How to Strengthen Cybersecurity in Smart Manufacturing

Business 2 Community | January 26, 2020

Digital transformation of production means revolutionary changes in business models. The digital transformation in manufacturing involves the introduction of modern innovative technologies and products, the adaptation and development of new business models to the conditions of the digital economy and, due to this, the creation of smart factories and a qualitative improvement in business processes, including the production process. The changes in the modern world caused by the booming growth with information technology and universal digitalization could not but affect production systems. The invention and widespread use of programmable controllers, robots, and digital control systems integrated with enterprise corporate networks has led to a change in approaches to production management and the rapid development of several new technological departments. It has also placed more emphasis on ensuring the safety of industrial systems.

Spotlight

Bob Stasio, Senior Product Manager at IBM, introduces the evolution of IBM i2. Learn how 3 decades worth of law enforcement and intelligence community tested tools are now being used by commercial organizations as part of sophisticated cyber defense operations. Soon you'll see the power of analyzing and visualizing connections among disparate data sets aid in investigate threats, and even predicting attacks before they occur.

Spotlight

Bob Stasio, Senior Product Manager at IBM, introduces the evolution of IBM i2. Learn how 3 decades worth of law enforcement and intelligence community tested tools are now being used by commercial organizations as part of sophisticated cyber defense operations. Soon you'll see the power of analyzing and visualizing connections among disparate data sets aid in investigate threats, and even predicting attacks before they occur.

Related News

DATA SECURITY

New CyberCube Scenarios Aid the Cyber Planning of Lloyd's Syndicates

businesswire | January 21, 2021

CyberCube has refreshed its information driven insightful programming to flawlessly empower guarantors to evaluate misfortunes to situations that Lloyd's has given to partners for the forthcoming March information assortment cutoff time. These situations are utilized to answer to Lloyd's on how their arrangement of business would be influenced by major digital occasions. CyberCube has presented the three situations for practical digital fiascos as a component of its Portfolio Manager item, which is utilized by hazard transporters. The three situations, which CyberCube planned related to Lloyd's Underwriting group, Lloyd's market specialists and Guy Carpenter, are: - a cloud blackout - a force or foundation blackout - a significant malware assault The Lloyd's Market Association's Cyber Risk Strategy Group has additionally been vigorously engaged with building up the situations in the course of recent months. By dissecting how their arrangement of protection chances are influenced by these situations, the Lloyd's market can survey each coordinate's monetary flexibility and that of the market in general. The situations additionally uncover the most cutting-edge danger scene and related digital dangers that cause critical gatherings of misfortunes. The three digital situations, which will in future be remembered for Lloyd's formal Realistic Disaster Scenario (RDS) structure, will assume a significant part in organizations' business arranging measures. They mark the market's most complex digital examination exercise to date. Pascal Millaire, CyberCube’s CEO, said: “Lloyd’s syndicates have long been leaders in the global cyber insurance market and so it is no surprise that the Lloyd’s market is also taking a leadership role amongst regulators in thoughtfully measuring cyber exposure accumulation. We’re thrilled to be able to help Lloyd’s syndicates with this exercise using our platform.” Kirsten Mitchell-Wallace, Lloyd’s Head of Portfolio Risk Management, said: “The Lloyd’s market is a global leader in cyber insurance so understanding and controlling exposure to this class of business is critical. Cyber is a rapidly evolving risk that demands scrutiny at both syndicate and market level: the use of scenarios helps Lloyd’s to achieve this.” Siobhan O’Brien, Managing Director and Head of Guy Carpenter’s International Cyber Centre of Excellence, commented: “This is a very important piece of work for the broader RDS framework. The findings of the study will prove valuable not only for Lloyd’s syndicates but also for the wider insurance industry in helping to address some of the most challenging aspects of cyber risk that impact multiple lines of insurance.” CyberCube's Portfolio Manager is a digital danger fiasco model that permits guarantors to see how their book of business would be influenced by a progression of digital dangers. The model has not been closed down by Lloyd's yet is broadly utilized on the lookout. Deviations should be accounted for to Lloyd's and any inquiries with respect to the assortment time frame (January 8 to March 31) ought to be tended to in the main example to Lloyd's. About CyberCube CyberCube delivers the world’s leading cyber risk analytics for the insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s cloud-based platform helps insurance organizations make better decisions when placing insurance, underwriting cyber risk and managing cyber risk aggregation. CyberCube’s enterprise intelligence layer provides insights on millions of companies globally and includes modelling on thousands of points of technology failure. The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company exclusively focused on the insurance industry, with access to an unparalleled ecosystem of data partners and backing from ForgePoint Capital, HSCM Bermuda, MTech Capital and individuals from Stone Point Capital.

Read More

DATA SECURITY

Perfect storm of cybersecurity risks threatens the hybrid workplace

HP Wolf Security | November 01, 2021

HP Inc. today released its latest HP Wolf Security report: Out of Sight & Out of Mind, a comprehensive global study highlighting how the rise of hybrid work is changing user behavior and creating new cybersecurity challenges for IT departments. The research shows that a growing number of users are buying and connecting unsanctioned devices outside of IT’s purview. It also highlights that threat levels are rising, with attackers increasingly successful at bypassing defenses and tricking users into initiating attacks through phishing. All of this is making IT support more complex, time-consuming, and costly than ever. The report combines data from a global YouGov online survey of 8,443 office workers who shifted to Working from Home (WFH) during the pandemic, and a global survey of 1,100 IT decision makers conducted by Toluna. Key findings include: New Shadow IT buying and installing endpoints with security out of mind: ‘Shadow IT’ typically refers to non-IT departments deploying software beyond the purview of IT. This shadow is now spreading, with individuals procuring and connecting devices without being checked by IT. 45% of office workers surveyed purchased IT equipment (such as printers and PCs) to support home working in the past year. However, 68% said security wasn’t a major consideration in their purchasing decision, while 43% didn’t have their new laptop or PC checked or installed by IT, and 50% said the same of their new printer. Phishing becoming increasingly successful: 74% of IT teams have seen a rise in the number of employees opening malicious phishing links or attachments on emails in the last 12-months. 40% of office workers surveyed aged 18-to-24 have clicked on a malicious email with almost half (49%) saying they have done so more often since working from home. Of office workers that clicked or nearly clicked a link, 70% didn’t report it to IT – 24% didn’t think it was important, 20% cited the “hassle factor”, while 12% had a fear of reprisal or being punished. Increase in devices being compromised fuels growth in rebuild rates: 79% of IT teams report rebuild rates increased during the pandemic. Rebuild rates directly correlate to the number of endpoints that require wiping and reimaging because they have been compromised, which implies more attackers are successfully breaching outer defenses. The real figure could be higher still: 80% of IT teams worry that employee devices might be compromised and they don’t know about it. "People often don't know if they have clicked on something malicious, so the real numbers are likely much higher," comments Ian Pratt, Global Head of Security for Personal Systems, HP Inc. "Threat actors don't always announce themselves, as playing the 'long game' to move laterally and infiltrate higher-value infrastructure has proven to be more lucrative. For example, by using cloud backups to exfiltrate sensitive data in bulk, encrypting data on servers, then demanding a multi-million-dollar ransom.” Pratt continues: "It shouldn't be this easy for an attacker to get a foothold - clicking on an email attachment should not come with that level of risk. By isolating and containing the threat you can mitigate any harmful impact, preventing persistence and lateral movement." With threats rising, it’s becoming more difficult for IT teams to deliver security support. 77% of IT teams said the time it takes to triage a threat has increased in the past year, while an estimated 62% of alerts relating to the endpoint are false positives, leading to wasted time. With IT teams tied up dealing with alerts, it’s becoming harder for them to onboard employees and identify threats: 65% of IT teams said that patching endpoint devices is more time-consuming and difficult due to the mass shift to home working, while 64% said the same of provisioning and onboarding new starters with secure devices. As a result, IT teams estimate the cost of IT support in relation to security has risen by 52% in the last 12-months. 83% of IT teams said the pandemic has put even more strain on IT support because of home worker security problems, while 77% of IT teams say homeworking is making their job much harder and that they fear teams will burnout and consider quitting. “As IT continues to grow in complexity, security support is becoming unmanageable,” Pratt concludes. "For hybrid working to be a success, IT security teams need to be freed from spending hours provisioning and fielding user access requests so they can focus on tasks that add value. We need a new security architecture that not only protects against known and unknown threats, but that helps to reduce the burden to liberate cybersecurity teams and users alike. By applying the principles of Zero Trust, organizations can design resilient defenses to keep the business safe and recover quickly in the event of a compromise.” HP is helping organizations to secure the hybrid workplace by delivering endpoint security that provides teams with greater visibility and management tools. With HP Wolf Security1 organizations benefit from robust, built-in protection from the silicon to the cloud, and BIOS to browser. HP Wolf Security provides the ideal support for securing the hybrid workplace – for example HP Sure Click Enterprise2 reduces the attack surface by rendering malware, delivered via email, browser or downloads, harmless through threat containment and isolation. HP Wolf Security enables teams to deliver defense-in-depth and enhanced protection, privacy, and threat intelligence, gathering data at the endpoint to help protect the business at large. About HP Wolf Security From the maker of the world’s most secure PCs3 and Printers4, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

Read More

DATA SECURITY

SoundWay Consulting Announces the Launch of a Commercial Cybersecurity Practice

SoundWay Consulting | May 28, 2021

SoundWay Consulting, a HUBZone, SDVOSB, and WSOB Government Contractor specializing within the Defense Intelligence Sector, announced an award by GENEDGE to support Virginia's engineering, manufacturing, and technology firms Cybersecurity Maturity Model Certification (CMMC) and other industry cybersecurity best practices. This award positions SoundWay to expand upon its experience helping Government Contractors as a Registered Provider Organization as we await final review to become an authorized Certified Third-Party Assessor Organization (C3PAO) by the CMMC Accreditation Body. to lead these efforts, SoundWay hired its first vice president & Chief Cybersecurity Officer Carter, Schoenberg. "Expanding our capabilities to the commercial sector while still retaining our Intel DNA is a critical component for our growth strategy. Carter Schoenberg's experience and leadership in cybersecurity are proving to be key components of this strategy as we just obtained our first award as a prime contractor with GENEDGE supporting up to 85 engineerings, manufacturing, and technology firms in the State of Virginia", said Diane Bellegarde CEO, SoundWay. "We are investing heavily into our future to enable Government Contractors to meet their conformance objectives with CMMC with professional and managed services on one end of the spectrum while also becoming a certified assessing organization on the other end." SoundWay Consulting provides value to our clients by taking the tedium of cyber and providing "context" so business owners understand what they need to do and why. Accomplishing this approach ensures business owners do not overspend and have operational capabilities that are actionable, repeatable, and legally defensible. "I have worked with several firms over my career in cyber but not as small as SoundWay," said Carter Schoenberg, vice president, SoundWay Consulting. "The company's commitment to adopt pragmatic approaches to address gaps in the marketplace is important, but leadership's commitment and resourcing to execute has been exceptional in my opinion." About SoundWay Consulting SoundWay Consulting is a technology and management consulting firm specializing in supporting the Defense and Intelligence communities. Its newest capabilities now include cybersecurity solutions as an RPO and C3PAO.

Read More