When you think of Information Technology (IT) and Operational Technology (OT), which side are you on? You may not feel that you fall on any side of that technological skirmish, but when you stop to carefully consider the differences in these two disciplines, it is nearly impossible to avoid a tendentious leaning.
However, the time may be upon us when the conflicts of IT and OT will be put to rest for the broader purpose of making businesses more agile, efficient, resilient and ultimately, more profitable. We spoke with experts in the field who offered their insights about the challenges facing IT and OT convergence. Here’s what they shared!
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
Major healthcare providers are tasked with protecting patient data and maintaining complex security compliance requirements enforced through rigorous audits. Mercy Health, a major Midwestern hospital system, became a Tripwire customer in 2013. Using Tripwire technology, they created a successful IT service by integrating their ITSM tool, streamlining their reporting process and more.
Mercy Health and Tripwire show you how to:
-Implement effective change management
-Strengthen security in Epic records systems
-Streamline the audit process
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
When we talk about cyber security, we recognize that it is part of a holistic approach to security and critical infrastructure protection. Tools and technology are not enough to ensure that mission critical systems provide capabilities needed for the military, continuity of government and commercial enterprises to continue operations in the face of emerging threats. Recognizing the unique nature of our location on the Hawaiian Islands in the middle of the Pacific, we also understand the importance of collaboration and alignment of critical infrastructure protection among the military, state government, commercial and public stakeholders. A comprehensive approach needs to include innovative capabilities, a thorough analysis of operational dependencies, and the organizational collaboration required to protect critical capabilities. In this session, we will discuss our innovate approach to developing a holistic cyber security approach for critical infrastructure and share a case study to help you think differently about your own approaches for security.
Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
Top 10 tips for effective SOC/NOC collaboration or integration. In 5 years the security operation center and IT operation center will integrate and bring more context to security events and help to search, store, and analyze machine data for operational intelligence
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
Integrating Cyber Security Alerts into the Operator DisplayEnergySec
Presented by: Michael Toecker, Digital Bond
Abstract: Control Systems are responsible for the safe and reliable governing of physical processes, and are designed to report conditions that could affect reliable operations to operators for action. These conditions may vary in their severity, from minor inconveniences to those that can bring the process to a full halt. While engineers have predicted certain events and consequences, others are “unknown unknowns”, and may only be detected due to variances from normal function.
Cyber security conditions are similar in nature. Cyber security conditions can vary in severity and cyber security professionals can classify and alert on some, but not all cyber security events. In this presentation, Michael Toecker will discuss cyber security conditions that are known, and that could be integrated into the operational display.
Treating cyber security events as analogous to control system events has many benefits and drawbacks, and Toecker will expand on criteria for determining what is appropriate for an operator display, and what is not. The purpose of this presentation is to demonstrate that cyber security can have a place in operational decisions, so long as conditions are carefully analyzed and response actions developed beforehand.
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
Major healthcare providers are tasked with protecting patient data and maintaining complex security compliance requirements enforced through rigorous audits. Mercy Health, a major Midwestern hospital system, became a Tripwire customer in 2013. Using Tripwire technology, they created a successful IT service by integrating their ITSM tool, streamlining their reporting process and more.
Mercy Health and Tripwire show you how to:
-Implement effective change management
-Strengthen security in Epic records systems
-Streamline the audit process
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
When we talk about cyber security, we recognize that it is part of a holistic approach to security and critical infrastructure protection. Tools and technology are not enough to ensure that mission critical systems provide capabilities needed for the military, continuity of government and commercial enterprises to continue operations in the face of emerging threats. Recognizing the unique nature of our location on the Hawaiian Islands in the middle of the Pacific, we also understand the importance of collaboration and alignment of critical infrastructure protection among the military, state government, commercial and public stakeholders. A comprehensive approach needs to include innovative capabilities, a thorough analysis of operational dependencies, and the organizational collaboration required to protect critical capabilities. In this session, we will discuss our innovate approach to developing a holistic cyber security approach for critical infrastructure and share a case study to help you think differently about your own approaches for security.
Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
Top 10 tips for effective SOC/NOC collaboration or integration. In 5 years the security operation center and IT operation center will integrate and bring more context to security events and help to search, store, and analyze machine data for operational intelligence
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
Integrating Cyber Security Alerts into the Operator DisplayEnergySec
Presented by: Michael Toecker, Digital Bond
Abstract: Control Systems are responsible for the safe and reliable governing of physical processes, and are designed to report conditions that could affect reliable operations to operators for action. These conditions may vary in their severity, from minor inconveniences to those that can bring the process to a full halt. While engineers have predicted certain events and consequences, others are “unknown unknowns”, and may only be detected due to variances from normal function.
Cyber security conditions are similar in nature. Cyber security conditions can vary in severity and cyber security professionals can classify and alert on some, but not all cyber security events. In this presentation, Michael Toecker will discuss cyber security conditions that are known, and that could be integrated into the operational display.
Treating cyber security events as analogous to control system events has many benefits and drawbacks, and Toecker will expand on criteria for determining what is appropriate for an operator display, and what is not. The purpose of this presentation is to demonstrate that cyber security can have a place in operational decisions, so long as conditions are carefully analyzed and response actions developed beforehand.
Presented by: John Fleker, HP
Abstract: The cyber threat landscape is continually evolving. More and more, the critical infrastructure of our nation is at risk. Whether by nation-state actors, criminal organizations, hacktivists or any number of hackers looking to prove their skills, our safety and economic prosperity is threatened. There are four things that must be considered in order to address the evolving threats:
1- Becoming more proactive in our cyber defense efforts through intelligence
2- Better user behavior management
3- Assessing risk using meaningful metric
4- Resilience – operating through an intrusion
We need to look at the threat picture differently – in a proactive way – to ensure that CEO’s and CIO/CISO’s are on the same page regarding the threat, to allow those leaders to make better resourcing decisions and to be better prepared to mitigate adversaries when they arrive at the security perimeter. We need to integrate a wider set of intelligence into our thinking. This is critical to taking a more proactive stance in defending your networks. Combined with what you know of your own network, cyber intelligence strategically helps make solid resource planning decisions and functionally, helps your network operators better defend, mitigate and operate through cyber intrusions. The Operational Levels of Cyber Intelligence paper by the Intelligence and National Security Alliance details a better way of using intelligence.
www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx
Additionally, we must increase info sharing across the board. Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction.
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsEnergySec
Presented by: Nadya Bartol, Utility Telecom Council
Abstract: A variety of recent breaches and vulnerabilities demonstrate that software and hardware supply chain is a serious concern in the ICS space. Asset owners/operators and suppliers are in a symbiotic relationship – acquirers cannot conduct business without the supplier products and services. Where do the subcomponents come from and what do we know about their contents? Which code libraries were used by the sub-supplier? Why do we need to know? Several solution sets have emerged over the last 6 years, developed in IT/communications, defense, and ICS space. These include soon-to-be-published ISO and IEC standards, NIST documents, certification framework, Common Criteria extensions, and efforts by software industry consortium. The presentation will survey ICT supply chain security problem space, provide an overview of available solutions developed to date, and recommend how to use these solutions in the ICS context
NESCO Town Hall Workforce Development PresentationEnergySec
Moderated and Presented by Andy Bochman
Discussion Topic: Workforce Development in the ICS WorkPlace
Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
Attackers are using increasingly sophisticated methods to access your most sensitive data, and at the same time cloud, mobile and other innovations expand the perimeter you need to protect. This keynote discusses how to build a more secure enterprise with real-time analytics and behavior-based activity monitoring.
Advanced Security Intelligence tools store, correlate and analyze millions of events and flows daily to identify critical incidents your security team needs to investigate. The volume, variety and velocity involved clearly defines Security as a “Big Data challenge.”
Learn how advanced predictive analytics and incident forensics help defend against advanced attacks and respond to and remediate incidents quickly and effectively.
Ted Gruenloh, Director of Operations, ECONET
The Role of Threat Intelligence and Layered Security for Intrusion Prevention
The term 'Threat Intelligence' is getting a lot of buzz these days, but what does it mean? And, more importantly, how can it help protect your network? In this presentation, we will attempt to answer these questions within the context of a layered security approach that integrates Threat Intelligence with existing security methodologies. We also attempt to demonstrate how Threat Intelligence can improve a network's defenses at the perimeter and allow administrators to gain more visibility on the inside.
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
From this presentation you will learn:
· A brief history of encryption
· How encryption is now deployed in the enterprise
· Encryption and key management best practices to keep data safe
Cybersecurity 2014: The Impact of Policies and Regulations on Companies by Andrea Almeida from the First Semi-Annual Cyber Security Conference in Plano, Texas held September 26-27, 2014.
Most boards of directors don't have someone that understands cyber security issues. As a consequence, they can't provide the proper oversight over the companies they are responsible for. This presentation will cover the issues boards of directors need to understand, what questions board members need to ask and how to communicate with them.
Deploying and managing security information and event management systems can tax the brain and budget. However, if done right, they can be a huge benefit to the overall security stance of an organization, providing insight into what's happening on the entire network and enabling security teams to focus on the most pressing priorities to make sure their organizations' infrastructures are safe and sound from attacks. We explore the many challenges and their remedies.
Presented by Patrick Miller, The Anfield Group and Jason Ile, Tripwire
Abstract: This presentation emphasis the importance of building an environment where compliance is a natural byproduct of effective security controls. The presenters discuss how to establish info security controls that reinforce a culture of controls, by being plugged into the daily operational processes of IT operations, software and service development, project management and Internal audit.
Additional, the presenters explore the various benefits of continuous monitoring and how to achieve it through a step-by-step practice.
Proactive Measures to Defeat Insider ThreatAndrew Case
This presentation was delivered at RSA 2016 and discussed measures to defeat insider threat. It focused on real investigations that I have performed and how the victim companies could have prevented the associated harm.
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
Graphic recording artist Kelly Kingman depicts the interesting points and key takeaways from some of our in-booth presentation at Black Hat USA 2015.
Read more about what Black Hat USA has to offer here: http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/a-snapshot-of-black-hat-usa-2015/
This summary cloud security survey from Intel captures key findings from 800 IT managers in the U.S., the U.K., China, and Germany that provide insight into cloud computing security concerns and how those concerns might be alleviated.
Industry experts share how to embrace the coming merger of information technology (IT) and operation technology (OT) – originally, two very distinct domains of business.
Read more at: http://tripwire.me/adaptitot and www.belden.com/adaptitot
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
How can IT and OT teams work together effectively to secure the entire infrastructure? We asked industry experts for their top tips. Read their full responses here: https://www.tripwire.com/state-of-security/ics-security/it-collaborate-ics-security/
Presented by: John Fleker, HP
Abstract: The cyber threat landscape is continually evolving. More and more, the critical infrastructure of our nation is at risk. Whether by nation-state actors, criminal organizations, hacktivists or any number of hackers looking to prove their skills, our safety and economic prosperity is threatened. There are four things that must be considered in order to address the evolving threats:
1- Becoming more proactive in our cyber defense efforts through intelligence
2- Better user behavior management
3- Assessing risk using meaningful metric
4- Resilience – operating through an intrusion
We need to look at the threat picture differently – in a proactive way – to ensure that CEO’s and CIO/CISO’s are on the same page regarding the threat, to allow those leaders to make better resourcing decisions and to be better prepared to mitigate adversaries when they arrive at the security perimeter. We need to integrate a wider set of intelligence into our thinking. This is critical to taking a more proactive stance in defending your networks. Combined with what you know of your own network, cyber intelligence strategically helps make solid resource planning decisions and functionally, helps your network operators better defend, mitigate and operate through cyber intrusions. The Operational Levels of Cyber Intelligence paper by the Intelligence and National Security Alliance details a better way of using intelligence.
www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx
Additionally, we must increase info sharing across the board. Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction.
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsEnergySec
Presented by: Nadya Bartol, Utility Telecom Council
Abstract: A variety of recent breaches and vulnerabilities demonstrate that software and hardware supply chain is a serious concern in the ICS space. Asset owners/operators and suppliers are in a symbiotic relationship – acquirers cannot conduct business without the supplier products and services. Where do the subcomponents come from and what do we know about their contents? Which code libraries were used by the sub-supplier? Why do we need to know? Several solution sets have emerged over the last 6 years, developed in IT/communications, defense, and ICS space. These include soon-to-be-published ISO and IEC standards, NIST documents, certification framework, Common Criteria extensions, and efforts by software industry consortium. The presentation will survey ICT supply chain security problem space, provide an overview of available solutions developed to date, and recommend how to use these solutions in the ICS context
NESCO Town Hall Workforce Development PresentationEnergySec
Moderated and Presented by Andy Bochman
Discussion Topic: Workforce Development in the ICS WorkPlace
Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
Attackers are using increasingly sophisticated methods to access your most sensitive data, and at the same time cloud, mobile and other innovations expand the perimeter you need to protect. This keynote discusses how to build a more secure enterprise with real-time analytics and behavior-based activity monitoring.
Advanced Security Intelligence tools store, correlate and analyze millions of events and flows daily to identify critical incidents your security team needs to investigate. The volume, variety and velocity involved clearly defines Security as a “Big Data challenge.”
Learn how advanced predictive analytics and incident forensics help defend against advanced attacks and respond to and remediate incidents quickly and effectively.
Ted Gruenloh, Director of Operations, ECONET
The Role of Threat Intelligence and Layered Security for Intrusion Prevention
The term 'Threat Intelligence' is getting a lot of buzz these days, but what does it mean? And, more importantly, how can it help protect your network? In this presentation, we will attempt to answer these questions within the context of a layered security approach that integrates Threat Intelligence with existing security methodologies. We also attempt to demonstrate how Threat Intelligence can improve a network's defenses at the perimeter and allow administrators to gain more visibility on the inside.
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
From this presentation you will learn:
· A brief history of encryption
· How encryption is now deployed in the enterprise
· Encryption and key management best practices to keep data safe
Cybersecurity 2014: The Impact of Policies and Regulations on Companies by Andrea Almeida from the First Semi-Annual Cyber Security Conference in Plano, Texas held September 26-27, 2014.
Most boards of directors don't have someone that understands cyber security issues. As a consequence, they can't provide the proper oversight over the companies they are responsible for. This presentation will cover the issues boards of directors need to understand, what questions board members need to ask and how to communicate with them.
Deploying and managing security information and event management systems can tax the brain and budget. However, if done right, they can be a huge benefit to the overall security stance of an organization, providing insight into what's happening on the entire network and enabling security teams to focus on the most pressing priorities to make sure their organizations' infrastructures are safe and sound from attacks. We explore the many challenges and their remedies.
Presented by Patrick Miller, The Anfield Group and Jason Ile, Tripwire
Abstract: This presentation emphasis the importance of building an environment where compliance is a natural byproduct of effective security controls. The presenters discuss how to establish info security controls that reinforce a culture of controls, by being plugged into the daily operational processes of IT operations, software and service development, project management and Internal audit.
Additional, the presenters explore the various benefits of continuous monitoring and how to achieve it through a step-by-step practice.
Proactive Measures to Defeat Insider ThreatAndrew Case
This presentation was delivered at RSA 2016 and discussed measures to defeat insider threat. It focused on real investigations that I have performed and how the victim companies could have prevented the associated harm.
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
Graphic recording artist Kelly Kingman depicts the interesting points and key takeaways from some of our in-booth presentation at Black Hat USA 2015.
Read more about what Black Hat USA has to offer here: http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/a-snapshot-of-black-hat-usa-2015/
This summary cloud security survey from Intel captures key findings from 800 IT managers in the U.S., the U.K., China, and Germany that provide insight into cloud computing security concerns and how those concerns might be alleviated.
Industry experts share how to embrace the coming merger of information technology (IT) and operation technology (OT) – originally, two very distinct domains of business.
Read more at: http://tripwire.me/adaptitot and www.belden.com/adaptitot
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
How can IT and OT teams work together effectively to secure the entire infrastructure? We asked industry experts for their top tips. Read their full responses here: https://www.tripwire.com/state-of-security/ics-security/it-collaborate-ics-security/
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Troy Marshall
CyCon 3.0 presentation- February 15, 2020
Successful digital transformations don’t begin with technology, they begin with people. As organizations adopt DevOps and cloud and realize the increased release velocity, ensuring the security of software and systems at the same velocity is a necessity but doing so isn’t easy. In this talk you will learn about common security challenges in DevOps and cloud and the skills cybersecurity professionals need to solve these challenges.
Networking Plus December 2014: Connecting Mobile WorkersEric Wong
An excerpt from magazine where Peplink, Citrix, Vodafone and Cisco voice their thoughts on BYOD, mobile and remote workers, and the devices that make it possible.
The ability to work in a team is one of the most frequently requested soft skills in job advertisements today. But in practice, this quality is sometimes neglected – which can ultimately lead to a dispute over competence because everyone wants to maintain and represent their position. Alpha versus alpha – or IT versus OT in production companies – often still seems to be part of the order of the day. But this is no longer a contemporary approach because the increasing professionalization of cybercriminals requires a unified approach from both departments.
This whitepaper will help you to answer key questions such as: How will your organization protect itself from advanced cyber-attacks? What are you doing to detect suspicious behavior within the organization and beyond? What processes and tools will you implement to quickly respond to threats and quickly recover from the effects of an attack?
Most security breaches are caused by human error and poor security discipline. For instance, in April 2011, it was discovered that the personal and confidential data of 3.5 million teachers, state workers and retirees in the state of Texas was lying unprotected on the Internet closely for a year.
An Internet of Things Reference Architecture Symantec
The Internet of Things (IoT) already helps billions of people. Thousands of smart, connected devices deliver new experiences to people throughout the world, lowering costs, sometimes by billions of dollars. Examples include connected cars, robotic manufacturing, smarter medical equipment, smart grid, and countless industrial control systems. Unfortunately, this growth in connected devices brings increased security risks. Threats quickly evolve to target this rich and vulnerable landscape. Serious risks include physical harm to people, prolonged downtime, and damage to equipment such as pipelines, blast furnaces, and power generation facilities. As several such facilities and IoT systems have already been attacked and materially damaged, security must now be an essential consideration for anyone making or operating IoT devices or systems, particularly for the industrial Internet.
As online sales surge, retail cybersecurity professionals are taking additional precautions to protect their organizations and their customers’ data. On top of this, the COVID-19 pandemic has driven even more consumers to turn to online shopping. Tripwire worked with Dimensional Research to better understand cybersecurity programs in the retail industry as they prepared for the holiday season.
Download the full report here: https://www.tripwire.com/solutions/solutions-by-industry/retail-and-hospitality/retail-holiday-cybersecurity-survey-report
Tripwire recently examined how organizations are experiencing the cybersecurity impacts of COVID-19 and shifts to working from home. Dimensional Research conducted the survey, which included responses from 345 IT security professionals, in April 2020. Check out some of the key findings from the survey.
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
The skills gap remains one of the biggest challenges for the cybersecurity industry. To gain more perspective on what organizations are experiencing, Tripwire partnered with Dimensional Research to survey 336 security professionals on this issue. For additional key findings, visit: https://www.tripwire.com/state-of-security/security-awareness/security-pros-skills-gap-worsened/
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
Tripwire examined how organizations are implementing security controls that the Center for Internet Security (CIS) refers to as "Cyber Hygiene." The survey, conducted in July in partnership with Dimensional Research, included responses from 306 IT security professionals.
Read the full report here: https://www.tripwire.com/misc/state-of-cyber-hygiene-report-register/?referredby=socialmedia/
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
MITRE is a not-for-profit organization that operates federally-funded research and development centers. Their ATT&CK framework is a useful cybersecurity model illustrating how adversaries behave and explaining the tactics you should use to mitigate risk and improve security. ATT&CK stands for “adversarial tactics, techniques and common knowledge.”
This presentation explores a methodology for pairing proven industry frameworks like MITRE ATT&CK with threat modeling practices to quickly detect and respond to cyber threats. With this approach, industrial organizations can slice their infrastructure into smaller components, making it easier to secure their assets and minimize the attack surface.
Takeaways include how to:
-Make the most out of their threat intelligence feeds
-Report on progress and compliance
-Negotiate trust relationships in the intelligence sharing cycle
-Improve their organization’s overall security posture
Defending Critical Infrastructure Against Cyber AttacksTripwire
In our increasingly connected world, networks of machines help critical infrastructure run more efficiently and prevent downtime. However, systems which were once isolated are now being exposed to digital security threats that operators never considered.
Joseph Blankenship of Forrester Research and Gabe Authier of Tripwire discuss the evolving threat landscape and how we can protect these critical assets from cyber threats.
Topics covered include:
-Examples of some of the most recent cyber-attacks to critical infrastructure
-Why traditional IT security approaches won't work
-Recommended approaches for securing critical infrastructure
Jumpstarting Your Cyberdefense Machine with the CIS Controls V7Tripwire
In this webinar, we are joined by Tony Sager, Senior VP & Chief Evangelist for the Center for Internet Security (CIS). Tony will be discussing the latest changes to the CIS Controls framework and how they help protect your organization from cyberattacks. In almost every industry, complex organizations are adopting these foundational controls for effective cyber defense.
Attendees will learn about:
• How the CIS Controls align to common security & compliance frameworks
• The underlying principles that drive the success of the CIS Controls
• Why many organizations fail despite utilizing other "advanced" controls
• The available tools that have grown up around the CIS Controls
Hunting for Cyber Threats Using Threat Modeling & Frameworks Tripwire
With threat models, an organization can slice its infrastructure into smaller components, making it easier to secure assets and minimize the attack surface. Learn how to make the most out of threat intelligence feeds, report on progress, and negotiate trust relationships in the intelligence sharing cycle, while improving their organization's overall security posture.
Most RSAC Attendees Favor Shorter Vulnerability Disclosure TimelinesTripwire
With continued debate around responsible disclosure and increased attention around security research techniques, Tripwire wanted to get a pulse on what the community considers responsible practices today. In surveying 147 attendees at the RSA Conference in San Francisco a couple weeks ago, we found out a number of interesting perspectives.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
2. "The main challenge is solid communication. Yes, there are technology differences
between IT and OT that smart security professionals on either side of the firewall
will iron out.
But what really comes into play is the sense of IT and OT being
able to sit down and openly discuss the issues they each face,
and make decisions on what is best for the organization.
IT needs to fully understand that when OT says they need to stay up and running
24x7, they stay up and running. OT needs to understand that IT has been in the
security business for quite a bit longer, and they know what they are talking
about.
That level of communication does not just appear out of thin air. It needs to come
from the top. You see it all the time in winning organizations when everyone
knows the plan and understands the importance of their role. In those settings,
teams will always thrive."
Greg Hale
Editor at ISSSource
3. "One of the biggest challenges facing IT and OT professionals is the
implication of merging IT with OT networks. With Industry 4.0 growing
larger, there is a drive towards greater amounts of data from automation
equipment and sensors on the factory floor.
With the massive amounts of data created from
automation, this requires ever-increasing data streams
between IT and OT networks that need to work together.
A key challenge will be executing these streams efficiently and effectively
while not negatively impacting the operational integrity of the OT network,
and thus still prioritizing quality, safety, and uptime."
Kevin Holley
Director of the Customer Innovation Center at Belden
4. Lane Thames
"Asset discovery is a critical cybersecurity component because
it provides visibility into our networks. Without visibility, it is
impossible to secure our systems.
Asset discovery within the OT domain is different and much more challenging than
in the IT domain. Gaining complete and accurate visibility holistically across IT and
OT is a current challenge faced by technology professionals. There are various
reasons for this, due to both technology and human factors. For example, common
security technologies used in IT can’t always be used in the OT domain due to
engineering and performance constraints.
On the other hand, IT and OT professionals have very different backgrounds and
priorities that can make collaboration difficult from an asset discovery and
cybersecurity perspective."
Principal Security Researcher at Tripwire
5. Alex Bagwell
"The biggest challenges that we are seeing
with IT-OT convergence is how to
consolidate overlapping solutions across
multiple business units within seemingly
separate IT and OT networks.
CISOs have historically focused on their IT networks,
investing heavily into security solutions that give them full
visibility of what is going on inside their domain. Now that
operational technology is being inherited by the CISO or
being forced to the forefront by the Board and United
States Government, that CISO is looking for ways to
reduce the number of tools but also to maintain the same
IT familiarity with their OT environments."
Vice President of Industrial Sales at Tripwire
Newton Fernandez
"I believe that the main challenge for IT professionals is to
understand how different the characteristics of OT
(availability, safety...) are from IT. Thus, be ready to help
them protect their networks while realizing the criticality of
the process and the problems of an interruption can cause. At
the same time, OT professionals will need to become familiar
with new threats (many of them already common to IT teams)
and thus, with the help of the IT team, study ways to mitigate
risks and threats while maintaining the availability and safety
of the application.
Indeed, perhaps the biggest challenge lies in
adapting common IT tools to the OT
environment without disrupting the process (for
updates, patches, or active monitoring)."
Technical Director (LATAM) at Baumier Automation
6. Divji Agarwal
"One key challenge IT-OT faces and will
continue to endure in the times to come is
related to data management and governance.
As more and more OT devices are getting networked and
connected, the potential for data management in terms of
data storage, transfer, and analytics is growing tremendously.
Organizations need to have a strong data governance policy
that outlines how data needs to be stored, managed,
accessed, analyzed, and by whom.
Data is the next gold. Industrial data has already found several
applications, with machine learning and artificial intelligence
helping to improve business performance and machine
efficiency as well as reduce downtime. Correspondingly, it’s
critical to protect this data from loss, theft, damage, and
misuse. "
Senior Product Manager at Belden
7. "The first thing we need to notice is that the wide adoption of
IP-based protocols in OT networks—and, therefore, the
convergence with IT—has created a serious problem of network
ownership and functional accountability. In the past, for
instance, network requirements for services latency or even
cybersecurity were well marked off. Nowadays, the boundaries
of both networks have completely disappeared, and we need
to take into consideration that what you do in one network has
implications on the other side. So, different departments will
have to work together to allow the network to meet the
challenge of the digitalization, to allow the company to
compete in a real digital world.
So, I think the biggest challenge is to set clear
ownership and define responsibilities based on a
mixed team that’s functionally oriented across IT
and OT networks.
It is becoming less relevant where the devices are physically
located compared to the function they perform or the
treatment we are giving to the data we are acquiring."
German
Fernandez
Director of South & East Europe
at Belden
8. "It is important to understand that cybersecurity tools designed
for modern IT environments may not suit legacy Industrial
Control Systems (ICS).
Consider, for example, an ICS that is end-of-life with known vulnerabilities that
can’t be patched and is too costly to replace. It still needs to be secured, and
while investigating for vulnerabilities, if IT runs a port scan across the ICS network,
it may lock up a PLC and shut down production for 24 hours. This situation can be
avoided using passive scanning technologies that don’t introduce new traffic on
the network but instead inspect every packet of data.
Tools are available that can detect and audit network assets as well as monitor for
configuration changes and anomalous behavior, all while mapping out the source
and destination of traffic. If there is data flowing to or from an ICS, it can be
identified and tracked."
Markus Bloem
Industrial Sales Engineer at
Tripwire (EMEA)
9. Chris Furtick
"The biggest challenge I see currently and on the horizon for IT/OT professionals has
little to do with technology; it’s the blurring of the line between “work” hours and
personal/family hours.
During the global pandemic, we have proven that many roles can function in a
remote capacity, which has resulted in many professionals embracing the “Zoom from
Home” work culture. But the fact that we can work from ANYWHERE has transitioned
to a mindset that we now work from EVERYWHERE.
Technology professionals will need to be mindful to disconnect
from the computers, tablets, and smart phones and reconnect
with family and friends. It’s easy to allow the “tyranny of the
urgent” to override the importance of having time to relax and
recharge."
Director of Incident Response and Planning at Fortalice Solutions
10. Scott Kornblue
"One area I see as a long-term challenge in the IT-OT
convergence is the growing need for secure remote access
into sensitive/critical networks. Specifically, as the typical
work environment is shifting to more remote/work from
home processes, the need to allow trusted engineers and
operators to reach networks remotely will grow.
Secure remote access strategies will have to traverse both
IT and OT networks. IT network administrators will need to
work closely with OT/SCADA network operators to properly
design these remote access policies and procedures.
Over the next five years, this challenge will
most certainly evolve as secure remote
access moves from a position of convenience
to one of necessity."
Lead Solutions Designer at Belden
Michael Sanchez
"All too often, new products are deployed without set
standards, making them difficult to manage, service, and
secure.
Broader adoption of BYOD and remote work
environments requires enhanced security
methodologies. This raises questions around
how inventory, monitoring, baselines, patching,
and change and configuration management will
be supported. Meeting these challenges
requires organizations to look beyond minimal
compliance and checking proverbial “boxes” to
advanced security solutions.
Legacy firewalls, routers, and switches are insufficient when it
comes to the modern world. Advanced security technologies
such as the cloud, AI, and global threat intelligence are now
requisite to protect today’s OT/IoT devices."
CEO at ITENGRITI Corporation
11. Dean Ferrando
"Rather than trying to compare which security methodology
(IT or OT) is better and how we need to bring one up to the
other, why not combine the best of both worlds into one
global security policy that could work for both the IT and OT
estates?
Physical security is as important as
cybersecurity, and cybersecurity is as important
as physical security. The two should not be
seen as mutually exclusive but rather as
complementary to one another.
The only challenge we are seeing in the marketplace today to
make this dream a reality is for both environments to find a
common language that is understood by all."
Systems Engineer Manager (EMEA) at Tripwire
12. "With the rapid growth of Ethernet on the industrial side and the organization
converging into a single data network spanning both IT and OT, the conflict seems
inevitable. Which department gets oversight and control of the Ethernet network?
A lot of organizations are finding out—perhaps not without a bit of pain—that the
“either/or” question can be problematic.
The chasm between IT and OT in everything from processes to
knowledge and culture can be quite large.
There needs to be a way to bridge the gap between IT and OT. One pathway to
achieve this is by finding an individual capable of communicating with and
relating to both departments. This person could ensure that the departments work
synergistically rather than as adversaries, and they could use a sub-organization
around him or her to ensure that the proper backing and resources are provided.
We call this individual the “Automation & Data Exchange (ADX) Engineer” and the
support system for this person the IT/OT “Joint Task Force” or “Steering
Committee.” Both entities are critical in ensuring the success of IT/OT
convergence."
Jeremy
Friedmar
Senior Product Line Manager of
Industrial Connectivity at Belden
13. "In the energy industry and in energy-intensive industries, the
post-COVID world will catalyze substantive change in how we
operate in the future.
The biggest challenge that OT and IT security
professionals face in these industries is how to
support this operational evolution with security
being addressed at its foundation.
In the OT space, cybersecurity was often treated like a final step
or “afterthought.” In this phase, security teams need a seat at the
table not only around topics related to new technology itself but
also to be engaged on the people and process aspects involved in
this evolution.
As security professionals, we are critical stakeholders in the
mission to enable different operating models. Given this evolution
towards new ways of working, there is a lot of investment in new
enabling technology."
Susan Peterson
Serves on the advisory boards of
Bayshore Networks, Cognite,
Innosphere Ventures and One Warm
Coat
14. "The convergence of IT & OT technology is happening at a quicker pace. It is motivated
by market forces that mandate ever-increasing connectivity of all assets across
enterprises. Conjunction of these worlds exhibits directly in the shifting responsibility
for ICS security into the IT security and risk C-Suite.
Today, IT security and risk leaders are progressively forced to take over the security of
OT devices at a fast pace. This newborn accountability has left IT security and risk
leaders fighting to adopt the OT security labor gaps, contrasting technology solutions
and costs. Although OT and IIoT security concerns are benefiting from increased budget
prioritization, security and risk leaders remain keen for simplification of their existing
tech stack.
Added to above, the lack of skilled OT security personnel has been a big challenge due
to the silos created between IT and OT.
Each group has their unique way of handling security, and most of
the time, it does not align, as IT and OT environments operate on
different technology stacks."
Viral Trivedi
CBO at Ampcus Cyber
15. "Biggest challenges to OT and IT professionals now and in
the next five years will be ransomware, supply chain, and
digital transformation.
Ransomware will shift attention to incident response and recovery first, then
eventually it will find its way into better network designs such as intelligence
slanting and shear-away networks. If you can island off the critical OT and let
the other stuff burn then rebuild/recover, we get closer to resilience.
Supply chain is stealing much of the oxygen in the room despite the lower
probability of it happening. Nonetheless, SBOM/HBOM and the like will take
off to assist. Mix in some politics and security theater with the depth and
breadth of truly managing supply chain risk, and the scope of the mess
becomes apparent."
Patrick C. Miller
CEO at Ampere Industrial Security
16. "OT professionals have been traditionally challenged due to
new technologies coming into the automation field. This is,
from my point of view, the first trait of the so-called “IT-OT
Convergence trend.”
A good example is the evolution of the initial control systems from wired logic
(based on electrical relays interconnected in big and complex electrical cabinets)
to Programmable Logic Controllers. PLCs were microprocessor-based devices and
thus a direct application of the computing technology already used in the IT field.
Even if this new technology was full of benefits in automation applications—for
instance, much smaller cabinets could cope with more complex systems—its
adaption to the OT professional was key for its success.
Ladder programming language allowed the ‘circuit & relay OT’ way of thinking at
that time to program and maintain these new systems. But in time, high-level
programming languages made their way into the industrial scene, and
professionals took to them naturally. This trend has become much more intense
now, with the time for new IT technologies to land on the factory floor having
shrunk over the past few years."
Ignacio Bravo
Lead Solution Designer LATAM
at Belden
17. To learn more about Belden and
Tripwire's IT/OT security solutions
visit:
https://www.tripwire.com/solutions/industrial-control-
systems/tripwire-industrial-solutions-catalog
@TripwireInc