10 easy to deploy steps for better Industrial Control Systems (ICS) security

Cyber Security, Featured, Manufacturing, OT / Prayukth K V

Last week the Biden Administration announced the extension of the Industrial Control Systems (ICS) Cybersecurity Initiative to the water and wastewater treatment facilities. ICS across sectors is at risk from targeted cyberattacks. This is especially true of ICS connected with critical infrastructure. Thus this announcement comes as no surprise with more sectors being recognized as critical, the role of ICS cybersecurity in national economies in addition to the success of businesses has now come under the scanner. What is the nature of threats to ICS? The Colonial Pipeline, JBS Foods, and other high-profile incidents that occurred in the recent past have shown that security risks and attacks connected with ICS are growing These are some of the reasons why the threats to ICS are growing: Use of legacy systems that cannot be scanned for vulnerabilities or threats. In many such systems, patching is unheard of as the OEM might have already shut shop as some of these devices were manufactured almost three decades ago ICS operation and maintenance practices are not aligned to the cybersecurity practices that are being currently followed in many organizations Often there is no dedicated team managing the cybersecurity needs of ICS and the IT security team is tasked with securing them. The IT teams may not be trained to secure such systems OT and ICS systems were purpose-built to serve specific needs and nothing more. So to get them to accommodate security in their day-to-day function is near impossible Partial automation in some instances have led to newer security concerns Lack of visibility into the functioning of these systems has proven to be a significant barrier What can be done to secure ICS? Rising breaches in ICS and OT systems have made cybersecurity teams sit up and take notice of ICS security gaps emerging from these systems. Thus, attempts are being made to launch programs to secure them and to contain threats and risks to such systems. These are the steps that Sectrio proposes to businesses and governments that wish to secure their ICS: Access management: to ensure physical and digital security in systems that are fully or partially automated Inventory management: know how many ICS systems are there and what exactly does each component do Threat detection and neutralization: curb malicious activity at all levels Vendor management: work with vendors to improve ICS security wherever possible Risk reduction: go for ICS security solutions that improve ICS and OT cybersecurity without creating any significant disruption Micro segmentation: segment networks and infrastructure into manageable bits and evolve and deploy micro security policies that can be better administered Security audits: development and application of unique security policies and procedures that are custom developed for control system network and its devices. This will also help sensitize security teams and other stakeholders on the need to pay attention to OT and ICS security Vulnerability assessment: period assessment of vulnerabilities at all levels should help plug gaps Security of data transfers: across networks, data transfer should be done in a secure and with adequate authentication Deploy workflow improvements to enhance security and operational transparency Wish to develop an OT security policy? We have something to get you going here: OT Security Policy Talk to our regional cybersecurity experts in North America, the Middle East, APAC, and Latin America to understand how to secure your regional ICS, OT, and IoT systems. Learn about easy to deploy compliance kits to help your regulatory compliance initiatives. Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now. Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. Get access to enriched IoT-focused cyber threat intelligence for free for 15 days Download our CISO IoT and OT security handbook Access our latest Global Threat Landscape report

10 easy to deploy steps for better Industrial Control Systems (ICS) security Read More »

Key to cyber resilience IoT OT threat detection without delays og

Key to cyber resilience: IoT and OT threat detection without delays

Critical Infrastructure Security and Resilience Month, IoT, OT / Prayukth K V

Cyber Threat Detection: When detecting a threat on your network, every millisecond counts. Any latency in threat detection will give the malware more time to spread or even accept commands from the command and control entity to change to make detection harder. How accelerated and real-time threat detection can help you? In cyberspace, when it comes to IoT and OT cybersecurity, sophisticated hackers do count on a lag in detection (in enterprises) while engineering their malware and planning their breach strategy. This is why in the case of complex malware, hackers may program it to deploy in batches while accumulating code packets from the C&C unit to take advantage of a delay in detection (also aided by low footprint activities of the malware). The induced latency on the part of cybersecurity solutions may arise for many reasons. Sometimes it is due to some cybersecurity vendors using myriad solutions that are ‘sutured together’ to form a rudimentary detection engine. By the time data moves from one end of the detection cycle to another, the malware would have got a chance to spread upstream and downstream and into devices and would have already communicated with the C&C unit and shared data. In other instances, it could also be because the solution is acting at the device level or is a post-facto detector which means that it can only detect malware once it has crossed a certain level of activity in the network. All of these could potentially slow down response and weaken cyber resilience measures and open up new avenues for hackers to exploit. Sectrio’s Threat Detection engine does not suffer from such disadvantages. The solution works as a single agile unit across the network to identify and flag threats and suspicious traffic in real-time. In addition to three layers of threat detection, it is also powered by the largest IoT and OT focused threat intelligence gathering facility in the world spread across 75 cities. This helps in identifying the latest malware as and when they emerge giving hackers no time to exploit gaps. With Sectrio, threat detection is rendered a pro-active activity as threats are identified before they have a chance to spread, unlike some of the IoT and OT cybersecurity solutions and vendors out there that work in post-facto mode. Sectrio’s customers are thus rendered secure and do not have to worry about any challenges posed by any deficiency in their solution. Don’t pay for latency or post-facto detection. Get real-time and early detection with Sectrio, the leading IoT and OT cybersecurity vendor. See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. Get access to enriched IoT-focused cyber threat intelligence for free for 15 days Download our CISO IoT and OT security handbook Access our latest Global Threat Landscape report

Key to cyber resilience: IoT and OT threat detection without delays Read More »

Cybersecurity is the need of the hour banner

GITEX 2021 key takeaway: OT and IoT cybersecurity is the need of the hour

OT, Cybersecurity awareness month, Utilities / Naveen Hemanna

Sectrio showcased its OT and IoT security solutions and threat intelligence offerings at the event. Through meetings and discussions with cybersecurity leaders, we were able to get a pulse on cybersecurity priorities in the region. As GITEX 2021, the most coveted and attended tech event in the Middle East region got over last week. We are sharing key insights from GITEX 2021 in this post. Why is OT and IoT cybersecurity the need of the hour? Wish to learn more about managing vulnerabilities, monitoring your networks, and detecting threats? We are offering a free threat assessment exclusively for select businesses. To claim yours, do share your details here.

GITEX 2021 key takeaway: OT and IoT cybersecurity is the need of the hour Read More »

Cyber securing connected OT and IoT infrastructure in the Middle East

Cyber Security, Cybersecurity awareness month, IoT, OT / Prayukth K V

In the last 15 days, hackers in the Middle East and Africa region have added another sector to the list of their targets in the region. Cyberattacks on healthcare facilities in the region rose significantly over baseline levels during this period. Let us examine the causes and implications of this trend. Since 2019, we have seen cyberattacks by regional APT groups rise substantially. The primary targets were oil and gas facilities and utility infrastructure including facilities related to water treatment and distribution. These tit-for-tat attacks spilled over into the healthcare sector and now many established healthcare facilities are being targeted in the region. The common factor in both these segments is the potential for impacting ordinary citizens. As we have seen in the last 6 years, APT hackers often target facilities that can cause maximum disruption. Research by Sectrio has shown that hackers were targeting critical infrastructure through reconnaissance malware. Since most of these attacks went unchallenged within the networks of targeted institutions, hackers were able to gather plenty of information on data flow behavior within networks, security measures, device architectures, connection configurations, and information on privileges. Hackers used this data along with hijacked smart devices such as web cameras, connected home automation hardware, and connected devices deployed by manufacturers to target high-value infrastructure in the region. We expect such attacks to continue till the fall of 2024. This forecast is based on past cybersecurity measures we have seen in the region. Cyberattacks will continue to evolve in the meantime. The only way businesses can protect themselves is by investing in the right measures to contain cyberattacks and increase the distance between them and the hackers. These include: Developing a more comprehensive understanding of device topology to know what is connected and exactly what it is doing on the network Frequent vulnerability scans to detect and address vulnerabilities early OT and IoT devices should be checked for CVE vulnerabilities Operate with an OT-IoT-IT risk management model that emphasizes early detection and mitigation of threats Adopt cybersecurity frameworks such as Zero trust and IEC 62443 Use micro-segmentation to deploy granular cybersecurity policies as also to prevent lateral movement of malware Manage privileges Allow all components of the infrastructure to earn trust for connectivity and end-use Use the right threat intelligence to identify the latest and relevant threats We are offering a free OT-IoT cybersecurity assessment slot for select businesses in the Middle East and Africa region at GITEX 2021. Walk into H2-D1 at the World Trade Center or give us your details here to claim this offer.In case you prefer a more detailed meeting, do reach out to us at info@sectrio.com Don’t miss out on this exclusive offer. Book your free slot now.

Cyber securing connected OT and IoT infrastructure in the Middle East Read More »

By Industry

By Compliance

Business Needs

Services

Contact Us