Adaptive Security for Automatic Protection of Data

Abstract

AbstractBig industrial infrastructures are dependant on automatic control systems, among which Supervisory Control and Data Acquisition (SCADA) systems have the largest coverage area. SCADA concept gradually developed from not connected systems to Intranet connected (to Management Information System (MIS)) and, at the present day, to Internet connected (to ERP systems-Enterprise Resource Planning), completely integrated into IT networks. This IT to SCADA inter-connection has brought the advantage of availability and ease of control, but also the security threats that affect traditional IT networks: malware infections, viruses and data theft. The impressive development driven by the last generation SCADA systems is reflected in adopting the technology and software programs specific to IT industry; as a result, SCADA systems are also more vulnerable to cyber attacks due to the fact that networks inter-connection exposes a higher number of security holes that can be exploited. Every control system connected by a local network to Internet becomes vulnerable to data leakage, so prevention actions have to be taken; to that effect, Data Loss Prevention (DLP) is defined as a set of technologies and products designed to prevent organization sensitive data leakage and loss. The paper presents the design and implementation of a cybersecurity system that provides protection against intended or accidental data leakage, in particular for a SCADA system case study. Moreover, this system is intended to analyze behaviours and specific events in order to adapt to possible threats before they actually occur, thus defining an adaptive cybersecurity solution.KeywordsAdaptive securityDLP technologyData protection