Security Experts:
Barak Perelman
Barak Perelman is CEO of Indegy, an industrial cyber-security firm that improves operational safety and reliability for industrial control networks by providing situational awareness and real-time security.
Recent articles by Barak Perelman
-
While pharmaceutical operations networks were once siloed, today their connection to IT and anywhere access has created an environment that threatens the integrity of drug formulation control systems.
-
Recycled cyber attacks may be a fairly new development in ICS security, but they have been a staple in IT environments for years.
-
The same cloud technology that has exposed OT networks to external threats is now providing an alternative for protecting organizations when the physical deployment of OT security equipment is not practical.
-
Since Building Management Systems (BMS) are integrated with and interconnected to both hardwired and cloud based solutions, as well as third party applications, their attack surface is large and getting larger.
-
Passive network security monitoring has its value for identifying certain indicators of compromise (IoC), but does not detect and mitigate all attacks or incidents on ICS networks.
-
Just as internet security was a relative unknown concern 20 years ago, public awareness of threats to the electric grid, water supplies, etc. is mounting
-
Many organizations with OT networks face a massive challenge to maintain operational efficiency and improve network security at the same time.
-
Concerns about endpoint security in industrial environments, especially among OT personnel, are being driven by the demise of the traditional air gapping of OT infrastructures.
-
For industrial organizations, establishing an infrastructure that provides visibility, security, control, and is purpose-built for operational technologies (OT), is the clearest path to compliance.
-
The new connectivity between IT and OT has created a clear and present cyber threat to previously isolated ICS environments.
-
The breadth of attacks targeting critical infrastructure sectors are not only deeper but also broader than originally thought. Most likely, Russia and others want to acquire a “Red Button” capability that can be used to shut down the power grid.
-
While TRITON is not the first malware to target industrial control systems (ICS), it does signal that operational networks, which have been largely immune to cyber threats, are now in the crosshairs of attackers.
-
Many systems that support industrial controllers are likely vulnerable to Spectre and Meltdown vulnerabilities, which affect hardware running in the majority of the world’s computing devices.
-
2018 will present new and increasing industrial cyber security challenges for facilities operators, but new developments will help minimize those threats.
-
The successful deployment of industrial cybersecurity projects must leverage resources from both IT and OT.
-
Organizations need specialized monitoring and control technologies for ICS networks that provide the deep, real-time visibility to identify suspicious or malicious activity
-
If WannaCry had targeted industrial controllers, it would have been much more difficult to protect them and the damage would have been much more widespread.
-
It’s a generally known fact that most Industrial Control System (ICS) environments were not built with cyber security in mind because they were designed before the cyber threat existed.
-
Industrial organizations need early detection of suspicious activity like unauthorized network scans, attempts to read information from controllers and other unsanctioned control-plane activity.
-
One of the biggest concerns, if these industrial threat predictions come true, is the likelihood of widespread collateral damage.
-
Most industrial Control Systems (ICS) lack basic asset discovery and management capabilities common in IT networks.
-
While many companies are concerned about cyber threats to their operations, most do not understand the difference between data plane and control plane protocols.
-
Securing ICS networks is an extremely challenging task, as they lack many of the threat monitoring, detection, and response capabilities commonly found in IT infrastructures.
-
To protect against external threats, malicious insiders and human error, industrial organizations must monitor all activities - whether executed by an unknown source or a trusted insider.
-
The single biggest roadblock to ICS security today is the lack the visibility and control into activity that is occurring at the control layer, namely access and changes made to industrial control devices.
Get the Daily Briefing
- French Virus Tracing App Goes Live Amid Debate Over Privacy
- Several Exim Vulnerabilities Exploited in Russia-Linked Attacks
- Android's June 2020 Patches Fix Critical RCE Vulnerabilities
- VMware Cloud Director Vulnerability Has Major Impact for Cloud Providers
- Microsoft Sponsors 2020 Machine Learning Security Evasion Competition
- IP-in-IP Vulnerability Affects Devices From Cisco and Others
- Apple Patches Recent iPhone Jailbreak Zero-Day
- Hackers Leak Data Stolen From UK Electricity Market Administrator Elexon
- Hackers Disrupt Minneapolis Systems, But No Evidence of Breach
- Zscaler Acquires Microsegmentation Firm Edgewise Networks
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy