IN THE NEWS
OT & IoT Security News
As COVID-19 forces organizations to rethink how they work, chief information security officers (CISOs) who are responsible for the resilience of critical systems have an even greater dilemma. How do you keep critical systems running 24/7 when employees are strongly encouraged to work from home and ever so dependent on secure connectivity to function normally? CISOs may need to open up systems that are traditionally closed to the outside world to allow for remote management. They must balance safety, productivity and cybersecurity risk.
Terjadinya pandemi penyakit Covid-19 telah memaksa perusahaan-perusahaan mengatur ulang cara mereka bekerja.
The most pronounced pushback perhaps came from the cybersecurity industry, whose services many power generators rely upon to monitor and respond to threats. Edgard Capdevielle, CEO at Nozomi Networks, a firm that promotes network visibility, threat detection, and operational insight for industrial operational technology (OT), the internet of things (IoT), and ICS environments, told POWER the EO is a “step in the right direction, but needs to go further.” The positive aspects in the order include its recognition that protecting the BPS is of critical importance owing to the proliferation of threats. “It seeks to address a potential vector of attack in the backdoors and trojans that could be implanted in foreign-sourced infrastructure equipment,” said Capdevielle.
Edgard Capdevielle, CEO, Nozomi Networks, said the order is a step in the right direction but does not go far enough to actually protect the counrys critical infrastructure.
President Trump declared a national emergency to protect the nation’s bulk-power infrastructure that stops the purchase or use of any equipment that involves a foreign adversary in any way.
Firms preparing for a Health and Safety Executive review of their industrial control infrastructure need to be aware of how UK requirements have been aligned with EU rules on cyber security.
Today’s smart buildings are a variety of sensors, control systems, networks, and applications. While these technologies are being introduced into workplace environments to improve efficiencies, help drive down costs, and of course, improve our global environmental footprint, they also increase the attack surface. As a result, the security of all new internet-enabled appliances must be forethought before they are added to the network.
“This is a time when we really need to pay attention to cybersecurity for anything that is supported by industrial control networks,” said Edgard Capdevielle, CEO of the IT company Nozomi Networks.
As the industry becomes more innovative and technology-driven, one of the most likey avenues of disruption for mining organisations is cybercrime.
The oil and gas industry has been battered by a perfect hurricane of the three Cs: coronavirus, climate concern and a collapse in crude prices. But a fourth big C, a perennial threat to the health of the sector, lurks in the background and could cause even greater damage than usual in today’s fraught operating environment.
Why critical infrastructure businesses shouldn’t wait for a cyber crisis to push for cultural change [Q&A]
Cybersecurity is important to any enterprise, but it’s especially key to those that are delivering critical infrastructure. But recent research from Nozomi Networks shows that often the development of a holistic security approach is being driven by events such as security breaches.
What cyber risks is the market currently facing, and what resources are available for companies to efficiently monitor and secure assets now and in the long-term? To get answers, we spoke with two industrial cybersecurity experts and Energize CEOs — Edgard Capdevielle of Nozomi Networks and Rahul Kashyap of Awake Security.
Similar work is happening in the US. “We’re already seeing some collaborative efforts between the public and private sectors to fight cybercrime. The most fundamental activity is information sharing,” says Suzanne Spaulding, former Under Secretary for the US’ National Protection and Programs Directorate (NPPD) at the Department of Homeland Security (DHS), and advisor to Nozomi Network.
Between legacy OT systems and the addition of new IoT devices—often without documentation—many teams lack have an accurate view of what’s on their network, explains Nozomi Network co-founder and CPO Andrea Carcano.
According to Edgard Capdevielle, CEO Nozomi Networks, remote access to critical assets could be putting utilities more at risk for a cyberattack than ever before.
Nozomi Networks CEO Edgard) Capdevielle and Armour joined Computer Business Review for a call to talk about some of the unique challenges faced in securing converged IT/OT systems.
New Zealand power company Trustpower discovered flawed implementations of protocols used by operational technology (OT) suppliers that generated alerts as suspicious traffic in its network monitoring system. The company recently deployed Nozomi Networks’ Guardian system to monitor some 1,200 devices across 40 locations in its power generation and distribution network: hydroelectric plants, switchyards, communications facilities, data centres and operations centres.
The COVID-19 coronavirus outbreak may be dominating news headlines, but a recent multi-million-dollar ransomware threat against an Australian company serves as a potent reminder that businesses must be wary of the risks that increasing remote work imposes on the company’s overall security position.
As coronavirus places a quarter of the world’s population on lockdown, cyber security is the number one priority for businesses with a large number of employees using their own networks, broadband connections, and hardware. However, a new survey has found that as critical infrastructure organisations converge their IT, operational technology (OT), IoT and physical systems, companies believe that employees are the biggest threat to cyber security.
Nozomi is an SC Magazine Award Finalist for Best IOT/IIOT Security Solution