Tuesday, July 19, 2022

Securing Critical Infrastructure

Importance of strong security practices

    Constant increasing cybercriminal activities feed from inadequate security measures employed in any organization, and the public sector arguably has been more vulnerable due to the slow and red-taped nature of their organizations. The Baltimore ransomware attack is a clear example of unprepared, off-guard, and incompetent cybersecurity in the public sector. Under budget IT and security, aging hardware, unpatched software, lack of risk assessment, and risk management is an open invitation for any hacker.

 

Why is it important that your vendors practice good security?

    The complexity of modern societies demands the reliance of any one organization on several other entities in order to be functional. Outsourcing has been a trend for many years, and it doesn’t seem to slow down at all. Based on a study conducted by Opus & Ponemon Institute, Vendors or 3rd parties are the cause of more than 60% of data breaches in the U.S. every year. Organizations need to be able to trust their vendors’ security with all sensitive data such as PII, PHI, PCI DSS, etc. It is imperative to consider the organizational security posture as a whole, in which the supply chain security or vendors would be certainly included.

 

Why is it important to consider the roles of people, processes, and technology?

    The people, process, and technology (PPT) framework is about the balance in the interaction of these three elements and improving the operational efficiency of an organization. In any organization, people are doing the work, applying processes enhances the efficiency of this work, and technology helps with automation and the quality of tasks. By utilizing PPT, organizations would be anticipating three reasonable outcomes from any task in an ideal condition:

  •      Increased speed
  •      Improved efficiency
  •      Meet or exceed expectations

 

How can you measure or benchmark security solutions using standards such as common criteria?

    The Common Criteria, also known as “Common Criteria for Information Technology Security Evaluation, is an international set of standardized guidelines that enable organizations for an objective evaluation and validation of any product or system based on the pre-set and agreed upon standards. These standards facilitate a practical manner to ensure users are purchasing equipment that has been independently verified and meets specific security requirements. Common Criteria is a mandatory requirement for the U.S. federal government. Many non-government organizations with higher security expectations, such as data centers, telecommunication companies, and financial and medical organizations, are also increasingly using these standards.

 

How can critical infrastructure operators keep pace with the latest threat modeling and detection technologies?

    Threat modeling is a pre-defined procedure to assist the cybersecurity team in actively identifying potential threats, vulnerabilities, and security requirements, quantifying the criticality of those threats, and finding and prioritizing remediation procedures. Threat modeling is a risk-based approach to designing a secure system. It contains threats and scenarios much more holistically than other security measures such as penetration tests or security awareness training. It is a complicated process, and often teams struggle to adopt this modeling; therefore, rather than stopping everything from creating the perfect threat model, it is more practical to start simple and grow from there.

 

Why is it important to patch and upgrade systems or third-party platforms on a regular and routine basis?
    The purpose of a security patch update is to cover the security holes that a major software update or initial software deployment was lacking. Every security patch update represents hundreds of victims hacked due to that hole or vulnerability, and the developer was notified to develop and deploy patches. A report about ransomware in 2021 indicates that unpatched vulnerabilities are the most consistent and primary ransomware attack vectors, and hackers are increasingly targeting Zero-Day vulnerabilities and supply chain networks for maximum impact.


References:

·         https://www.verizon.com/business/resources/articles/s/lessons-from-the-robbinhood-ransomware-attack-on-baltimore/

·         https://vvsonic.com/computer-news/lessons-from-the-2019-baltimore-ransomware-attack/

·         https://www.ponemon.org/userfiles/filemanager/nvqfztft3qtufvi5gl60/

·         https://www.plutora.com/blog/people-process-technology-ppt-framework-explained#:~:text=Technology%20helps%20people%20do%20their,people%2C%20processes%2C%20and%20technology.

·         https://www.smartsheet.com/content/people-process-technology

·         https://www.cisa.gov/uscert/bsi/articles/best-practices/requirements-engineering/the-common-criteria

·         https://www.netmotionsoftware.com/blog/security/common-criteria-certification

·         https://martinfowler.com/articles/agile-threat-modelling.html

·         https://www.varonis.com/blog/threat-modeling

·         https://www.synopsys.com/glossary/what-is-threat-modeling.html#D

·         https://us.norton.com/internetsecurity-how-to-the-importance-of-general-software-updates-and-patches.html

·         https://www.businesswire.com/news/home/20220126005014/en/Ransomware-2021-Year-End-Report-Reveals-Hackers-are-Increasingly-Targeting-Zero-Day-Vulnerabilities-and-Supply-Chain-Networks-for-Maximum-Impact

No comments:

Post a Comment

Ring Home–Security Camera Breach

According to the “SAM Seamless Network” research team report in April 2022, there have been more than 1 billion IoT attacks in 2021, of whic...