Sectrio

Global Risks Report | IoT/OT Cyberattacks Impact on the Market and What Should Be Done to Prepare?

Audio Transcript

Preetham intro by Damon

The global risk report 2021 World economic Forum. It is a matrix of the top challenges, the world will face in the next 10 years. On the left hand side. You have the impact access. The higher it is rated the higher. The impact example, weapons of mass destruction. Is there obviously there was a weapon of mass destruction. We have a very high impact, infectious diseases up there to look at covid-19. And on the horizontal access is likelihood farther to the, right is the more likely it is farther to the left is less likely. So again, Ben’s a mass destruction, if you can see, it’s in the upper left. It’s very high impact, but low likelihood. We’re as infectious disease again, the latest endemic we’ve gone through and seem to be going through again. It’s up there, in the very upper right quadrant. And so that’s where you really want to focus as far as some of the upcoming challenges. If you see cyber security, failure is in the high impact, High likelihood cotton quadrant right there in the middle. So more than likely isn’t as we’ve seen over the past couple of years attacks. Exploits issues starting to ramp up. We’re going to see This more. So in the next 10 years to the tune of, it’s just going to keep going getting worse. Unless action is taken. So I think that’s a good segue to started to go to some of the market impacts what we should do, and then press them will talk a little bit more about kind of the trends that we’re seeing and some of the associated actions. Thanks.

Preetham:

Thank you so much for getting into the land and what the cyber threat landscape looks like in the operational Technology space rights of an alarming question. Every security leader in the industry is asking. How do I keep my secured historically most of my network which has a ton of integrated with Internet works. They have coming in cloud infrastructure coming and now we cannot say that are operational techno and IPL Hotel integrated infrastructure that coming across the industry verticals that you see anything sending everybody would have the

Top 10 most popular types of attacks that the adversaries are targeting organisations to get recently that was one of the highest impact that we saw in 2021 JVS foods largest manufacturing company in the country were added to the water systems and the critical infrastructure definitely Hospital in 2020 is not seen the death this year. We seem quite a lot of Healthcare manufacturing organisations still continuing to build on their critical infrastructure.

Controlling rights when we talk about visibility and zoning 11231. If you look at it says that 60% of the organisations are in the first phase of their resolution against a nucleotide based on a breach that has been occurred or based on a directive that has been provided by the board of directors their single the c-suite or something like the peace and security critical infrastructure and Standards that has been Limited industry 10% for PC is looking at tractor cyber resilience in their operational technology, which means I need to have Dedicated solutions that can look at my operational Technology historically, my country has been using vulnerability scanners Discovery asset inventory systems, and micro segmentation technology but that is not going to scale across my open network. So I need to have a view into both devices what OTA payments are communicating with what other out within the network and also how they are connecting with my it so clearly defining different Sone techniques have this ability across your is mounted a Soft Solutions that security l a going and trying out a conductive Pilots proof-of-concept are all in international detection of mitigation of just having one single approach is not going to scale companies historical.

From TM difference having strong Firewall rules, the adversary S password using selective inventory using different the writer attack that clearly articulate. Now also has a dedicated focus on building the tactics techniques and procedures for in a work in progress along with the 12 controls that they already had other introducing some of them specific to the skeletal system specific to that. If its techniques that are being used for the network’s so that I directional automatic detection methodologies is something that critical the marking a rule based detection methods are good, but we want something more to you have the ability to Goa

Dinosaur multiple sources, do you have the ability to print the behavioral model? What is mine anomalous behaviour of mining operation operation Technology ideas are communicating over a period of time and where do I need to take that call that this is how many different clearview is something busy differentiated layers of protection. So you need to have a different layers that can help you protect a lot of questions lot of comments people from our customer engagement. Is that why we want to protect the Crown jewels of our industry from

My perimeter weather right now bring in real time protection and each of these things. Now you take it across the different zones or click play to production. Do I have 3 what is there on my 3.54 and understand this is looking at the coronavirus started looking. So there has been a constant debate that the traditional model may or may not exist anymore in the next 10 years. But at least for the foreseeable future, we will need to have a lot of those that can actually support their existing infrastructure and the context of their security. So likely it is that if I have a security mechanism for security pastor that is that has been deployed on my network for the last 20 30 years. This critical infrastructure network that’s not going to get so I need to know have the context of how my industrial control systems in terms of introduction of IoT-OT-IT in terms of the cloud on different sorts of applications which are coming in and required to help those processes or because I get data driven insights into the reduction techniques to also focus security by design security has to be across the entire life cycle of this new revolution, right? So that’s why we drink a lot of context aware security strategy be glad when in a context, where is does my business owner knows what kind of an ability is a n All does my security and more than this device which media exposed to certain type of vulnerabilities to I have a risk due to take informed decisions in different strategies that most of the security leaders as companies are point and this is one of the impacts of what we have seen this year and finally having a specific dedicated sim, which not replaced their existing solutions that developed using but to add as an overlay to add as a complimentary technology that can enhance the current security posture is the kind of an approach that PC based on the current trends within the market.

Scroll to Top