17 C
London
Wednesday, October 5, 2022

How to stay ahead of cyber attacks on critical infrastructure and operational technology?

Must read

Apparently electric kettles now have WiFi too • londonbusinessblog.com

If you've swam in the warm water of high-quality decanters, you've no doubt come across the Fellow and his Stagg EKG kettle. The...

Apollo launches GraphOS, its end-to-end supergraph platform • londonbusinessblog.com

GraphQL Company Apollo today announced the launch of GraphOS, a new end-to-end platform intended to help businesses build, connect and scale what the company...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

5 tips I wish I knew before starting my business

Opinions expressed by londonbusinessblog.com contributors are their own. At the very beginning of my entrepreneurial career, I remember wondering how to get started and what...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Francis Cianfrocca – CEO, InsightCyber

It is no longer just computer networks that are under siege by cyber criminals. Consider This: In April, America’s Top National Security Agencies issued a warning Describe in detail how cyber attackers gain greater access to operational technology (OT), the connected devices and systems in control Toolstransportation, production, oil and gas facilitieshospitals and other critical sectors.

The stakes couldn’t be higher. In reality, Gartner predicts that by 2025, cyber attackers will have armed OT systems to successfully injure or kill people. This should give everyone a chill. And for leaders, it should lead to initiatives to find new methods of dealing with the threat.

Here are some steps business leaders, CIOs, and people responsible for security operations can take to better secure cyber-physical systems.

Understand that OT and IT are worlds apart.

Too often organizations lump OT together with IT: the computers, networks and data that are the lifeblood of business. However, they are different domains. You can’t just extend the security approaches used in IT and expect them to work for OT.

For example, PCs, laptops and servers are designed to be regularly updated and patched. It was clear from the start that IT environments had to be managed with security in mind. That’s why today we have established practices for protecting IT systems and data. Not so with OT. You cannot patch most OT devices because they are running on firmware or no longer work as intended. Cybersecurity was never a design priority because most OT systems have only recently been brought into the world of IP networks (in the past they ran on proprietary systems, often in isolated environments).

It is also important to note that the data generated by OT devices is fundamentally different in structure and content than data from IT devices. This is important because IT security uses advanced tools that understand and analyze traffic to diagnose problems. Adding OT data is like injecting a foreign language; you can enter it in the tools, but you can’t understand it practically.

Protecting OT means finding new approaches to cyber-physical security.

Don’t use 20th century practices for 21st century problems.

I’ve found that the cornerstone of IT cybersecurity has long been to focus on vulnerabilities. The attitude is defensive: Keep a list of every attack that has worked in the past and watch for signs that another attack is taking place. The hard work of IT security teams is to monitor the company’s ongoing network activity and look for known malware, data signatures, or other evidence of problems. This is untenable for protecting the unknown waters of OT.

Society cannot afford to wait for new disasters. I think a much more effective approach is to focus on attacks, not vulnerabilities. If you can immediately identify the small operational anomalies that signal the early stages of a complex attack, you stand a good chance of avoiding serious damage.

Until recently this was impossible. But thanks to advances in AI, it is now possible to effectively apply behavioral analytics to devices. My company and others in the industry have worked to create AI solutions that are adept at recognizing patterns and detecting subtle irregularities with a speed, scale, and precision that humans cannot match. Applied in an OT environment, AI can tell you what is happening with any connected asset in different geographies, networks and facilities in an organization, and spot early indications of potential problems.

Generate the right kind of inventory.

You cannot protect what you cannot see. A good way to start protecting OT is to ask if your organization has a reliable inventory of all devices across the organization. If you’re honest, the answer is probably no.

One of the open secrets in IT and OT is that it is virtually impossible to create an accurate inventory with today’s tools. This keeps managers up at night, as compliance and risk regulations require many organizations to express trust in their infrastructure and data.

To meet this challenge, you’ll need to explore new solutions to automate continuous discovery of all connected devices, so you know which devices are turned on, off, or communicating with other devices — and when. Make sure your tools understand OT’s unique language and can translate it into terms your systems recognize.

This level of visibility is essential for baseline operations. But for cybersecurity there is more.

You may know what a device should do, but do you know when it’s rogue? When a smart light switch starts sending encrypted data to an IP address in Asia, there is technically no failure because the design of the device allows such behavior. Therefore, it will not be identified as a problem by current security tools. But there isn’t a security manager in the world who doesn’t want to know about it.

Take action early to limit damage later.

After breaching corporate environments, adversaries often spend weeks or months undetected reconnaissance as they prepare to launch a coordinated attack. When they finally strike, those responsible for safety think to themselves: If only we had seen it!

It reminds me of a story a colleague once told me. One day he saw a black ant on the floor in his house. A small alarm went off in his head, but he crushed the intruder and continued on his way. A few weeks later, he saw three more. A month passed. Then suddenly there were black ants everywhere. A visit from the exterminator soon revealed an expensive and rapidly spreading plague. He said to himself, “If only I had noticed that first ant!”

I’ve noticed that cyber-attacks never strike like lightning. Not even in the wide open world of OT. The bad ones build up over time and usually leave little clues, like that black ant.

The goal is not to keep hackers away, because unfortunately effective attacks will always be with us. Instead, the focus should be on finding new ways to recognize what’s happening in the environment and taking action early enough to prevent attacks that could lead to human disaster.


londonbusinessblog.com Business Council is the leading growth and networking organization for entrepreneurs and leaders. Am I eligible?


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Apparently electric kettles now have WiFi too • londonbusinessblog.com

If you've swam in the warm water of high-quality decanters, you've no doubt come across the Fellow and his Stagg EKG kettle. The...

Apollo launches GraphOS, its end-to-end supergraph platform • londonbusinessblog.com

GraphQL Company Apollo today announced the launch of GraphOS, a new end-to-end platform intended to help businesses build, connect and scale what the company...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

5 tips I wish I knew before starting my business

Opinions expressed by londonbusinessblog.com contributors are their own. At the very beginning of my entrepreneurial career, I remember wondering how to get started and what...

The Untold Truth of Louis CK’s Ex-Wife

Who is Alix Bailey? Alix Bailey was born in Washington USA on February 3, 1967 – her zodiac sign is Aquarius and she is of...