
Mr. Alikhan is seeing more client recognition in 2016 of the CIS Controls with operational IT than corporate IT. This is especially true in the energy industry during real time drilling. Concerns are focused on outsider threats where the areas that become important are wireless access control, data protection, and boundary defenses leading to malware detection. Using tools like CISCO to detect that can go back and restore systems to a previous day and time.
"The CIS Controls are more comprehensive and holistic than most frameworks.”
- Mir Alikhan, Owner, Energy and Utilities Remediation Case
Enforcement and Safety Zones are important yet often overlooked in remediation exercises. The primary focus at this level is to protect the operation and personnel by way of monitoring and enforcing aspects of the overall Industrial Control System (ICS). Energy and Utility entities are governed by Critical Infrastructure Protection (CIP) compliance requirements. However, compliance as many in the industry know, does not necessarily equate security.
To remediate such zones from exploitation, an organization outside the United States met the quad redundancy on premise requirement, and then opted to add two additional instances of their ICS monitoring systems offsite in a hybrid cloud environment developed by The OpenICSTM Foundation, with secure transmission lines utilizing microwave networks. This method kept the organization within the CIP guidelines, but also added layers of protection from attack vectors from Level 0 (Operations Zone) through to Level 5 (Business Zone).
About Mir Alikhan
Mir Alikhan, PMP, CSQE, is a business manager with more than 15 years of project management, business analysis, requirements management, quality management and financial analysis in both the public and private sector. His vast knowledge and experience spans several industries such as Construction, Health Care Management, Health and Human Services, Telecommunications, Publishing, Environmental Management, Seismic Oil & Gas Exploration, Education Management, and the Legal Industry.
Mir was also an elected board member of the Project Management Institute (Austin Chapter). He served as the Chief Operating Officer (COO) and was President-Elect also. Additionally, he is an active member of the American Society for Quality (ASQ) and the Healthcare Information and Management Systems Society (HIMSS). Mir is an ITIL version 3 Foundation certified Project Management Professional (PMP) and Certified Software Quality Engineer (CSQE). He received his Bachelor of Science in Finance from Louisiana Tech University.
About the Center for Internet Security
CIS is a forward-thinking, nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continually refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for state, local, tribal and territorial government entities.