Cyber Defense eMagazine October Edition for 2021

More documents

Recommendations

Info

While the attack made headlines and led to shortages, it was certainly not the only one to cause disruptions. So what makes this sector particularly vulnerable? McKinsey & Company 2 has suggested three reasons based on their experience: 1. The first is the strategic infrastructure and economic value of this sector. Nation-state actors and hacktivists can cause significant commercial and societal disruption, or use techniques, such as ransomware to draw attention to their political agendas. With energy and utility companies under huge pressure to maintain availability of services, they are very likely to pay ransoms. Colonial Pipeline is reported to have paid a $4.4 million ransom. 2. Energy and utility companies are often sophisticated and geographically diverse. As a result of the pandemic, a growing portionof the workforce is now working remotely and will continue to do so. Decentralized cyber teams must manage an increased attack surface created by these factors, by eliminating threats from the web, documents and email. 3. Energy and utility companies often have complex interdependencies between physical and IT infrastructure. Cyber professionals are responsible for managing the risk posed by unique endpoints – from new and innovative digital customer interfaces to a complex assortment of operational technology (OT) – all of which can be possible points of vulnerability. If they are to defend themselves against an increasing number of attacks, companies must mobilize their capabilities to proactively prevent users, data and applications from providing an easy first point of entry for attackers – whatever their motivation. To achieve this, security professionals are exploring strategic approaches, such as Zero Trust and Secure Access Service Edge, or SASE, and deploying solutions that create an ‘air gap’ between the user and the Internet, such as secure web gateways powered by isolation. Isolation ensures no entity can connect directly to an organisation’s devices as the first step of an attack, even if a user clicks on a malicious link or downloads a suspicious document. Helping energy companies Gösgen Nuclear Power Plant in Switzerland is one of the many organizations we work with in this sector, supporting the cybersecurity team to reduce their cyber risk level while promoting employee productivity. This is a common balancing act for security teams who need to provide employees with Internet access without putting the organization at risk. A homegrown isolation solution was already deployed and proved very effective at shutting down malware access to endpoints, but it was hard to maintain and could impact essential user productivity. Now employees of the Gösgen Nuclear Power Plant and some of their strategic supply chain partners have been surfing productivelyvia our isolation-powered secure web gateway. 2 https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/the-energy-sector-threat-how-to-addresscybersecurity-vulnerabilities Cyber Defense eMagazine – October 2021 Edition 74 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Gösgen’s IT Security Officer, Francois Gasser and his team are confident that no malicious code can reach endpoints, so now allow employee access to websites that were previously blocked. We’ve also helped reduce manual administration and improve productivity for the team by generating exceptions directly from log files to speed time to resolution. Taking action on ransomware For energy and utility organizations, the race is on to establish a prevention based approach to cybersecurity, rather than rely on legacy detect-and-respond that has resulted in significant losses for businesses. For many, this means a Zero Trust approach to security – which creates an air gap and assumes that no traffic shouldbe trusted – is high on their agenda. Zero Trust includes browser-based Internet traffic, as well as content within every email and document attachment. But Zero Trust must also work at speed and scale making the legacy on-premises, appliance-based proxies that conduct standard URL filtering and sandboxing just too laborious and inflexible to stop the real threat of ransomware in its tracks. This is where isolation comes in. Other organizations in the energy and utilities sector are deploying solutions to prevent malicious code from ever reaching the network perimeter, mobilizing isolation-powered cloud security to shut the door on malware for good and significantly reducing operational and commercial risk. Detection should always play a role in a layered cybersecurity strategy, but focusing on a proactive, pragmatic prevention strategy gives the business, employees and partners the security they need to avoid ransomware and other sophisticated forms of attack – and, ultimately, make sure the lights don’t go out. About the Author Brett Raybould is EMEA Solutions Architect at Menlo Security, a leader in cloud security. In this role, he is responsible for technical sales, product demonstrations, installations, solution proposals and evaluations. Brett joined Menlo Security in 2016 and discovered how Isolation technology provides a new approach to solving the problems that detection-based systems continue to struggle with. Passionate about security, Brett has worked for over 15 years for some of the leading vendors specialising in the detection of inbound threats across web and email, and data loss prevention (DLP) including FireEye and Websense. He has represented Menlo Security as a speaker at industry events, including e-Crime & Cybersecurity Congress and Cloud Security Expo. Cyber Defense eMagazine – October 2021 Edition 75 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
The Top 6 Cyber Attacks Of 2021 So
Page 3 and 4:
Protecting SMBs from Current Cybers
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - October 2
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24: Cyber Defense eMagazine - October 2
Page 35 and 36: #2 Florida’s water system A hacke
Page 37 and 38: Raise Cyber Security Awareness: Whe
Page 39 and 40: Source Code Protection Market Do we
Page 41 and 42: of script administration, no backup
Page 43 and 44: to steal “the keys to the kingdom
Page 45 and 46: Part 1 - Using a Proxy Server - BUR
Page 47 and 48: Below we have an example of interce
Page 49 and 50: Having the device UUID and being co
Page 51 and 52: In the second part, we demonstrate
Page 53 and 54: Currently, we are bound to use tech
Page 55 and 56: You can be a hacker too! Remember,
Page 57 and 58: The Brutal Reality of Brute Force A
Page 59 and 60: Multi-factor authentication is one
Page 61 and 62: Why outdated software poses cyberse
Page 63 and 64: About the Author Roman Davydov is a
Page 65 and 66: What data security risks do communi
Page 67 and 68: Is the Edge Really Secure? By Cheta
Page 69 and 70: Or, let’s spend some time discuss
Page 71 and 72: accessible. Different agencies have
Page 73: Making Sure the Lights Don’t Go O
Page 77 and 78: MFA works a few different ways, but
Page 79 and 80: Get Ahead of the Game: Packet Captu
Page 81 and 82: investigations and the ability to t
Page 83 and 84: Thousands of Fortinet VPN Account C
Page 85 and 86: and operating costs. FIDO2 is the s
Page 87 and 88: As ports have been steadily ramping
Page 89 and 90: About the Author Working at the int
Page 91 and 92: Today’s Threat Landscape The 2021
Page 93 and 94: Thwarting Today’s Phishing Attack
Page 95 and 96: Security is Everyone’s Job Employ
Page 97 and 98: CapitalOne data breach occurred as
Page 99 and 100: About eSentire eSentire Inc., is th
Page 101 and 102: Complying with regulations Security
Page 103: Cyber Defense eMagazine - October 2
Page 115 and 116: Free Monthly Cyber Defense eMagazin
show all

Cyber Defense eMagazine October Edition for 2021

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?