Our team aims to help our customers proactively identify IoT/ICS security vulnerabilities by providing our SACRI solution (Figure 2.0-1, below) that is comprised of several distinct components working together to deliver real-time, actionable device-specific vulnerability data. We strive to become subject matter experts (SME) on any customer-specific/proprietary IoT/ICS technologies that may exist for monitoring and improving our asset catalog accordingly. SACRI, in conjunction with KGI professional engineering services, aims to help USAF understand asset relationship to overall enterprise architecture, proactively highlighting information assurance (IA) challenges and vulnerabilities. Our experience in software development, integration, and O&M ensures a dynamic offering that can be tailored and supported to suit the needs of our customer. KGI will work closely with the USAF customer to customize their SACRI installation, identify any IoT/ICS devices specific to the environment, and provide additional consulting services as needed. The components (Figure 2.0-2, below) of the KGI solution can be summarized as follows. Asset Catalog. A fundamental issue with todays constantly evolving IoT/ICS networks is the baseline identification and tracking of the devices themselves. It is quite common for network owners to allow their connected technology count to outgrow manageable expectations, often resulting in a scattered mess of assets. Our self-discovering catalog component will provide administrators the ability to automatically derive insight into IoT/ICS technologies across their network, giving them a necessary overview of all connected devices -- their operating system, firmware version, IP address, and geolocation (when applicable), etc. Using device forensics, this asset catalog component will help customers achieve a sense of what they have to manage, providing a foundation upon which they can build better security. Dynamic Vulnerability Database. Behind the scenes, our solution will continuously aggregate CVEs (Common Vulnerabilities and Exposures), manufacturer-supplied security recommendations, and other threat data into a centralized repository that will be used as a basis for identifying concerns applicable to the customers device catalog. Industry-standard repositories from NIST and Mitre will be complimented by customized data feeds specific to the technologies in use on the customers network. The solution will cross- reference assets in the device catalog with the dynamic vulnerability database to provide real-time alerts and guidance to the customer when threats are identified and/or action is recommended. If federal legislation like the IoT Cybersecurity Improvement Act of 2020 becomes law, KGI will interface with device compliance requirements set forth by DHS, NIST, and OMB.
