For many years industries like oil and gas, electricity, agriculture and utilities have relied on operational communications infrastructure outside the main corporate network to collect data and provide supervisory control. Known as Supervisory Control and Data Acquisition (SCADA) systems the data they collect leads to efficient allocation of resources, monitors safety conditions and improves operational decision-making. But now, with the emergence of Internet of Things (IoT) technology, industrial organizations are eager to deploy new wireless machine-to-machine (M2M) devices to collect even more data from field assets in remote, geographically dispersed locations. The number of sensors and data points in industrial networks looks set to multiply exponentially overnight. As a consequence, there will be more access points than ever before. Security, therefore, will be an important factor in determining the overall success of IoT deployment.
Ransomware is the latest trend in criminal malware. It infects computers, encrypts data and demands a ransom payment in the form of bitcoins. The encryption is so strong that it has not yet been circumvented. Locky and other ransomware have the potential to become much more than an annoyance.
Recently one case was reported where patient data was encrypted at a hospital. That might seem bad enough but what would happen if computers that control medical devices are infected by the virus and they show a ransom letter instead of doing their job? Documents, photographs, films and other personal data are usually the prime targets for encryption rather than system files and applications. However, databases and license key files have also fallen victim to unauthorized encryption.
Over the last few years, gleaning useful information from massive amounts of data has also become more difficult for IT security and approaches to Big Data and information analysis are a critical topic in this sector. The number of users, end devices, applications and log files are constantly on the rise. At the same time, attackers are becoming more sophisticated and professional while constantly adapting their strategies. Companies are now facing a completely new level of risks and challenges to their IT security operations.
Frequently companies have more than enough data on security events, including successful penetrations and potential vulnerabilities. Enormous volumes of data are generated by network components, storage systems or applications. Security threats buried among this data must be taken seriously, however attacks often remain unnoticed or they are not discovered in time due to a lack of structured data. Analyzing and interpreting this data and deploying a rapid response is almost impossible without specialist software.