Collaborate Disseminate
A new Dragos report highlights recent threats targeting industrial control systems and operational technology environments and identifies strategies to address them.
The post New security threats target industrial control and OT environments appeared first on CyberScoop.
Continue reading New security threats target industrial control and OT environments
A challenge in industrial control systems (ICS) cybersecurity is the lack of detection and collection capability within most ICS environments. Security leaders can struggle to piece together the complete attack chain in actual ICS incidents because the environments cannot collect the required evidence. A new report, “2021 MITRE Engenuity ATT&CK Evaluations for ICS,” produced by Dragos, evaluates the ICS threat detection market and shows a realistic demonstration of an attack against an operational technology environment. This report details the purpose of the ATT&CK evaluations for ICS and the lessons learned from the evaluation results, including: How the MITRE ATT&CK for ICS framework was developed A breakdown of the ATT&CK Evaluations for the ICS scenario, including the emulated attack approach and the ICS environment The ATT&CK Evals results and how Dragos performed Benefits to the ICS cybersecurity community Learn more on the ATT&CK Evaluations and how to accelerate digital transformation securely to manage growing risks to protect core business operations. This article was produced by CyberScoop […]
The post How to improve threat detection in ICS environments appeared first on CyberScoop.
Continue reading How to improve threat detection in ICS environments
Improving detection of advanced cyberthreats is a high priority in any security operation. However, a lack of visibility in an ever-expanding attack surface coupled with too many siloed security tools can overwhelm security teams with alerts and false positives. In addition, investigating broader malicious operations requires a complex workflow and staffing with domain expertise, a new report says. According to security experts at Cybereason, extended detection and response (XDR) provides security analysts with better visibility into the attack surface and the ability to act quickly across multiple security layers. They recently released a guide to help practitioners better understand AI-driven XDR platforms and those capabilities that help organizations to predict, understand and defend against attacks. The guide outlines in detail how to: Reduce false positives Improve threat hunting and intelligence management Boost productivity from unified investigations Increase automated response capabilities Read more in the Definitive Guide to Achieving 10X the Security […]
The post Overcoming key business and operational challenges with XDR appeared first on CyberScoop.
Continue reading Overcoming key business and operational challenges with XDR
Ransomware isn’t showing signs of slowing down in the new year. It’s staked its claim as a major element of the cybercriminal ecosystem and potentially one of the costliest and damaging malware attacks, according to a new report. What we are seeing over the past 18 months, however, is a shift in tactics: Threat actors are targeting ever-larger organizations, and the business model that dictates how ransomware attacks occur is evolving. It’s up to IT professionals to proactively deal with these trends to meet the challenges just on the horizon and beyond. Enterprises can successfully defend themselves from threats when there is a balance between detection and prevention, says a new report produced by SophosLabs and the Sophos Managed Threat Response, Sophos Rapid Response and SophosAI teams. The report covers: The future of ransomware The impact of Ransomware-as-a-Service The expanding threat of extortion-style attacks How misuse of “threat emulation” tools […]
The post Trends that shaped ransomware – and why it’s not slowing down appeared first on CyberScoop.
Continue reading Trends that shaped ransomware – and why it’s not slowing down
Ransomware attacks on enterprise IT systems — especially those that are integrated with operational technology (OT) — can cause major disruptions for critical industry sectors, cautions a new cybersecurity whitepaper. Not only does ransomware create unusable file systems, but these attacks disrupt production and distribution of goods, and services and end up costing industries millions of dollars in total losses. The whitepaper, produced by Dragos, describes how IT security leaders can apply evolutionary game theory (EGT) to the complex series of events that lead to a ransomware attack. The paper proposes a mathematical approach to predict behaviors and understand how relationships between a system’s parts give rise to its collective behaviors. “Ransomware has become the primary attack vector for many industrial organizations during 2021,” shares the white paper, and “incidents like Colonial Pipeline, Honeywell and JB Foods showed the world that even when industrial control systems, which are integrated with […]
The post Using evolutionary game theory to mitigate ransomware risks appeared first on CyberScoop.
Continue reading Using evolutionary game theory to mitigate ransomware risks
As enterprises invest in digital transformation, industrial cybersecurity will increasingly serve as the critical enabler for safely and securely advancing business goals through technological innovation. While this transformation of operational technology (OT) provides significant benefits, they can be diminished by increased cyber security risk. A new report, “An Executive’s Guide to Industrial Cybersecurity,” produced by Dragos, breaks down how organizations can better secure operational technology systems. The report looks at: How digital transformation and connectivity increase risk and exposure How the OT threat landscape is growing rapidly and increasing in sophistication Why remediating OT vulnerabilities requires a different approach than IT vulnerabilities Next steps executives should take to assess and address the unique challenges of OT cybersecurity Learn more about the key components to keep your operational technology secure. This article was produced by CyberScoop for, and sponsored by, Dragos.
The post The benefits of understanding industrial technology appeared first on CyberScoop.
Continue reading The benefits of understanding industrial technology
Ransomware attacks are a growing concern across both public and private sectors with recent research [Link to asset] indicating that by 2031 attacks will cost its victims more than $265 billion annually. With new operating system vulnerabilities continually being discovered — and variants of malicious code regularly being developed — keeping up a frontline defense against cyberthreats is an overwhelming task. That is why security leaders recommend that integrating data backup and recovery solutions as a part of any organization’s multi-layered cybersecurity strategy. A recent white paper from Veritas Technologies leans on recommendations from the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework to lay out best practices for a comprehensive data backup strategy. That includes adding capabilities like vision management, identity and access management, immutable storage and data encryption. When looking for the best data backup and recovery solution, the report recommends that leaders ask themselves some key questions about […]
The post Increase cyber resiliency with modern data backup and recovery solutions appeared first on CyberScoop.
Continue reading Increase cyber resiliency with modern data backup and recovery solutions
Chief information security officers working at high-profile enterprises know their jobs are as much about guarding their organization’s brand reputation and trust as they are about IT security. But to ensure that trust, CISOs need to know whether their security investments are actually working, and that calls for having metrics that matter to senior management, according to a new report. “It’s all about measurement,” says Home Depot CISO Stephen Ward, in remarks quoted in “The 2019 Trust Report,” released by Synack. “CISOs need a way to present security to their executive team and board in a way that clearly demonstrates and measures business risk to the organization. The executive team doesn’t want to talk about security — they want to talk about risk.” The report provides CISOs with a framework for using data from their security programs to gain a clearer sense of their organization’s ability to withstand damaging cyberattacks […]
The post How to demonstrate trust in cybersecurity practices with organization leaders appeared first on CyberScoop.
Continue reading How to demonstrate trust in cybersecurity practices with organization leaders
Zero-trust security models are helping large organizations to protect against malicious users, including those who have already infiltrated their networks, a new report says. Government agencies will benefit from stricter security controls if they shift to a zero-trust approach, according to experts from Duo Security. Zero trust assumes from the outset that all users and data traffic are operating in an open and unsecured environment. The focus on security then shifts to giving authorized users access to designated applications and data based on their identity and to devices based on their level of trustworthiness. “Achieving Zero-Trust Security in Federal Agencies” breaks down the methods to build zero-trust practices, including continuous authentication, device assessment, user controls and application access. Continuous authentication is a user-specific approach that doesn’t rely on privacy-protected information. The security environment protects from threats by taking note of typical behaviors and then denying access when it senses off-pattern […]
The post Security controls that verify users and devices protect agencies from insider threats appeared first on Cyberscoop.