Story image

Utilities and critical infrastructure providers must improve cybersecurity

06 Jun 2018

Critical infrastructure and utilities providers need to do more to understand the risks that cyber attacks bring, particularly as those providers adopt new and emerging technologies.

That’s according to ForeScout, who says those providers need to take appropriate steps to protect themselves.

“Utilities and critical infrastructure used to benefit from being air-gapped from other systems. In other words, they weren’t connected to a network so the only way they could be compromised was if an attacker gained physical access to assets,” explains ForeScout CMO Steve Redman.

“Now that businesses are adopting automation and the Industrial Internet of Things (IIoT) utilities and critical infrastructure are being exposed to more cyberthreats. Each automated and connected IIoT device is a potential entry point into a company network, and must be treated as such.” 

With Gartner forecasting that there may be 20 billion connected devices by 2020, 25% of all attacks may come via IoT devices.

However if every device is a potential weak point, this may hold back advancements in automation and IIoT, ForeScout warns.

“Utilities and critical infrastructure are juicy targets for hackers because of their critical nature; taking them offline even for a short amount of time can cause significant disruption that could, in extreme cases, turn into civil unrest. Similarly, taking this infrastructure down could also jeopardise the country’s defences, depending on what infrastructure is targeted and how severe the attack is,” Redman explains.

ForeScout provides five key considerations to improve security:

1. Downtime. Operational technology and critical infrastructure can’t go offline, so it’s important to be able to monitor the security status of this infrastructure without switching it off. Passive security techniques let businesses see, classify, and monitor network-connected devices without disrupting operations.  2. Legacy equipment. Legacy devices that were never meant to be connected to the internet weren’t designed with security and cyberattacks in mind. It’s essential to monitor the network activities of this newly-connected equipment and look out for uncharacteristic actions to protect the business.  3. Financial investment. Many organisations invested in legacy equipment with the expectation that these machines would last decades before being replaced. Upgrading this equipment to make it more secure requires additional investment, which may not have been budgeted for.  4. Awareness. With security breaches affecting the bottom line, improving awareness of the need for security has become somewhat easier, but there is still more to be done. Humans are generally the biggest threat due to a combination of innocent mistakes and malicious actions, so it’s essential to educate team members regarding their security responsibilities and how they can contribute to a more secure organisation.  5. Business case. Investing in modern security infrastructure is essential but many business leaders don’t see the urgency. Creating a business case for investment is complicated by the fact that, rather than demonstrating a net gain for the company, it is considered to merely prevent a loss. Mitigating cyberattacks and saving IT staff time are essential components of a strong business.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.