1.IoT & IIoT security (Highlight energy sector) or IOT AND OPERATIONAL TECHNOLOGY
IoT security solutions should be aimed at ensuring the security of the IoT ecosystem (Smart City, Smart Home, Smart Transportation, IIoT) can be implemented in software or hardware. A software implementation can be a set of programs that analyze data at the level of data transmission of network packets (to prevent bruteforce attacks, prevent transmitting data using an insecure protocol, analyze malicious activity in the IoT ecosystem …) and/or ensure security at the level of the IoT operating system (prevention of 0day attacks, management of standard passwords of IoT systems …).
The implementation of SCADA system security can be aimed at ensuring
1. management access control and segregation of duties.
2. Firewalls, intrusion detection and prevention systems for SCADA systems.
3. SCADA protocol analyses and cryptography, key management.
5. Device and operating system security.
2. Web, Mobile and Desktop Application Security
The implementation of protection in this area is to develop and create products that will
- Monitor and find complex attacks on web, api and desktop applications
- Implement application code protection against reverse engineering
- Finding outdated 3th party dependencies that contain known vulnerabilities
- Creating a solution for finding and patching vulnerabilities in the web, as well as desktop applications
3. Endpoint and Devices (DATA PROTECTION AND LOSS PREVENTION)
Ensuring the safety of endpoints is to analyze the data transmitted and stored both between network devices, physical storage media (flash drives, external HDD / SSD, smartphones) as well as BYOD, CYOD, COPE, COBO.
The solution being developed should identify and prevent the following threats:
- Checks to identify new types of malicious applications
- Theft of corporate and private information from End devices
The technical solution to this problem should be properly monitoring installed software patches, as well as creating rules for fixing 0day vulnerabilities, which have appeared in a public sources but still officially do not have a fix.
5. Network Security
Network security and malicious activity analysis is to create a software, hardware or software-hardware solution, possibly using artificial intelligence.
The solution can be aimed at searching and detecting the following types of attackers and their malicious activity
- Malicious insider
- Careless insider
- A mole
- Remote attacker
- APT attacks
The solution should implement the collection, storage and analysis of a large amount of network traffic, which will make it possible to analyze and evaluate the damage in case of successful penetration into the network.
6. Cloud Security
The decision to ensure information security in this area can be aimed at ensuring the security of cloud servers such as On-Promises, IaaS, PaaS, SaaS, FaaS or etc.
The information security solution can be implemented both at the hardware level and at the software level for the following levels
- User Access
- Operation System
- Network Traffic
7. Identity and Access Managment
IAM solutions should solve the following tasks:
- Centralized IAM Integrated Management Solution
- The solution should control and simplify access control both in traditional data centers, in private clouds, public clouds and in a hybrid combination of platforms.
- Using SSO to solve password managing problems.
- Automate the provision and revocation of user access rights to business information.