Assessing risk and preventing cyberattacks

11 Nov 2019
copy
  • Top of page
  • Main text
  • More on this topic
copy

PMU’s innovative cybersecurity modelling is disrupting the disruptors on numerous fronts

That cybersecurity is a growing concern for businesses and governments around the world is an understatement. The 2019 World Economic Forum Global Risks Report ranked cyberattacks among its top five global risks. The cost of cyberattacks in 2018 was a reported $600 billion (£466 billion) – up from $445 billion in 2014. The expenditure on cybersecurity, meanwhile, was recorded at $114 billion in 2018. This figure is expected to more than double by 2025.

This situation is stark and likely to get worse because of the increase in connected items that make up the Internet of Things (IoT). It is predicted that the number of IoT devices will rise to 38.5 billion in 2020, up from 13.4 billion in 2015, and then to a staggering 75 billion in 2025.

It is against this dramatic backdrop that a dynamic cybersecurity modelling initiative is being undertaken by Nazeeruddin Mohammad from the College of Computer Engineering and Science at Prince Mohammad bin Fahd University in Saudi Arabia.

Because of its strategic and influential global significance, Saudi Arabia is no stranger to cyberattacks, be they intended to destroy information, sabotage industrial control systems or to steal intellectual property, Dr Mohammad explains. In the past seven years, there have been many serious attacks on different industries and sectors. Among these were a number on petrochemical-related industries such as Saudi Arabia’s state oil company, Aramco, which witnessed a major attack on its networking infrastructure during 2012. It has since been reported that Saudi Arabia was subjected to many severe cyberattacks.

“PMU felt we had a responsibility to start initiatives in response,” says Dr Mohammad. That response, originating from PMU’s new Cybersecurity Centre, is titled “A Multi-Tiered Defense Model for the Security Analysis of Critical Facilities in Smart Cities” and was launched on 15 October 2019.

Placing itself at the heart of an evermore interconnected world, the model is multilayered.

“The first aim was to provide a generic model for all critical facilities and give an overview of how all endpoint devices – eg, sensors, actuators, laptops – were interacting with each other,” says Dr Mohammad. “This helps identify the components most likely to be attacked or compromised. We also modelled the attacks, looking at the various ways different components could be compromised by disruptors – in other words, the ‘attack vectors’.”

Having identified these attack vectors, the second stage of the modelling was to examine various possible attack scenarios. “This stage looks at which defence is the most effective – eg, it may be encrypted links – and it included the human element and the variables around that, such as workload and knowledge or experience. This can help a company identify whether money is better spent on training as opposed to implementing new security measures, for example.”

This part of the modelling is particularly pertinent, as recent studies have uncovered that more and more IT and security staff are relying on AI for their system needs. As well as being expensive to implement, this can mean they are also creating extra vulnerabilities.

So far, PMU’s attack modelling has been rolled out over two, as yet unpublished, case studies – one for smart electricity grids and one for smart cars. The models will be expanded in scale and scope; for example, in the case of smart cars, from in-car security to vehicle-to-vehicle security (smart cars communicating with each other).

“The plan for the future is to add other features to the model to cover other areas,” says Dr Mohammad. “This will attract undergraduate and graduate students to work in the area. They will be able to choose from various specialisms – e-commerce, manufacturing, embedded systems, cyber physical systems and so on – and they will further expand our research.”

In its efforts to bring training courses in line with curriculum, PMU is talking to various different vendors in cybersecurity, end-point security, firewall security, SIEM and penetration testing, such as Cisco, IBM, Palo Alto Networks and Check Point, to establish labs in the university that cover both security incident and event management, and security operations.

The key performance indicators applied to the project may include non-academic ones, such as how many different types of industries or services are covered and, within that, how many cyberattack scenarios are covered. Then, from an academic perspective: the number of publications and journals that cover the research and the quality of those journals, how successful the graduate programme is in terms of student numbers, and how many cybersecurity training programmes are offered to non-graduates and what their feedback is.

The real-world impact of the modelling research could be massive. With the costs of cleaning up after cyberattacks and the expenditure laid out to prevent them so high, Dr Mohammad believes that “anything reducing cyberattacks is going to be welcomed, and this innovation will have an impact by informing businesses of risks and reducing their costs”. Crucially, the modelling process will also help IT and security personnel keep an informed eye on their operational technology and learn from any mistakes that occur.

While smart modelling is taking up much of PMU’s Cybersecurity Centre’s bandwidth, there is still ambition for the centre to make a mark in other, related areas. For example, in the pipeline is a project in which students will examine the use of blockchain in smart city security to understand the risks involved. There is an extra relevance to this exercise with the ongoing work on Neom, the futuristic smart city planned in the northwest of Saudi Arabia, near the Red Sea and its border with Egypt and Jordan.

As this project suggests, Saudi Arabia is at the forefront of smart city planning. PMU’s Cybersecurity Centre will play a pivotal role in protecting that venture along with defending the current infrastructure of business and government, both in Saudi Arabia and beyond.

More information about Prince Mohammad Bin Fahd University