IT Archives - Security IT Summit | Forum Events Ltd
  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

IT

53% of manufacturers say operational tech is vulnerable to cyber attack

960 640 Stuart O'Brien

Manufacturing industry security teams are seeing the information technology (IT) and operational technology (OT) environments converging at a rapid pace, but are struggling to safeguard OT assets as they are using the same tools to safeguard their IT infrastructure.

As a result, IT teams can’t keep up with growing volumes of security data or the increasing number of security alerts. They lack the right level of visibility and threat intelligence analysis and don’t have the right staff and skills to handle the cybersecurity workload.

Consequently, business operations are being disrupted and cyber-risk is increasing as more than half of the manufacturing organizations surveyed have experienced some type of cybersecurity incident on their OT systems in the last 12 months taking weeks or months to remediate. 

Those are the conclusions of a report conducted by TrapX Security in partnership with the Enterprise Strategy Group (ESG), which asked 150 cyber and IT professionals directly involved in security strategy, control and operations within manufacturing organisations about their current and future concerns. 

Manufacturing organizations have large and growing investments in IT and OT technology, helping them achieve more agile business processes. As the research reveals, IT and OT integration is fast becoming a best practice. Nearly half (49%) of organisations say that IT and OT infrastructure are tightly integrated while another 45% claim that there is some integration. This integration will only increase as 77% of respondents expect further IT and OT infrastructure convergence in the future. 

However, only 41% percent of organizations employ an IT security team with dedicated OT specialists, while 32% rely on their IT security team alone to protect OT assets. 58% use network technology tactics like IP ranges, VLANs, or microsegmentation to segment IT and OT network traffic. Almost one-quarter (24%) of organizations simply use one common network for IT and OT communications, reducing the visibility and response required for OT-focused attacks.

Common tools and staff may make operational sense, but deploying a plethora of IT security technologies to prepare for the specific threats of OT leaves IT teams unprepared and vulnerable to attack. As illustrated in the research, IT teams are repeatedly overwhelmed by the growing volumes of security data, visibility gaps, and a lack of staff and skills.

Security teams are getting challenged by the growing volumes of security data, and the increasing number of security alerts. 53% believe that their security operations workload exceeds staff capacity. and 37% admitted they must improve their ability to adjust security controls. More than half of surveyed organizations (58%) agreed that threat detection and response has grown more difficult. When asked to provide additional detail on the specific nature of that growing complexity, nearly half (45%) say they are collecting and processing more security telemetry and 43% say that the volume of security alerts has increased.

Manufacturers are still working in the dark though with just under half (44%) citing evolving and changing threats as making threat detection and response more difficult, particularly true as threat actors take advantage of the “fog” of COVID-19.

“The research illustrates a potentially dangerous imbalance between existing security controls and staff capabilities, and a need for more specialized and effective safeguards,” said Jon Oltsik, ESG Senior Principal Analyst and Fellow. “Manufacturing organizations are consolidating their IT and OT environments to achieve economies of scale and enable new types of business processes. Unfortunately, this advancement carries the growing risk of disruptive cyber-attacks. While organizations have deployed numerous technologies for threat detection and response, the data indicates that they are overwhelmed by growing volumes of security data, visibility gaps, and a lack of staff and skills.  Since they can’t address these challenges with more tools or staff, CISOs really need to seek out more creative approaches for threat detection and response.”

As the IT/OT attack surface grows, security teams are spread thinner as they try to keep pace with operations tasks such as threat detection, investigation, incident response, and risk mitigation. 53% agreed that their organization’s OT infrastructure is vulnerable to some type of cyber-attack, while the same number stated that they had already suffered some type of cyber-attack or other security incident in the last 12-24 months that impacted their OT infrastructure. When asked how long it typically takes for their firm to recover from a cyber-attack, 47% of respondents said between one week and one month, resulting in significant and potentially costly downtime for critical systems.

Manufacturing organizations lack the visibility needed for effective threat detection and response – especially regarding OT assets. Consequently, additional security complexity is unacceptable – any new investments they make must help them simplify security processes and get more out of existing tools and staff. 37% said they must improve their ability to see malicious OT activity, 36% say they must improve their ability to understand OT-focused threat intelligence and 35% believe they must improve their ability to effectively patch vulnerable OT assets.

44% of respondents highlighted Deception technology’s invaluable role in helping with threat research (44%), and 56% said that Deception technology can be used for threat detection purposes. More than half of the manufacturing organizations (55%) surveyed use Deception technology today, yet 44% have not made the connection between Deception technology and increased attack visibility.

“This research shows that manufacturing organizations are experiencing real challenges when it comes to threat detection and response, particularly for specialized OT assets that are critical for business operations,” said Ori Bach, CEO of TrapX Security. “This data, and our own experience working with innovators in all sectors of manufacturing, demonstrate there is a clear need for solutions like Deception, which can improve cyber defenses and reduce downtime without the need to install agents or disrupt existing security systems and operations.”

For further insights into the findings, download the full white paper, authored by Jon Oltsik, ESG Senior Principal Analyst and Fellow.

Joiner-Mover-Leaver process: Solve it once and for all?

960 640 Guest Post

By Tenfold Security

JML processes give IT and HR departments regular headaches and often create quite hefty conflicts between those two departments. What is this all about?

When a new employee joins your organization, HR will know about them first, as they sign the contracts and do the onboarding. Today, many employees will require IT system access in order to fill their job role. That means IT needs to know about new hires so they can onboard them as well with all the necessary resources:

  • Client hardware (PC, Laptop, etc.)
  • Active Directory accounts, group memberships
  • E-Mail access, distribution groups, access to shared mailboxes
  • Access to applications like ERP or CRM

If HR fails to pass on that information (for whatever reason), you might end up with a new employee not being productive on their first few days, because they can’t access important systems and data. This is not only a loss for the company, but also creates great frustration for the new hire.

The same challenge arises if HR forgets to inform IT about employee that has departed from the organization recently. The result are orphaned user accounts that pose a huge security risk and generate costs in the form of unused software licenses.

How to solve the issue? We at tenfold, the leading mid-market Identity & Access Management solution propose the following:

  • If you manage less than 500 users, let HR manually input new hires, leavers and data changes (for example last name changes or new telephone numbers) into tenfold. Our software will then distribute those changes to Active Directory and other systems. Your HR users don’t have to be domain administrators for this to work.
  • If you manage more than 500 users, attach your HR management or payroll system directly to tenfold to automate the whole process. Read all about how this is made possible by the tenfold Import Plugin: https://www.tenfold-security.com/en/import-plugin-tenfold/

If you would like to learn about the basics of access management in Microsoft environments (structure, access right levels, access control lists, inheritance) then download our detailed white paper “Best Practices For Access Management In Microsoft® Environments” at this link: https://www.tenfold-security.com/en/whitepaper-best-practices/  

Want to try tenfold for yourself? No problem, just register to download our free trial https://www.tenfold-security.com/en/free-trial/

Meeting the Tests to get out of Data Lockdown

960 640 Guest Post

Digital transformation of any business has always been hampered by making sense of underlying data. And that data has been growing in volume at an unprecedented rate driven by the growth of IoT. It’s the perfect storm – the need for real-time information being increasingly distanced by the rate at which the data volume is growing. Businesses need insight, not just data, which means getting the right information, to the right person, at the right time. 

But the age-old problem remains today – how do you understand and see what data you have readily available, in a format that’s usable and that you can access at the right time? Peter Ruffley, CEO, Zizo, explores three aspects businesses must consider to get out of ‘data lockdown‘…

Data access 

There are a multitude of ways to store and access data, but a majority of businesses haven’t considered access to external data sources yet. When we begin to question how to enrich and improve data, one of the fundamental capabilities of this process is by integrating external third-party data sources, such as weather, crime or other open data sources. 

Businesses need to have an understanding of what they need to do to make the process worthwhile, and ensure they have the correct capabilities before they start. A common first approach for many organisations is to build from scratch and make it their own, rather than considering the buyer approaches where you look at what’s out there, explore the marketplace and transform existing data to use within the business, rather than starting from the ground up. 

If they can’t combine different sources of data quickly and cost-effectively together, they won’t move forward. It makes sense to digitally transform an organisation if it is going to make use of what’s already out there, as being able to tap in and share other work and insights will make the exercise worthwhile and cost-effective. With combinations of solutions available in the marketplace that can accelerate the process by providing the necessary building blocks, it’s time to transform the digital transformation process. 

Data responsibility 

There remains a disconnect between IT teams and businesses’ impressions about what it means to provide the data. If both parties are not aligned with the same aims of the business, the project could stall at the first hurdle. Instead, organisations need to bridge the divide and encourage stronger collaboration between all stakeholders. When businesses realise where those holes are in their structure, it’s key to get people involved to solve those challenges. 

This involves change on three levels; personnel, cultural and technological. Who’s responsible for this chain? Whose action is it? How do we bring these teams together? The business might be storing a lot of data, but how can it be accessed, interrogated and made useful? How will the business’ data goals be defined? 

Typically, the digital transformation initiative comes from the top in the organisation. In order to get your business on board, you have to make a very clear case of what the benefits are. Employees need to trust that improvements will be made for them by doing this, rather than just dictating the plan. Digital transformation is a change programme, which impacts all aspects of the business. You therefore have to approach it in the same way that you would approach any change project – with clear objectives and an agreed process of identifying how you’re going to get value from data. With a compelling case, you have a much better chance of carrying it through with buy in from all stakeholders. 

Data and objective identification:

You can’t embark on a digital transformation initiative without a concept – you’re condemning the project to failure if the business is not engaged properly with the process before you start. In order to yield business benefit from data, organisations must identify the areas that will realise the most benefits. Even if they’re hypothetical, there must be measurable ambitions in place or milestones for this journey, so that there is an understanding of what you’re going to do, and what you want to get out of it. Or if those ambitions weren’t achieved, why not? What steps need to be taken next time? 

Organisations have to be able to collect the data and assess whether they can achieve their business objectives from that data. But a goal of just ‘digital transformation’, ‘digitising data’ or ‘making more money’ will never translate into a concrete business case. Goals need to be specific and measurable in order to determine the project roadmap and for success to be evaluated. 

More importantly, you have to understand where the data is in your organisation and what it’s being used for, before you start the process of transformation. The whole supply chain needs to be aware of the transformation and the demands that are going to be in place. You’ve got to be very open about this process, because there will be people who you haven’t thought of that might be impacted by the changes you’re making.

With easy access, a connected team and clear objectives, companies can have a clear outline of what it is they set out to achieve in their digital transformation, how they expect to make this transition with the data available, and who can take on what role in this process. 

84% of security and IT teams ‘don’t have a positive relationship’

960 640 Stuart O'Brien

Almost two thirds (59%) of European IT heads believe it is challenging to gain end-to-end visibility of their network, with almost half saying this lack of visibility is a major concern.

That’s according to a new poll by IDC/Forrester/VMware, which says more than a third (37%) feel the challenges associated with this lack of visibility has resulted in misalignment between security and IT teams – and a quarter (29%) have no plans to implement a consolidated IT and security strategy.

Only a third (38%) of networking teams are currently involved in the development of security strategies. Yet, 60% of these are involved in the execution of security, perhaps signalling that networking teams are not seen as having an equal role with the other IT or security teams when it comes to cybersecurity.

This is in stark contrast to the fact that network transformation is seen as being essential to delivering the levels of resilience and security required by modern businesses, with 43% of European organisations saying this is a key priority for them between 2019 to 2021. 

Critically, organisations need shared thinking and responsibilities to establish a cohesive security model if they are to deliver their company’s strategic goals, seen by Forrester as increased security (55%), technological advancement (56%) and the ability to respond faster (56%). 

Alongside the inconsistency in how the role of the network in security is perceived, there is a lack of cohesion within the IT and security teams as to who is responsible for network security.

“Businesses who are looking to adapt to fast-changing market conditions rely on the ability to efficiently connect, run and secure modern applications consistently, from the data center, across any cloud and all the way to the device. And it is the virtual cloud network that is delivering this. The network needs to be recognised as the DNA of any modern security, cloud and app strategy, and it should be seen as a strategic weapon and not merely the plumbing,” said Jeremy Van Doorn, Sr Director of Systems Engineering, Software Defined Data Center EMEA, VMware

The research also sheds light on the difference in priorities for both the IT and security teams. Globally, the top priority for IT is efficiency (51%), whilst security teams are focused on incident resolution (49%). And while new security threats require visibility across the entire IT infrastructure, less than three quarters of securityteams are involved in executing the organisation’s security strategy. 

Forty five percent of respondents recognise that a consolidated strategy could help reduce data breaches and more quickly identify threats. Yet this relationship isn’t proving an easy one to maintain as 84% of security and IT teams admit they don’t have a positive relationship with one another (at VP level and below). More than half of organisations want to move to a model of shared responsibility in the next 3-5 years, where IT securityarchitecture (58%), cloud security (43%) and threat hunting response (51%) is shared between IT and securityteams; but that calls for much closer collaboration than exists today. 

Denis Onuoha, Chief Information Security Officer at Arqiva, said: “It is critical that IT and security teams work in harmony to ensure every touch point of the IT infrastructure remains secure. The network forms a critical part of the business in delivering the best and most efficient services to customers. We recognise the importance of the network and therefore ensure security is embedded into the fabric of its infrastructure from the beginning and not bolted on as an afterthought. As we navigate a growing number of cloud and Edge environments and the network remains the connector between them all, it has become business critical for us to keep network security a top priority.” 

Retailers ‘struggling to balance customer experience with IT security’

960 640 Stuart O'Brien

Retailers are struggling to balance the challenges of delivering increased footfall, bigger basket sizes, and an enhanced customer experience with their fundamental technology and IT security needs.

That’s the conclusion of a survey conducted in May 2019 at RetailEXPO 2019 by Cybera, which revealed that offering a differentiated customer experience (31 percent) and increasing footfall (28 percent) are the biggest challenges for retailers.

In addition, another recent report showed that poor customer experiences cost British retailers up to £102 billion in lost sales each year.

Retailers are well aware of the need to positively differentiate themselves, with 83 percent of respondents in the Cybera survey citing that delivering an enhanced in-store customer experience is very important.

Cybera says the key to addressing all these new challenges is additional applications and services, the majority of which will rely on secure, stable, and scalable network technology. However, nearly one quarter (23 percent) of the respondents have not introduced additional services to their stores in the past 12 months.

The primary inhibitors included cost—25 percent said they thought it would be too expensive—followed by IT security concerns (19 percent) and a belief that their network would not support additional applications (14 percent).

Moreover, many retailers noted the ever-evolving regulatory landscape—including GDPR, PCI, and the upcoming PSD2—as an added distraction. Nearly half (47 percent) said they were concerned about new regulatory demands, admitting it was time to review their technology and processes.  

Interestingly, less than 10 percent considered IT security to be a key business challenge. This is particularly startling compared to the findings of the British Retail Consortium’s annual crime survey, which found that members are generally seeing a growth in the number of cyber-attacks, continuing previous years’ patterns. Nearly 80 percent of respondents in that survey said the volume of cyber-attacks and breaches had increased in 2018 over the previous year.

Cybera SVP and GM EMEA, Hubert da Costa, said, “Retail technology and customer demands are constantly changing, but one thing that will always be critical is customer experience. The growth of IoT in retail is staggering and it threatens the ability to deliver a consistent, high-quality customer experience. All of these network-enabled devices are disparate, which means separate management and requirements. This IoT growth is challenging for retailers—many of whom operate remote, smaller-footprint sites managed by a staff with limited IT expertise. The solution is to leverage a network platform that enables them to deliver these new breakthrough apps and services quickly, easily, and without compromising their security.”

Digital skills shortages ‘costing UK £63bn a year’

960 640 Stuart O'Brien

A lack of technical expertise has fuelled skills shortages across the UK for the last two decades.

That is according to comparative analysis of the professional jobs market by The Association of Professional Staffing Companies (APSCo).

A 1999 report from University College London said almost half (47%) of all ‘skill-shortage vacancies’ that year could be attributed to a lack of technical expertise.

For ‘associate professional and technical’ roles, the need for ‘advanced IT’ skills was responsible for 31% of vacancies, while a lack of ‘other technical and practical skills’ were responsible for a further 49% of all open roles.

A separate report published the same year by Computer Weekly revealed that C++ developers were the most in-demand professionals with Java the second most sought-after skill in the IT recruitment market.

Now, research from The Edge Foundation suggests that around half of all employers (51%) have been forced to leave a role open because there are no suitable candidates available, and that tech job vacancies are costing the UK economy £63 billion a year.

LinkedIn data indicates that cloud and distributed computing is the most valued skill among employers, with user interface design, SEO/SEM marketing and mobile development also featuring in the top 10.

Commenting on the analysis, Ann Swain, Chief Executive of APSCo, said: “While the specific skills that employers are seeking have changed dramatically over the past two decades, the fact that talent gaps continue to be aligned with technical competencies suggests that we need to do more to boost Britain’s digital capabilities.

“Our members have long reported shortages of talent across the IT and digital fields. For this reason, it is crucial that we ensure that we retain access to the STEM professionals that businesses need in the short term – through maintaining access to global talent and retaining our flexible labour market.

“However, perhaps more importantly, we must pipeline the calibre and volume of skills we need for the future so that we break free from this perpetual skills shortage. As this data indicates, for the past 20 years we have been playing catch-up – and we must break the cycle if individual businesses, and the wider UK economy, are to fulfil their full potential.”

RECOMMENDED: ANTI VIRUS

960 640 Stuart O'Brien

IT Security Briefing highlights some of the industry’s key suppliers of anti-virus solutions…

Glasswall-Logo-small-450x230

Glasswall 

Glasswall’s patented deep file inspection, remediation, sanitisation and document regeneration technology eliminates the threat from document-based malware. Glasswall processes files such as PDF, Word, Excel and image files in milliseconds, without relying on detection signatures.

Glasswall does not look for bad but ‘looks for good’, checking every byte of a document against the manufacturer’s file design standard, completely disarming and regenerating clean, standard-compliant files whilst preserving their full usability. The technology seamlessly integrates within email architectures and via an API into web, file transfer, data guards and diodes to deliver real-time protection from file-borne threats.

www.glasswallsolutions.com

 

logo_barracuda_main_black

Barracuda Networks

Barracuda Networks offers industry-leading solutions designed to solve mainstream IT problems – efficiently and cost effectively – while customer support and satisfaction remain at the heart of what it does.

Its products span three distinct markets, including: 1) content security, 2) networking and application delivery and 3) data storage, protection and disaster recovery. Barracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications and data, regardless of where they reside.

Barracuda develops its products for ease of use and ease to deploy, to appeal to SMEs and the mid-market. Therefore, all of the documentation associated with its products is extremely easy for customers to digest and understand. Barracuda also maintains a continuous feedback loop including in-person seminars, user groups, online customer feedback forums, regular customer surveys and ongoing communication and assistance.

While Barracuda maintains a strong heritage in email and web security appliances, its award-winning portfolio includes more than a dozen purpose-built solutions that support all aspects of the network – providing organisations of all sizes with end-to-end protection that can be deployed in hardware, virtual, cloud and mixed form factors.

www.barracuda.com

If you’d like to highlight your Anti Virus solutions, contact lisa.carter@mimrammedia.com

‘Brute force’ cyber attack on Scottish Parliament

960 640 Stuart O'Brien

Officials have confirmed that the Scottish Parliament has been targeted by a “brute force” cyber attack, similar to that which affected Westminster in June.

Chief executive Sir Paul Grice confirmed the attack in a message to MSPs and staff with parliamentary email addresses, and said the attack was from “external sources” and urged all members to be vigilant.

Grice added that systems “remain fully operational” and that “robust cyber security measures” had identified the attack early.

Grice also urged all MSPs and staff to make sure passwords were as secure as possible and that parliament’s IT team would “force a change to weak passwords as an additional security measure.”

“The parliament’s monitoring systems have identified that we are currently the subject of a brute force cyber attack from external sources,” wrote Grice.

“This attack appears to be targeting parliamentary IT accounts in a similar way to that which affected the Westminster parliament in June. Symptoms of the attack include account lockouts or failed logins.

“The parliament’s robust cyber security measures identified this attack at an early stage and the additional security measures which we have in readiness for such situations have already been invoked. Our IT systems remain fully operational.”

Hackers involved in a ‘brute force’ attack try to access systems by systematically using a range of different passwords in the hope that a correct password is delivered through trial and error.

 

Employees are companies’ biggest data security risk

960 649 Stuart O'Brien

A consensus study commissioned by data security specialist HANDD Business Solutions (HANDD) has revealed that nearly a quarter of IT professionals believe that the behaviour of employees and their reactions to social engineering attacks – which can trick them into sharing user credentials and sensitive data – poses a big challenge to data security.

The survey of 304 IT professionals in the UK shows that 21 per cent of respondents say regulations, legislation and compliance will be one of the two greatest business challenges to impact data security. The General Data Protection Regulation (GDPR) is causing real concern among professionals in their bid to be compliant by the deadline, which is less than 12 months away. GDPR will not only raise the privacy bar for companies across the EU, but will also impose extra data protection burdens on them.

HANDD CEO and co-founder Ian Davin commented: “Companies must change their mindset and look at data, not as a fungible commodity, but as a valuable asset. Data is more valuable than a pot of gold, which puts companies in a challenging position as the stewards of that data. C-suite executives must understand the data protection challenges they face and implement a considered plan and methodical approach to protecting sensitive data.”

41 per cent of those surveyed assign the same level of security resources and spend for all company data, regardless of its importance. Analysing and documenting the characteristics of each data item is a vital part of its journey through an organisation. A robust data classification system will see all data tagged with markers defining useful attributes, such as sensitivity level or a retention requirement and ensuring that an organisation understands completely which data requires greater levels of protection.

“Employees are probably your biggest asset, yet they are also your weakest link, and so raising user awareness and improving security consciousness are hugely important for companies that want to drive a culture of security throughout their organisation,” commented Danny Maher, CTO at HANDD.

NHS left vulnerable to cyber attacks

960 634 Stuart O'Brien

Experts from the British Computer Society (BCS) & The Chartered Institute for IT have claimed that a lack of investment in cyber-security software and accountability left the NHS open to the Wannacry virus.

The malware disrupted hospital staff across the UK in May as computers systems crashed, leaving frontline hospital staff unable to access important patient information, with operations cancelled and doctors and nurses forced to rely on hand-written notes to track patient’s case histories and treatments.

A report into the attack by the BCS found that the crisis could have been avoided had hospital IT teams had an official cyber-attack protocol, in-house cyber-security experts and up-to-date secure software.

‘’Patients should be able to trust that hospital computer systems are as solid as the first-class doctors and nurses that make our NHS the envy of the world,” said David Evans, director of community & policy at The Chartered Institute.

“Unfortunately, without the necessary IT professionals, proper investment and training the damage caused by the Wannacry ransomware virus was an inevitability, but with the roadmap we are releasing today, will make it less likely that such an attack will have the same impact in the future.”

The Chartered Institute of IT has joined forces with the Patient’s Association, the Royal College of Nursing, Microsoft to produce a blueprint that outlines steps NHS trusts should take to avoid another crippling cyber-attack.

Top of the list is ensuring there are clearly laid-out standards for accrediting relevant IT professionals. NHS board are being urged to ensure they understand their responsibilities, how to make use of registered cyber security experts and increase the number of qualified and registered IT professionals.