Presenting the 2022 CISO checklist for cybersecurity success

Cyber Security, ICS, IoT, OT / Prayukth K V

As per the findings of PwC’s recent annual CEO survey, CEOs across the globe have ranked cybersecurity risks as a bigger concern than the ongoing Covid-19 pandemic, economic volatility, or even climate change. The survey, covering 4,446 CEOs from 89 countries and territories has offered specific data points around Asia-Pacific, India, Mexico, Central, and Eastern Europe, Malaysia, among other countries. The increasing attention that cybersecurity is receiving comes in the backdrop of a steep rise in cyberattacks globally and in the countries mentioned above. Rising cyber concerns are also underscoring the growing role of CISOs across sectors. With increasing geopolitical concerns in Ukraine, UAE, and in other parts of Asia, cybersecurity leaders and CISOs are also dealing with other challenges such as: Rising regulatory requirements Strained budgets Lack of resources Compartmentalization of security across organizational silos Talent shortages Specific Organizational cybersecurity posture concerns that are not on the Board’s radar Burn out and overwhelmed by the pandemic and the disruption caused by it The role of CISOs has been evolving over the last few years with businesses giving them a larger say in the way businesses are run and a share of voice in the decisions of the board. However, in many institutions, the post of CISO has just been created or the role functions with many dependencies on other non-c-suite positions leading to a situation where the support they receive is not timely or is inadequate. What can CISOs do to address such challenges? Democratize cybersecurity: run bug bounty programs and tabletop exercises by involving employees across the organization. Involve more stakeholders across decision-making layers and teams in all cybersecurity programs Pay attention to vulnerabilities: running vulnerability scans in a disciplined manner and taking prompt action on identified weaknesses and gaps can go a long way in increasing the distance between your assets and a cyber adversary. This should go with other measures such as micro segmenting networks, creating zones of digital priority, and maintaining an updated inventory of all assets and their functions. Promote a culture of pro-active compliance: many standards/frameworks proposed by (or that are part of) NIST, NERC-CIP, IEC 62443, and Zero Trust can be implemented with very little effort and by a simple rejig of operating processes, workflows, and inter-device interactions. Such measures can be taken up for immediate execution. (Check out our compliance kits for more information on how to get this done). Such measures should be taken up routinely and ingrained in the culture of the organization. Build and track cybersecurity checklists: across facilities and systems such as SCADA, PLC, industrial control systems, health and safety systems, remote management systems etc. Address institutional inertia: this is especially true of businesses that have been around for a while. Decisions taken to counter emerging threats to critical asserts may get stuck in layers of decision-making within the organization. By the time the decision is taken, it may be a case of too little too late. IT-OT and IT-IoT convergence zones or other such zones where different tech streams overlap should receive additional cybersecurity attention. Track API usage: while APIs help ease integration challenges, they are among the biggest sources for cyberattacks. Hackers have been known to use APIs as conduits to open target networks. See if APIs used by your organization are leaking data or access Clearly define tangible risks and provide solutions: CISOs have been doing this for a while. It is now time to take things to a different level. Identify scenarios that could harm institutional credibility and trust and link them to specific weaknesses or cybersecurity gaps and suggest solutions to address each gap See what your peers are up to: learn more about how they are dealing with similar challenges Watch out for regulatory advisories: in the last 3 weeks, there has been a flurry of advisories from various regulators connected with the ongoing Russia-Ukraine crisis. Such advisories can be passed on to all employees and used to generate cybersecurity awareness on the need to stay alert Study the cybersecurity practices of your vendors and supply chain partners: this may provide some fascinating insights into improving your cybersecurity posture while recommending ways to address gaps in the cybersecurity posture of your vendors and partners may help you earn more collaboration in the future when dealing with a cybersecurity event or for meeting a regulatory demand In sectors such as oil and gas, manufacturing, and utilities, cybersecurity audits should be done with the same level of diligence as that which goes into a health and safety and/or environment safety audit. Avoid burnout: delegate tasks beyond your immediate team. Identify cybersecurity champions from across teams and get them to help your team promote a cybersecurity culture of excellence and diligence Try our rich IoT and OT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio. Visit our compliance center to advance your compliance measures to NIST and IEC standards: Compliance Center Get access to enriched IoT-focused cyber threat intelligence for free for 15 days Download our CISO IoT and OT security handbook Access our latest Global Threat Landscape report

Presenting the 2022 CISO checklist for cybersecurity success Read More »

Getting your basic cybersecurity practices right

Basic IoT and OT security practices that can significantly reduce your cyber risks

Cyber Security, IoT, OT / Prayukth K V

[et_pb_section admin_label=”section”] [et_pb_row admin_label=”row”] [et_pb_column type=”4_4″][et_pb_text admin_label=”Text”] When it comes to IoT and OT security, vendors will tell you how important it is to have a cybersecurity solution in place. Yes, one cannot keep hackers at bay using firewalls or air gaps alone. But in addition to a cybersecurity solution, your industrial control systems (ICS), SCADA systems, PLCs, networks, and IoT devices can certainly do with a lot more diligence in formulating and deploying cybersecurity best practices. We are talking about simple practices that can improve your odds in the fight against hackers and cybercrime. We have put together a few of these important IoT and OT security measures here: Improve patch management: this includes automating the discovery of unpatched systems and application of patches as and when they are made available. The entire lifecycle including the discovery of devices and systems, patch approval, distribution of updates, system and device reboot and finally logging of patch status should be automated Your cybersecurity team should ideally track Common Vulnerabilities and Exposures (CVEs) announcements and in case a patch for a vulnerability is not made available immediately, you can reach out to the OEM and ask for it or quarantine the affected systems till the patch is released. Vulnerabilities as old as months and years have been used in recent instances of ransomware attacks Know what is connected and why: in some oil and gas, and industrial control system deployments, we came across devices that were of 90’s vintage and not only were they unpatched for years together, but the OT operator in this case was not quite sure about the role of some of the devices. Your device and infrastructure inventory has to be updated frequently and these updates should be managed centrally by an inventory management team Run tabletop exercise, simulate an event: see how various teams respond to a IoT and OT Security incident, and more importantly, figure out how much of your data and infrastructure is at risk. This is not just from a cyberattack, but also missteps or mistakes in decision-making in the aftermath. It is better to have these errors show up during drills rather than during a real cyberattack Conduct audits at least once a month to ensure that you are adequately prepared to handle an incident from threat detection to neutralization and continuity of business perspective Always pay more attention to health and safety equipment and controls. Ensure that they are tamper-proof and working with adequate levels of IoT and OT security Sensitize employees on the need to be risk aware at all times. Convey a number to indicate the potential loss that the business could incur because of a cyberattack. This number should be based on analyzed data rather than raw assumptions. These small steps can go a long way in securing your business and in raising awareness among employees. Beyond this, you can also look at going for IoT and OT focused threat intelligence, micro segmentation, and employee certification on cybersecurity to improve your overall IoT and OT security posture. Try our rich IoT and OT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio. Visit our compliance center to advance your compliance measures to NIST and IEC standards: Compliance Center Get access to enriched IoT-focused cyber threat intelligence for free for 15 days Download our CISO IoT and OT security handbook Access our latest Global Threat Landscape report [/et_pb_text][/et_pb_column] [/et_pb_row] [/et_pb_section]

Basic IoT and OT security practices that can significantly reduce your cyber risks Read More »

Key to cyber resilience IoT OT threat detection without delays og

Key to cyber resilience: IoT and OT threat detection without delays

Critical Infrastructure Security and Resilience Month, IoT, OT / Prayukth K V

Cyber Threat Detection: When detecting a threat on your network, every millisecond counts. Any latency in threat detection will give the malware more time to spread or even accept commands from the command and control entity to change to make detection harder. How accelerated and real-time threat detection can help you? In cyberspace, when it comes to IoT and OT cybersecurity, sophisticated hackers do count on a lag in detection (in enterprises) while engineering their malware and planning their breach strategy. This is why in the case of complex malware, hackers may program it to deploy in batches while accumulating code packets from the C&C unit to take advantage of a delay in detection (also aided by low footprint activities of the malware). The induced latency on the part of cybersecurity solutions may arise for many reasons. Sometimes it is due to some cybersecurity vendors using myriad solutions that are ‘sutured together’ to form a rudimentary detection engine. By the time data moves from one end of the detection cycle to another, the malware would have got a chance to spread upstream and downstream and into devices and would have already communicated with the C&C unit and shared data. In other instances, it could also be because the solution is acting at the device level or is a post-facto detector which means that it can only detect malware once it has crossed a certain level of activity in the network. All of these could potentially slow down response and weaken cyber resilience measures and open up new avenues for hackers to exploit. Sectrio’s Threat Detection engine does not suffer from such disadvantages. The solution works as a single agile unit across the network to identify and flag threats and suspicious traffic in real-time. In addition to three layers of threat detection, it is also powered by the largest IoT and OT focused threat intelligence gathering facility in the world spread across 75 cities. This helps in identifying the latest malware as and when they emerge giving hackers no time to exploit gaps. With Sectrio, threat detection is rendered a pro-active activity as threats are identified before they have a chance to spread, unlike some of the IoT and OT cybersecurity solutions and vendors out there that work in post-facto mode. Sectrio’s customers are thus rendered secure and do not have to worry about any challenges posed by any deficiency in their solution. Don’t pay for latency or post-facto detection. Get real-time and early detection with Sectrio, the leading IoT and OT cybersecurity vendor. See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. Get access to enriched IoT-focused cyber threat intelligence for free for 15 days Download our CISO IoT and OT security handbook Access our latest Global Threat Landscape report

Key to cyber resilience: IoT and OT threat detection without delays Read More »

Cyber securing connected OT and IoT infrastructure in the Middle East

Cyber Security, Cybersecurity awareness month, IoT, OT / Prayukth K V

In the last 15 days, hackers in the Middle East and Africa region have added another sector to the list of their targets in the region. Cyberattacks on healthcare facilities in the region rose significantly over baseline levels during this period. Let us examine the causes and implications of this trend. Since 2019, we have seen cyberattacks by regional APT groups rise substantially. The primary targets were oil and gas facilities and utility infrastructure including facilities related to water treatment and distribution. These tit-for-tat attacks spilled over into the healthcare sector and now many established healthcare facilities are being targeted in the region. The common factor in both these segments is the potential for impacting ordinary citizens. As we have seen in the last 6 years, APT hackers often target facilities that can cause maximum disruption. Research by Sectrio has shown that hackers were targeting critical infrastructure through reconnaissance malware. Since most of these attacks went unchallenged within the networks of targeted institutions, hackers were able to gather plenty of information on data flow behavior within networks, security measures, device architectures, connection configurations, and information on privileges. Hackers used this data along with hijacked smart devices such as web cameras, connected home automation hardware, and connected devices deployed by manufacturers to target high-value infrastructure in the region. We expect such attacks to continue till the fall of 2024. This forecast is based on past cybersecurity measures we have seen in the region. Cyberattacks will continue to evolve in the meantime. The only way businesses can protect themselves is by investing in the right measures to contain cyberattacks and increase the distance between them and the hackers. These include: Developing a more comprehensive understanding of device topology to know what is connected and exactly what it is doing on the network Frequent vulnerability scans to detect and address vulnerabilities early OT and IoT devices should be checked for CVE vulnerabilities Operate with an OT-IoT-IT risk management model that emphasizes early detection and mitigation of threats Adopt cybersecurity frameworks such as Zero trust and IEC 62443 Use micro-segmentation to deploy granular cybersecurity policies as also to prevent lateral movement of malware Manage privileges Allow all components of the infrastructure to earn trust for connectivity and end-use Use the right threat intelligence to identify the latest and relevant threats We are offering a free OT-IoT cybersecurity assessment slot for select businesses in the Middle East and Africa region at GITEX 2021. Walk into H2-D1 at the World Trade Center or give us your details here to claim this offer.In case you prefer a more detailed meeting, do reach out to us at info@sectrio.com Don’t miss out on this exclusive offer. Book your free slot now.

Cyber securing connected OT and IoT infrastructure in the Middle East Read More »

Don’t miss this critical cybersecurity requirement

IoT / Prayukth K V

Targeted attacks on supply chains connected with various sectors rose significantly in the last 8 months, according to various research firms. And this is just the tip of the iceberg as these findings relate to existing threats or threats that have been identified. There could be many new ones lurking in the Dark Web and elsewhere. Most information security leaders tend to ignore the potency of unknown threats. This is because the security architecture in most enterprises and projects doesn’t permit adequate versatility to understand and identify latent threats to deal with them. The problem is compounded by security practices based on restrictive network activities at the perimeter rather. This means that a threat that somehow manages to trick the perimeter-based security mechanism is free to wreak havoc inside the core network. Unfortunately, even the compliance mandates that are prevailing in various countries also fail to encourage businesses and other entities to look into emerging threats through a combination of insights, forecasts, and sheer imagination. Besides, thanks to the increasing diversity of processes and devices, it is easy to lose track of baseline cybersecurity requirements with every increase in surface area. No matter what your network architecture, industry, or level of security sophistication, gaps could arise during periods of transition, capacity expansion, or infusion of new technology. The addition of IoT exponentially amplifies the threat factor. In another survey, over 70 percent of cybersecurity practitioners reported some level of unfamiliarity with threats that emerge in converged environments spanning IT, OT, and IoT. Unfortunately, these converged environments represent the event horizon – a vista that presents infinite possibilities for hackers, malware developers, and threat actors to exploit. Converged environments needn’t be your organizational Achilles heel. Instead, such environments can be harnessed for testing new tech and workflows to improve efficiency, data analytics, and insights as also improving your cybersecurity posture and providing depth to your cyber resilience strategies. Connect with natalie.smith@subex.com to learn how you can join 30 percent of leaders who have successfully addressed this threat. Read our latest threat landscape report here to learn about cyber threats you need to know about. Proof: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats

Don’t miss this critical cybersecurity requirement Read More »

By Industry

By Compliance

Business Needs

Services

Contact Us