Flaws in Industrial IoT Underline Importance of Secure Connectivity

According to the leading analyst firm Gartner Group over 50% of major new business processes and systems will incorporate some element of the Internet of Things (IoT) by the year 2020. The potential for IoT to revolutionize existing business models is very exciting. Industrial manufacturers are clearly in a hurry to capitalize on this virtual world of opportunities where new revenue streams flow from managing and servicing customers’ equipment remotely.

But before everyone gets carried away it is important to pause for a moment to consider how with the rush towards digitalization there is also a risk that IoT growth will outstrip cybersecurity considerations.

Threat Intelligence-as-a-Service brings SIEM Within Reach of SMEs

Organizations are being targeted by cybercriminals more than ever. According to the latest statistics from Symantec, 52.4% of phishing attacks in December 2015 were against small and medium-sized enterprises (SMEs). The month prior demonstrated an even bigger spike. The situation is forcing businesses of all sizes to augment their network and mobile security. Topping the list of improvements include the need for better threat intelligence and endpoint security.

Security information and event management (SIEM) systems provide a valuable tool to gather threat intelligence through activities logged from various applications and devices. The logs are then combined to create threat intelligence reports that can identify signs of unauthorized behavior. Because of their complexity, until recently SIEM systems were considered exclusive to those large enterprises with access to the sizeable budgets and resources required to maintain them.

Big Data and IT Security – SIEM as an Analysis Tool

Over the last few years, gleaning useful information from massive amounts of data has also become more difficult for IT security and approaches to Big Data and information analysis are a critical topic in this sector. The number of users, end devices, applications and log files are constantly on the rise. At the same time, attackers are becoming more sophisticated and professional while constantly adapting their strategies. Companies are now facing a completely new level of risks and challenges to their IT security operations.

Frequently companies have more than enough data on security events, including successful penetrations and potential vulnerabilities. Enormous volumes of data are generated by network components, storage systems or applications. Security threats buried among this data must be taken seriously, however attacks often remain unnoticed or they are not discovered in time due to a lack of structured data. Analyzing and interpreting this data and deploying a rapid response is almost impossible without specialist software.

How Far Does Your Cybersecurity Umbrella Extend?

Network administrators: No matter how impenetrable you think your network defenses are, there are always going to be remote access vulnerabilities that threaten the integrity of your walls. Often, it’s a threat that originates from outside the immediate range of your defenses, and it’s one you may not have any visibility into. Recently, these threats have started to originate from third-party partners – a company’s vendors, suppliers, agencies, firms and other outside service providers. These are often smaller companies with less sophisticated remote access defenses that, when they become a target of cyber crooks, provide a path for an attacker right into the heart of another company’s network. Target found this out the hard way, after its network was breached when attackers gained entry by acquiring network credentials though a third-party HVAC vendor. So did Lowe’s, after one of its vendors backed up customer data on an unsecure server and unknowingly exposed the information to the broader Internet. Goodwill, too, suffered a breach because of a vendor, this time a retail POS operator that acknowledged its managed service environment “may have experienced unauthorized access.” While it may seem odd for big-name companies to provide such privileged access to third parties and, in the process, put themselves in harm’s way – either deliberately or inadvertently – it’s actually quite a common situation. As Brian Krebs reported in the aftermath of the Target breach, large retailers often provide HVAC and energy vendors with privileged network access so they can alert retailers around-the-clock in the event something goes wrong in one of their buildings. As a source told Krebs, “Vendors need to...

Smaller Scale Is No Defense: Why SMBs Should Assume They’re Already Targets of Cyberattackers

You would be hard pressed to go a month without hearing about a new data breach or major cyberattack in the headlines. These incidents occur with such regularity nowadays that seemingly every industry has been affected – healthcare, education, retail and even amusement parks. There are variations across all these attacks, from the threat vectors themselves to the protections that may have faltered. But, the common thread is that these companies are generally big names with targets on their backs. This trend also tends to overshadow an even more worrisome one: data breaches occurring at small and medium-sized businesses. While SMBs may exist on a relatively small scale, they certainly don’t go unnoticed by hackers. The numbers actually show that three out of four attacks occur at businesses with fewer than 100 employees, and that each incident carries an average price tag of $20,752, according to the National Small Business Association (NSBA). The NSBA’s Jason Oxman elaborated further in comments to the Los Angeles Times last year: “We are absolutely facing an epidemic of attacks on our nation’s infrastructure and attempts to gain access to information. But smaller merchants tend to be easier and more attractive targets for cyber criminals.” This is because SMBs are less likely to be well-versed in security protocols and because they won’t get much attention from the media, thereby allowing the attacks to continue under relative quiet. Compared to enterprises, SMBs may also lack the resources to detect and respond quickly to attacks. The fallout can result in broken websites, bad customer reviews and narrower profit margins – all consequences that can completely devastate...