INTELLIGENT BRANDS // Enterprise Security
4. Any standard endpoint is a potential
source of revenue, making complicated
lateral movement towards the crown
jewels irrelevant
5. When you attack the world, the sky is the
limit; the revenue potentials are endless
How exactly would this type of cybercrime
impact a manufacturing plant or other
critical infrastructure? It doesn’t take
much to dupe an unsuspecting victim
and install the malware. An innocuous
looking email or website visited by a staff
member can be all it takes to compromise
a facility in seconds. From consumers to
manufacturers and critical operations like
hospitals, transportation and other civil
services; nobody seems immune from the
ransomware threat.
Protecting against
distributed cyberattacks
Networked systems are complex and attackers
have all the time in the world to study and
understand them. Plant management
doesn’t. Don’t assume the state-of-the-art
80
INTELLIGENTCIO
IT’S THE PERFECT,
AUTOMATED,
MONEY-MAKING
MACHINE FOR
CRIMINALS.
security system in place for IT networks has
visibility into operational technology that
nonetheless is connected to it.
To safeguard against distributed as well as
targeted attack, you need to have visibility
of your entire attack surface, including IT
and operational technology (OT) networks
and know that baseline security standards
are met throughout your organisation. From
that fundamental visibility, you can start
to see your network like an attacker would,
finding paths of least resistance so you can
harden your defences. Organisations with
OT networks also need to ensure they can
POWERED BY
detect vulnerabilities in these environments.
Active scanning is prohibited in OT, so
passive solutions are required. Vulnerability
occurrence data should be analysed in the
complete context of the attack surface:
the IT and OT network, security controls,
potential business impacts and threat
activity in the wild.
Only with this context can you accurately
prioritise vulnerabilities for remediation
in OT networks where patching is carried
out only when it’s an absolute must.
Understanding network and security
control context also provides non-patching
mitigation options to isolate vulnerable
assets until a patch can be deployed.
Visibility and intelligence are key to
protecting against a commercialised
threat landscape and threat actors who
are increasingly turning their attention to
critical infrastructure. But by addressing the
underlying vulnerabilities and cyber hygiene
issues on which these tools and attackers
rely, you’ll have a strategic impact on your
cyberattack readiness. n
www.intelligentcio.com