How  SGN  Used  Attack  Path  Mapping  to  Control  Privileged  Access  in  the  Cloud

Mo  Ahddoud

SCT15S

SECURITY

Chief  Information  Security  OfficerSGN

2 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS

©  2017  CA.  All  rights  reserved.  All  trademarks  referenced  herein  belong  to  their  respective  companies.

The  content  provided  in  this CA  World  2017  presentation  is  intended  for  informational  purposes  only  and  does  not  form  any  type  of  warranty. The information  provided  by  a  CA  partner  and/or  CA  customer  has  not  been  reviewed  for  accuracy  by  CA.  

For  Informational  Purposes  Only  Terms  of  This  Presentation

3 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS

Abstract

As  one  of  the  most  forward  thinking  critical  infrastructure  companies  in  the  UK,  SGN  is  blazing  a  trail  by  becoming  the  first  UK  critical  infrastructure  company  to  run  100%  in  the  cloud  and  using  innovative  IoT  technologies  to  revolutionize  the  management  of  gas  pipelines.  To  manage  the  risk,  SGN  embarked  on  a  mission  to  shape  the  attack  path  of  intruders.  In  this  session,  Mo  Ahddoud,  CISO  at  SGN  will  share  how  he  used  a  technique  called  attack  path  mapping  to  put  privileged  access  at  the  center  of  SGN's  digital  transformation.

MoAhddoudSGNCISO

Mo  Ahddoud,  CISO

HOW  CA  PRIVILEGED  ACCESS  (CA  PAM)  HELPED  SGN    SECURELY  ADOPT  AWS  

5

Who  Are  SGN?

• 5.0bn RAV  (March  2016)• 74,000km network  length• 5.9million customers• c4500 FTEs  employees• 1.1bn revenues  (2015/16)• 15,907 new  connections  2015/16• 139TWh energy  distributed  • 960km pipes  replaced  in 2015/16

6

Digital  Transformation  

Change -­‐ a  measurable,  physical  difference.      

Transformation – an  extreme  radical,  change  that  drives  an  organisation  in  a  new  direction  and  takes  it  to  an  entirely  different  functional  level.    

• Internet  of  Things• Customer  Experience• Digital  Workforce  • Cloud  First  

TRANSFORMINGTHE  WAY  THE  BUSINESS  OPERATES  

8

Our  Business  Strategy  

• Reduced  totex• Increased  agility  • Resilience  availability• New  innovation    • Improved  Security    

Devolution  of  IT  

TAKE  “IT”  OFF  OF  THE  CRITICAL  PATH

9

Supply  ChainThe  Cloud  Hopper    

10

• Unpatched  systems• Fragmented  solution• Obsolete  technology  • Convoluted  value  chain

Business  Complexity  

11

Attack  Path  Mapping  

• Prioritise  on  likely  attack  paths• Ensure  you  can  detect• Reduce  the  network  footprint

Internal  Phishing

AccessingUser  Mailbox

AccessingInternal  Apps

AccessFile  share

12

The  heart  of  our  security  strategy

Privileged  Access  Management  

Virtual  Datacentre  BuildDatacentre  Security  Testing

Cloud  Monitoring

ServiceNowPPM  and  Cloud  Management

Cloud  Networking  and  Security

Integration  &  API  catalogue

Cloud  Sign-­on

Application  MigrationApplication    

Discovery  Due  Diligence

Operational  Model Service  Transition  and  Support

Cloud  Programme  Management  and  support

Delivery  Framework  Definition

Architecture  Governance

Procurement  and  

Commercials

Office  365  Technical    Migration

Office  365  Business  Migration

Automated  Testing

CA  PrivilegedAccess  Manager

13

• Ticket  Authorisation  • Timebound  • Remove  Passwords• Audit  and  Verify

Protecting  Apps  and  Data

Amazon  Web  Services

14

• NCSC• Lighthouse  partnership

Collaboration  &  Partnership  

15

Thank  You  for  Listening_____

Any  Questions?

16 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS

Security

For  more  information  on  Security,please  visit:  http://cainc.to/CAW17-­Security