Stuart O'Brien, Author at Security IT Summit | Forum Events Ltd
  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

53% of manufacturers say operational tech is vulnerable to cyber attack

960 640 Stuart O'Brien

Manufacturing industry security teams are seeing the information technology (IT) and operational technology (OT) environments converging at a rapid pace, but are struggling to safeguard OT assets as they are using the same tools to safeguard their IT infrastructure.

As a result, IT teams can’t keep up with growing volumes of security data or the increasing number of security alerts. They lack the right level of visibility and threat intelligence analysis and don’t have the right staff and skills to handle the cybersecurity workload.

Consequently, business operations are being disrupted and cyber-risk is increasing as more than half of the manufacturing organizations surveyed have experienced some type of cybersecurity incident on their OT systems in the last 12 months taking weeks or months to remediate. 

Those are the conclusions of a report conducted by TrapX Security in partnership with the Enterprise Strategy Group (ESG), which asked 150 cyber and IT professionals directly involved in security strategy, control and operations within manufacturing organisations about their current and future concerns. 

Manufacturing organizations have large and growing investments in IT and OT technology, helping them achieve more agile business processes. As the research reveals, IT and OT integration is fast becoming a best practice. Nearly half (49%) of organisations say that IT and OT infrastructure are tightly integrated while another 45% claim that there is some integration. This integration will only increase as 77% of respondents expect further IT and OT infrastructure convergence in the future. 

However, only 41% percent of organizations employ an IT security team with dedicated OT specialists, while 32% rely on their IT security team alone to protect OT assets. 58% use network technology tactics like IP ranges, VLANs, or microsegmentation to segment IT and OT network traffic. Almost one-quarter (24%) of organizations simply use one common network for IT and OT communications, reducing the visibility and response required for OT-focused attacks.

Common tools and staff may make operational sense, but deploying a plethora of IT security technologies to prepare for the specific threats of OT leaves IT teams unprepared and vulnerable to attack. As illustrated in the research, IT teams are repeatedly overwhelmed by the growing volumes of security data, visibility gaps, and a lack of staff and skills.

Security teams are getting challenged by the growing volumes of security data, and the increasing number of security alerts. 53% believe that their security operations workload exceeds staff capacity. and 37% admitted they must improve their ability to adjust security controls. More than half of surveyed organizations (58%) agreed that threat detection and response has grown more difficult. When asked to provide additional detail on the specific nature of that growing complexity, nearly half (45%) say they are collecting and processing more security telemetry and 43% say that the volume of security alerts has increased.

Manufacturers are still working in the dark though with just under half (44%) citing evolving and changing threats as making threat detection and response more difficult, particularly true as threat actors take advantage of the “fog” of COVID-19.

“The research illustrates a potentially dangerous imbalance between existing security controls and staff capabilities, and a need for more specialized and effective safeguards,” said Jon Oltsik, ESG Senior Principal Analyst and Fellow. “Manufacturing organizations are consolidating their IT and OT environments to achieve economies of scale and enable new types of business processes. Unfortunately, this advancement carries the growing risk of disruptive cyber-attacks. While organizations have deployed numerous technologies for threat detection and response, the data indicates that they are overwhelmed by growing volumes of security data, visibility gaps, and a lack of staff and skills.  Since they can’t address these challenges with more tools or staff, CISOs really need to seek out more creative approaches for threat detection and response.”

As the IT/OT attack surface grows, security teams are spread thinner as they try to keep pace with operations tasks such as threat detection, investigation, incident response, and risk mitigation. 53% agreed that their organization’s OT infrastructure is vulnerable to some type of cyber-attack, while the same number stated that they had already suffered some type of cyber-attack or other security incident in the last 12-24 months that impacted their OT infrastructure. When asked how long it typically takes for their firm to recover from a cyber-attack, 47% of respondents said between one week and one month, resulting in significant and potentially costly downtime for critical systems.

Manufacturing organizations lack the visibility needed for effective threat detection and response – especially regarding OT assets. Consequently, additional security complexity is unacceptable – any new investments they make must help them simplify security processes and get more out of existing tools and staff. 37% said they must improve their ability to see malicious OT activity, 36% say they must improve their ability to understand OT-focused threat intelligence and 35% believe they must improve their ability to effectively patch vulnerable OT assets.

44% of respondents highlighted Deception technology’s invaluable role in helping with threat research (44%), and 56% said that Deception technology can be used for threat detection purposes. More than half of the manufacturing organizations (55%) surveyed use Deception technology today, yet 44% have not made the connection between Deception technology and increased attack visibility.

“This research shows that manufacturing organizations are experiencing real challenges when it comes to threat detection and response, particularly for specialized OT assets that are critical for business operations,” said Ori Bach, CEO of TrapX Security. “This data, and our own experience working with innovators in all sectors of manufacturing, demonstrate there is a clear need for solutions like Deception, which can improve cyber defenses and reduce downtime without the need to install agents or disrupt existing security systems and operations.”

For further insights into the findings, download the full white paper, authored by Jon Oltsik, ESG Senior Principal Analyst and Fellow.

73% of IT execs concerned over remote working security risks

960 640 Stuart O'Brien

73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, highlighting an ‘alarming’ disconnect between confidence in security posture and increased cyberattacks during the global pandemic.

The data from Skybox Research Lab comes after enterprises rapidly shifted to make work from home possible and maintain business productivity. Forced to accelerate digital transformation initiative, this created the perfect storm, the research says.

Skybox Research Lab discovered that 2020 will be a record-breaking year for new vulnerabilities with a 34% increase year-over-year – a leading indicator for the growth of future attacks.

As a result, security teams now have more to protect than ever before. Surveying 295 global executives, the Skybox 2020 “Cybersecurity in the new normal” report found that organizations are overconfident in their security posture, and new strategies are needed to secure a long-term distributed workforce.

Key findings:

  • Deprioritized security tasks increase risk: Over 30% of security executives said software updates and BYOD policies were deprioritized. Further, 42% noted reporting was deprioritized since the onset of the pandemic.
  • Enterprises can’t keep up with the pace: 32% had difficulties validating if network and security configurations undermined security posture. 55% admitted that it was at least moderately difficult for them to validate network and security configurations did not increase risk.
  • Security teams are overconfident in security posture: Only 11% confirmed they could confidently maintain a holistic view of their organizations’ attack surfaces. Shockingly, 93% of security executives were still confident that changes were correctly validated.
  • The distributed workforce is here to stay: 70% of respondents projected that at least one-third of their employees will remain remote 18 months from now.

“Traditional detect-and-respond approaches are no longer enough. A radical new approach is needed – one that is rooted in the development of preventative and prescriptive vulnerability and threat management practices,” said Gidi Cohen, co-founder and CEO, Skybox Security. “To advance change, it is integral that everything, including data and talent, is working towards enriching the security program as a whole.”

To download the full report, visit: https://www.skyboxsecurity.com/security-transformation/

Do you specialise in Network Security Management? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in December we’re focussing on Network Security Management solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Network Security Management solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here’s our full features list:

Dec – Network Security Management
Jan – Anti Virus
Feb – Access Control
Mar – Intrusion Detection & Prevention
Apr – Phishing Detection
May- Advanced Threat Dashboard
Jun – Browser/Web Security
July -Authentication
Aug – Penetration Testing
Sep – Vulnerability Management
Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

Security IT Summit: Registration open for 2021

960 640 Stuart O'Brien

The Security IT Summit brings together industry buyers with innovative and budget-saving solution providers, via a series of online meetings.

Date: 10th & 11th March 2021
Time: 
09:00 – 13:05
Location: 
Virtual

This unique, virtual event will take place across two mornings and is the most time-effective way to meet suppliers, whilst working from your home or office.

Your attendance is entirely free and completely flexible – we create your bespoke itinerary around your diary.

SECURE YOUR COMPLIMENTARY PLACE

STUDY: Covid-19 technologies must be regulated to stop ‘big brother’ society

960 640 Stuart O'Brien

Technologies, such as track and trace apps, used to halt the spread of covid-19 have to be thoroughly examined and regulated before they are rolled out for wider adoption, to ensure they do not normalise a big-brother-like society post-covid-19.

That’s according to research conducted by Jeremy Aroles, Assistant Professor in Organisation Studies at Durham University Business School, alongside Aurélie Leclercq-Vandelannoitte, Professor of Management of Information Systems at IÉSEG School of Management, which draws from the concept of ‘societies of control’, developed by the French philosopher Giles Deleuze, in order to analyse the technologies currently being used to tackle the covid-19 pandemic.

Whilst the study acknowledges the public health benefits of these technologies, the researchers state we must be wary of what technology is rolled out by governments and critically cross-examine these.

Dr. Aroles said: “Presented as ways to curb the immediate progression of the pandemic and improve safety, the acceptance and use of these technologies has become the new “normal” for many of us, therefore it is important that these systems of control are heavily vetted and cross-examined before being rolled out to the wider public.”

The researchers suggest three solutions regarding the development and use of covid-19-related technologies.

First, the public should question the locus of collective responsibility. Increasingly complex systems of control and surveillance have been fuelled by our reliance on technology which, the researchers say, has blurred our understanding of the boundary between “good and bad” or “right and wrong”.

Second, more must be done to raise people’s awareness of how digital technologies work, and the risks of adopting them across society. People are often, rightly, concerned over their privacy and the sharing of their data. It is therefore crucial that these technologies are transparent and actively help individuals fully understand the ramifications of the control systems they’re opting in to.

Third, given that covid-19 tracking technologies are developed by companies for the benefit of governments, it is vital that greater regulation of the partnerships between state authorities and companies is adopted. Alongside this, it is also important that counter-powers such as journalists and the public hold these partnerships to account, to ensure they do not violate the privacy of citizens for financial gain.

The researchers state that it is important the covid-19 pandemic is not utilised as an opportunity to enforce a society of control and to normalise greater surveillance. They suggest that researchers or bodies specialising in the management of information systems should be brought in to supervise the developments of digitally enabled control systems, such as covid-19 apps, and not to abandon them to companies that could violate the privacy of citizens.

Security IT Summit: Save the date!

960 640 Stuart O'Brien

The next Security IT Summit will take place virtually on March 10th & 11th – make sure you register to attend today!

Still offering you the same benefits as the live event – we will bring together the industry’s leading buyers and suppliers together for business collaboration.

Your bespoke place is entirely free and includes benefits such as;

Prepare for every eventuality – We can build you a bespoke 1-2-1 itinerary of meetings with innovative and budget savings suppliers who match your requirements.
Gaining industry insight – Enjoy a series of topical webinars led by industry thought leaders.
Flexibility – Your attendance is flexible, you can either attend for half a day or the whole duration.
Save time – We will handle everything for you, saving you time and money by arranging all the meetings for you based on your requirements.

Click here to secure your free virtual place

Power utilities ‘prioritising cybersecurity’ as threats grow

1024 682 Stuart O'Brien

Power utilities have become more prone to cyberattacks amid the COVID-19 pandemic as attackers have strived to benefit from the rush to remote systems and undermanned facilities.

Utilities need to comprehend the new cyber risks involved with home-based work such as social engineering attacks and less reliable internet connections in order to accordingly set up baseline defences and limit the consequences of cyberattacks, says industry analyst GlobalData.

The firm’s latest report, ‘Thematic Research: Cybersecurity in Power’, reveals that utilities’ investment in cybersecurity – split across technology, services, and internal skills development – will only accelerate as they attempt to address challenges brought about by cyberattacks.

Sneha Susan Elias, Senior Power Analyst at GlobalData, said: “Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control. This potentially provides an opportunity for attackers to target the grid – similar to the attack in Ukraine in December 2015 where hackers attacked three power distribution companies in the country, temporarily disrupting the electricity supply.

“As utility infrastructures become more interconnected, smart and decentralized, a centralized approach to secure them is difficult, and will become increasingly untenable. Central monitoring and oversight is essential but not sufficient, as a central system cannot react quickly enough to threats – especially as control becomes fragmented across numerous systems such as microgrids. As a result, there will be a rising burden on edge elements and local systems to be resilient to cyberattacks, while also having the flexibility to support the resilience of the wider energy system in the case of a cyberattack on the electricity grid.”

Power grids are the main target point for hackers and cyberattacks. Electricity grids depend on industrial control systems (ICS) to provide essential services. If these systems are at risk of a cyberattack, that can pave the way for serious, catastrophic events. However, the growth in cyberwarfare and the rapid proliferation of smart and connected grid components means that investment in cybersecurity will remain a top priority for utility IT departments. As a grid becomes smarter, it also becomes more vulnerable to attack, which can compromise critical infrastructure systems and disclose private user information. 

Elias added: “Utilities need to develop a unified method for security that incorporates both physical and digital security, as well as covers the complete organization. Utilities should adopt cybersecurity measures that can correlate threats across transmission system operator (TSO) systems, industrial control systems (ICS) and operational technology (OT) systems. This is where the role of artificial intelligence (AI) and behavioral analytics, along with ubiquitous Internet of Things (IoT) data comes into play, providing support for the emergence of such solutions.”

An ongoing area of development will be AI analysis of behavioral biometric data. Sophisticated machine learning algorithms can build up a profile of a user’s typical behavior, identify unusual patterns of activity, and highlight potential threats in real-time before they have a chance to materialize. By automatically detecting suspicious data, the whole security process becomes more efficient, preventing the need for a painstaking manual review of log data. IoT, if it moves beyond point applications to encompass analytics and a holistic view of utilities’ infrastructure, could enhance aspects of security by helping manage infrastructure more effectively and monitor unusual patterns. 

Elias added: “The integration of AI with IoT will aid power utilities and security personnel in decreasing false alerts obtained from these systems, and lead to enhanced efficiency of the security teams.”

Do you specialise in Anti Malware? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in November we’re focussing on Anti Malware solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Anti Malware solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here’s our full features list:

Nov – Anti Malware
Dec – Network Security Management
Jan – Anti Virus
Feb – Access Control
Mar – Intrusion Detection & Prevention
Apr – Phishing Detection
May- Advanced Threat Dashboard
Jun – Browser/Web Security
July -Authentication
Aug – Penetration Testing
Sep – Vulnerability Management
Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

Security IT Summit: Last remaining delegate places

960 640 Stuart O'Brien

We would like to invite you and a colleague to our virtual Security IT Summit, taking place Thursday 5th November. 

This one-day virtual event will allow you to meet with selected solution providers for 1-2-1 meetings, and gain access to live and pre-recorded industry webinars.

To view our short virtual event tutorial video, please click here

Attendance is entirely flexible. There are available options to attend for a half-day or full-day – fitting your requests around your time and schedule.

We only have two complimentary passes left – Accept our invitation HERE.

‘Massive’ rise in DDoS and password attacks during pandemic

615 410 Stuart O'Brien

New analysis from F5 Labs has discovered a massive rise in DDoS and password login attacks during the pandemic.

In January, the number of all reported SIRT incidents was half the average reported in previous years. However, as lockdowns were put in place from March onwards, there was a sharp rise in incidents.

The attacks can be categorised into two buckets from January to August this year: Distributed Denial of Service (DDoS) attacks (45%) and password login attacks (43%) which comprised of brute force and credential stuffing attempts.

Other findings include:

  • DDoS attacks surge 3x in March: DDoS made up only a tenth of reported incidents in January, but grew to three times that of all incidents in March.
  • No ‘spring slump’ for DDoS: Typically, DDoS attacks see a ‘spring slump’, but these rose in April 2020. In fact, DDoS attacks targeting web apps increased six-fold from 4% in 2019 to 26% in 2020.
  • Attacks are diversifying: The number of DDoS attacks reported to the SIRT and identified as DNS amplification attacks nearly doubled (31%) this year along with DNS Query Flood which is also on the rise.
  • DDoS most popular in APAC with 83% of attacks: Meanwhile, EMEA saw the next highest with 54%.
  • 67% of all SIRT-reported attacks on retailers in 2020 were passwords attacks: A rise of 27% on last year. This was to be expected as the pandemic has caused a huge shift from in-store sales to online

Full details can be found here: https://www.f5.com/labs/articles/threat-intelligence/how-cyber-attacks-changed-during-the-pandemic.