Home > News > Trending news > SANS Institute Introduces Volume 3 of the ICS Cybersecurity Field Manual, Featuring Actionable Guidance to Protect Against Evolving Threats

Enterprise Security, Platform Security, Software Security

SANS Institute Introduces Volume 3 of the ICS Cybersecurity Field Manual, Featuring Actionable Guidance to Protect Against Evolving Threats

Prnewswire | May 15, 2023 | Read time : 05:00 min

SANS Institute Introduces Volume 3 of the ICS Cybersecurity

SANS Institute, the global leader in cyber security training and education, has announced the latest SANS ICS Cybersecurity Field Manual Volume 3, a continuation from Volumes 1 and 2, providing Industrial Control Systems (ICS) cybersecurity professionals and ICS risk managers with more advanced insights into industrial control system specific incident response, risk-based ICS vulnerability management, ICS defender skillsets, team management, and ICS security tools and protocols to defend these systems.

The first two volumes, released in 2022 and 2023, offered a comprehensive overview of ICS security, and the third volume provides more detailed, actionable guidance in the areas of active incident response, environment and safety concerns, vulnerability management and patching, threat detection, system design, network architecture, and effective risk management. Volume 3 also shares the security skillset recipe for the best ICS security team defenders.

"The SANS ICS Cybersecurity Field Manual series is an essential tool for all Industrial Control Systems (ICS) security professionals," said ICS expert, field manual author, and Certified SANS Instructor, Dean Parsons, "and it should find a home on the desk of every control system operator, critical infrastructure cyber defender, and ICS/OT risk manager, in all industrial control system sectors globally. Security professionals must up defenses and staff skillsets to meet the evolving threats, so the ICS Cybersecurity Field Manual should be a necessity in the ICS Incident Response jump bag."

SANS will be hosting a webcast featuring Parsons to discuss the new edition of the manual on Wednesday, May 10, 2023, at 10:00 AM EDT. Attendees will learn about the latest manual edition and gain insights on how to best protect ICS systems.

To join the webcast, please register here: https://www.sans.org/webcasts/discover-ics-cybersecurity-field-manual-vol-3/

Continue to enrich your ICS Security career by downloading the new ICS Cybersecurity Field Manual Vol. 3 as well as ICS Cybersecurity Field Manuals Vol. 1 and 2 here: https://www.sans.org/mlp/ics-resources/

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cybersecurity events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on technical certifications in cybersecurity. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's and bachelor's degrees, graduate certificates, and an undergraduate certificate in cybersecurity. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to manage their "human" cybersecurity risk easily and effectively. SANS also delivers a wide variety of free resources to the InfoSec community, including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system-the Internet Storm Center. At the heart of SANS are the many security practitioners representing varied global organizations, from corporations to universities, working together to support and educate the global information security community.

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,


Other News
Software Security

Keeper Security’s Latest Update Improves Android and User Interface

Keeper Security, Inc. | September 25, 2023

Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality. Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon. Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include: Streamlined Usability Friendlier Interface Accessibility and Inclusion Advanced Search Craig Lurey, CTO and Co-Founder of Keeper Security, said, We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user. [Source – Cision PR Newswire] Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities. About Keeper Security Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.

Read More

Software Security

ZeroFox Unveils New Anti-Phishing Features to Stop Attacks at Source

ZeroFox | September 22, 2023

ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers. The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats. Continuous and Complete Protection Against Domain-based Threats ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations. Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes: Reduce Phishing Risks with Anti-Cloaking Capabilities: Strengthen Compliance and Trust with SSL Monitoring Secure Brand Identity with Favicon Search Improve Operational Efficiency with Enhanced Subdomain Coverage Enhance User Experience (UX) with Weblog Monitoring Mike Price, Chief Technology Officer of ZeroFox, said, ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques. [Source – Globe Newswire] Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques. About ZeroFox ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.

Read More

Software Security

Lacework and Snowflake Expand Their Alliance to Secure Cloud Business

Lacework | September 15, 2023

Lacework, a company specializing in data-driven cloud security, and Snowflake, a prominent Data Cloud company, have jointly announced an expanded partnership. This partnership aims to propel the evolution of cloud infrastructure while enhancing cloud security automation at scale. Through this extended collaboration, security teams gain direct access to their Lacework cloud security data using Snowflake's secure data sharing, thus enabling unified visibility and tailored automation. Ulfar Erlingsson, Chief Architect, Lacework, said, Snowflake has been a dedicated platform partner as Lacework has scaled our business to support over 900 customers — ranging from small, early-stage startups to some of the most sophisticated enterprises running in the cloud space today — whose operations result in tremendous volume, variety, and velocity of security-relevant data. [Source – Cision PR Newswire] Erlingsson mentioned that, over the past seven years, Lacework had successfully conducted timely and efficient data processing by utilizing the Snowflake Data Cloud, even among a highly skewed set of customers. He further explained that their extended partnership with Snowflake would enhance their ability to serve joint customers at a cloud scale. This would apply whether customers needed them to handle only a small amount of security data or data processing at rates as high as 10s of gigabytes per second. As generative AI advances and becomes more accessible across various industries, the frequency and severity of cybersecurity threats are on the rise. This trend is driven by businesses accelerating their development processes and increasing cloud data generation. Addressing this new era of cloud security necessitates a fundamentally fresh approach, and Lacework's platform is designed to efficiently manage the substantial volume of data within an organization's cloud ecosystem. This includes data related to code, identities, containers, and multi-cloud infrastructure, with Snowflake serving as a critical platform partner. Through the combined capabilities of Lacework's security platform and Snowflake's Data Cloud, customers gain the ability to extend the value of cloud security data throughout their organization. This enables organizations to thoroughly assess their security and compliance status. Head of Cybersecurity Strategy at Snowflake, Omer Singer, said, Among the many potential advantages of generative AI is the ability for enterprises to deploy new applications faster, which places even more emphasis on the need to have scalable infrastructure and solutions. The combination of Snowflake and Lacework will continue to assist organizations scale their cloud businesses securely in the new era. [Source – Cision PR Newswire] About Lacework Lacework protects organizations in the cloud, enabling them to innovate with greater speed and assurance. Lacework's platform is designed to scale with the variety, volume, and velocity of cloud data across an organization's cloud environment, including code, containers, identities, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a connected and prioritized end-to-end view that identifies the most significant hazards and security events. About Snowflake The Snowflake enables all organizations to mobilize their data with its Data Cloud. Customers utilize the Data Cloud to integrate disparate data sources, power data applications, discover and securely share data, and implement a variety of AI/ML and analytic workloads. Snowflake provides a singular data experience that transcends multiple clouds and geographies, regardless of where data or users reside. Snowflake Data Cloud is used by thousands of customers across numerous industries, including 639 of the 2023 Forbes Global 2000 as of July 31, 2023.

Read More

Software Security

Cyolo Unveils Key Insights into OT Cybersecurity Threat Landscape from KuppingerCole and Releases Cyolo 4.3 for Enhanced Security

Business Wire | September 27, 2023

Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments. The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks. OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions. Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole. Overall key insights include: OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being. Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework. OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats. As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space. With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM. “Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.” The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS). As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here. Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT. About Cyolo Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.

Read More

Software Security

Keeper Security’s Latest Update Improves Android and User Interface

Keeper Security, Inc. | September 25, 2023

Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality. Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon. Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include: Streamlined Usability Friendlier Interface Accessibility and Inclusion Advanced Search Craig Lurey, CTO and Co-Founder of Keeper Security, said, We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user. [Source – Cision PR Newswire] Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities. About Keeper Security Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.

Read More

Software Security

ZeroFox Unveils New Anti-Phishing Features to Stop Attacks at Source

ZeroFox | September 22, 2023

ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers. The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats. Continuous and Complete Protection Against Domain-based Threats ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations. Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes: Reduce Phishing Risks with Anti-Cloaking Capabilities: Strengthen Compliance and Trust with SSL Monitoring Secure Brand Identity with Favicon Search Improve Operational Efficiency with Enhanced Subdomain Coverage Enhance User Experience (UX) with Weblog Monitoring Mike Price, Chief Technology Officer of ZeroFox, said, ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques. [Source – Globe Newswire] Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques. About ZeroFox ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.

Read More

Software Security

Lacework and Snowflake Expand Their Alliance to Secure Cloud Business

Lacework | September 15, 2023

Lacework, a company specializing in data-driven cloud security, and Snowflake, a prominent Data Cloud company, have jointly announced an expanded partnership. This partnership aims to propel the evolution of cloud infrastructure while enhancing cloud security automation at scale. Through this extended collaboration, security teams gain direct access to their Lacework cloud security data using Snowflake's secure data sharing, thus enabling unified visibility and tailored automation. Ulfar Erlingsson, Chief Architect, Lacework, said, Snowflake has been a dedicated platform partner as Lacework has scaled our business to support over 900 customers — ranging from small, early-stage startups to some of the most sophisticated enterprises running in the cloud space today — whose operations result in tremendous volume, variety, and velocity of security-relevant data. [Source – Cision PR Newswire] Erlingsson mentioned that, over the past seven years, Lacework had successfully conducted timely and efficient data processing by utilizing the Snowflake Data Cloud, even among a highly skewed set of customers. He further explained that their extended partnership with Snowflake would enhance their ability to serve joint customers at a cloud scale. This would apply whether customers needed them to handle only a small amount of security data or data processing at rates as high as 10s of gigabytes per second. As generative AI advances and becomes more accessible across various industries, the frequency and severity of cybersecurity threats are on the rise. This trend is driven by businesses accelerating their development processes and increasing cloud data generation. Addressing this new era of cloud security necessitates a fundamentally fresh approach, and Lacework's platform is designed to efficiently manage the substantial volume of data within an organization's cloud ecosystem. This includes data related to code, identities, containers, and multi-cloud infrastructure, with Snowflake serving as a critical platform partner. Through the combined capabilities of Lacework's security platform and Snowflake's Data Cloud, customers gain the ability to extend the value of cloud security data throughout their organization. This enables organizations to thoroughly assess their security and compliance status. Head of Cybersecurity Strategy at Snowflake, Omer Singer, said, Among the many potential advantages of generative AI is the ability for enterprises to deploy new applications faster, which places even more emphasis on the need to have scalable infrastructure and solutions. The combination of Snowflake and Lacework will continue to assist organizations scale their cloud businesses securely in the new era. [Source – Cision PR Newswire] About Lacework Lacework protects organizations in the cloud, enabling them to innovate with greater speed and assurance. Lacework's platform is designed to scale with the variety, volume, and velocity of cloud data across an organization's cloud environment, including code, containers, identities, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a connected and prioritized end-to-end view that identifies the most significant hazards and security events. About Snowflake The Snowflake enables all organizations to mobilize their data with its Data Cloud. Customers utilize the Data Cloud to integrate disparate data sources, power data applications, discover and securely share data, and implement a variety of AI/ML and analytic workloads. Snowflake provides a singular data experience that transcends multiple clouds and geographies, regardless of where data or users reside. Snowflake Data Cloud is used by thousands of customers across numerous industries, including 639 of the 2023 Forbes Global 2000 as of July 31, 2023.

Read More

Software Security

Cyolo Unveils Key Insights into OT Cybersecurity Threat Landscape from KuppingerCole and Releases Cyolo 4.3 for Enhanced Security

Business Wire | September 27, 2023

Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments. The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks. OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions. Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole. Overall key insights include: OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being. Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework. OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats. As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space. With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM. “Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.” The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS). As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here. Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT. About Cyolo Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.

Read More

More Trending news

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

Resources

Protecting The Aviation Sector From Cyberattacks

Whitepaper

Protecting Public Water Systems From Cyberattacks

Whitepaper

Leading the Pack: Top 15 Network Security Providers for Businesses

Article

Protecting The Aviation Sector From Cyberattacks

Whitepaper

Protecting Public Water Systems From Cyberattacks

Whitepaper

Leading the Pack: Top 15 Network Security Providers for Businesses

Article