Tuesday, December 12, 2017

2018 Industrial IoT Predictions


Paul Myer, CEO, Veracity Industrial Networks makes these predictions about the industrial IoT for 2018:

There will be a nation-state cyber-attack on our critical infrastructure in 2018
There has been an increase in the number of attacks on our nation’s infrastructure, such as our power grid. Now, these systems are secure and we have not seen a widespread attack be successful, but as the old saying goes, the bad guys only have to be “right” once; those defending these institutions have to be “right” every time. 

In October, the DHS and FBI warned that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May. They also reported that some of those hackers were successful in compromising the networks. All this evidence points to an increasing risk that an attacker will be successful in the near future.

The “industrial cybersecurity” space will see record investment in 2018
Cybersecurity has been attracting significant investment for years now, however the bulk of that investment has been in the traditional “IT security” world where the most action is. During 2018, we expect to see a shift where more investment goes toward companies addressing the industrial cybersecurity needs that are becoming critical.

The industrial side of cybersecurity has lagged the “IT security” world in development of tools and procedures. Reliance on “air-gapping” as a security measure has run its course. This will bring a new group of industrial cybersecurity-based solutions looking for investment. We predict that investment will be large and immediate. 

The lack of trained cybersecurity personnel will become acute in 2018
There has been considerable discussion about the lack of trained cybersecurity professionals and the issue this causes. The growth of our cybersecurity needs has far outpaced the development of training programs and the number of new experts we are creating. Things will be worse before they get better and 2018 will likely shine a light on this intellectual shortfall.

This “shortage” will be more acute in industrial networks as there are less training options for those professionals. Also, the lack of viable networks security tools on the industrial network side make the actions of trained network security professionals all the more important. 

The “ransomware” business model will be applied to more hacks
The advent of “ransomware” attacks, where your data is held hostage by a hacker that has compromised your computer until you pay a ransom. This new revenue source for today’s cyber criminals has broadened the targets for hackers geometrically. Suddenly, companies and individuals that house no data suitable for sale on the dark web have become targets. Locking up a grandmother’s photos could produce revenue now.

Part of the ransom phenomena is made possible by the anonymous nature of bitcoin as a currency. We predict that hackers will spread the ransomware business model to the industrial space by holding parts of OT/ICS networks hostage, in 2018.

Monday, December 11, 2017

The Top Game Changing Data Trends for 2018

The Convergence of Data Management Technologies, Growth of Metadata Management and the Increased Focus on AI Make Up the Most Impactful Trends for 2018
NAPERVILLE, Ill. (PRWEB) Infogix today identified pivotal data trends that will impact businesses in 2018 and beyond.

“Metadata management and ensuring data privacy for regulations such as GDPR joins earlier trends like AI and IoT, but the unexpected trend of 2018 will be the convergence of data management technologies,” said Emily Washington, senior vice president of product management at Infogix. “Big data has been the next big technology phenomenon for a long time, but businesses are increasingly evaluating ways to streamline their overall technology stack if they want to successfully leverage big data and analytics to create a better customer experience, achieve business objectives, gain a competitive advantage and ultimately, become market leaders.” 

The top data trends for 2018 were assembled by business leaders at Infogix who have decades of experience in information technology. The major trends include:

2018: The Year of Converging Data Management Technologies
  • Use cases have proven that leveraging data requires a multitude of separate tools for tasks like data quality, analytics, governance, data integration, metadata management and more.
  • To extract meaningful insights and increase operational efficacy, businesses will increasingly demand flexible, integrated tools to enable users to quickly ingest, prepare, analyze, act on, and govern data—while easily communicating insights derived.
Increased Importance of Data Governance
  • The deluge of data is growing, government regulations are increasing and teams have much greater access to data within an organization. Add to this the increasing need to leverage advanced analytics, and data governance has become more critical than ever.
  • Data governance capabilities have evolved in a way that provides complete transparency into a business’s data landscape—allowing them to combat increasingly complex regulatory and compliance demands and the shifting tides of business policies and business alignment.
The Continued Rise of the Chief Data Officer (CDO)
  • In today’s data-intensive environment, a CDO is more important than ever to navigate regulatory demands, successfully leverage data and manage enterprise-wide governance.
  • A CDO helps businesses manage unstructured and unpredictable data, while successfully leveraging advanced analytics and maximizing the value of data assets across the business enterprise.
Ensuring Data Privacy for Regulations such as the General Data Protection Regulation (GDPR)
  • When GDPR goes into effect in May 2018, it will strengthen and unify data protection rules for all organizations processing personal data for European Union (EU) residents.
  • Through analytics-enabled data governance, a business can not only locate personal data enterprise-wide, but monitor compliance, usage, approvals, and accountability across the organization.
The Proliferation of Metadata Management
  • Metadata is a growing trend for 2018. This “data about data” contains the information necessary to understand and effectively use data such as business definitions, valid values, lineage, and more.
  • Using such ontologies, organizations can understand the relationship between data sets, as well as enhance discoverability in metadata. Metadata management is critical in enterprise data environments to support data governance, regulatory compliance and data management demands.
The Monetization of Data Assets
  • Organizations recognize that data is either a liability or an asset. Metadata can be used to enable a deeper understanding of the most valuable information.
  • We are seeing more organizations using a combination of logical, physical, and conceptual metadata to classify data sets based on their importance, and businesses can apply a numerical value to each data classification, effectively monetizing it.
The Future of Prediction: Predictive Analytics to Improve Data Quality
  • With the continued concerns with data quality, and the volumes of data increasing, businesses are enhancing data quality anomaly detection with the use of machine-learning algorithms.
  • By using historical patterns to predict future data quality outcomes, businesses can dynamically detect anomalies in data that might otherwise have gone unnoticed or only found much later through manual intervention.
IoT Becoming More Real
  • Each passing year marks an increase in the number of connected devices generating data and there is a steep rise in focusing on extraction of insights from this data.
  • We are starting to see more and more defined IoT use cases leveraging data—from newer connected devices like sensors, and drones for analytics initiatives. With this, there is a growing demand for streaming data ingestion and analysis.
“As more data is generated through technologies like IoT, it becomes increasingly difficult to manage and leverage. Integrated self-service tools deliver an all-inclusive view of a business’s data landscape to draw meaningful, timely conclusions,” said Washington. “Full transparency into a business’s data assets will be crucial for successful analytics initiatives, addressing data governance and privacy needs, monetizing data assets and more as we move into 2018.”

2018 Security Predictions: It's Still the Wild, Wild West

The last US presidential election revealed the dangers and the difficulties of prognostication. But that doesn't deter those determined to look ahead at what we may face in 2018. We reached out to several security mavens to learn what worries them about the coming year. It's interesting how broad their concerns are, and how little they overlap. Yes, 2018 will be an interesting year. You can read the predictions here.

Wednesday, November 15, 2017

No-Shock: Worst Year For Vulnerabilities Already – Only Through Q3 2017


2017 has officially become the worst year on record with over 16,006 disclosed vulnerabilities.

RICHMOND, VA, November 14, 2017 -- Risk Based Security today announced the release of its Q3 2017 VulnDB QuickView report that shows there have been 16,006 vulnerabilities disclosed through September 30th this year. This is the highest number of disclosed vulnerabilities at the end of the third quarter on record and represents a 38% increase over the same period in 2016. In addition, cataloged vulnerabilities in the first nine months of 2017 have exceeded the total vulnerabilities for all of 2016 (15,832). The 16,006 vulnerabilities cataloged by Risk Based Security’s VulnDB research team eclipsed the total covered by the CVE and National Vulnerability Database (NVD) by 6,295.

“When hearing that so many vulnerabilities are missing from CVE/NVD, most security professionals want to justify the gap by trying to convince themselves that the vulnerabilities missed can’t possibly impact their organization and if they do they must be low risk. However, just as our previous reports have indicated this isn’t the case. 44.1% – over 2,700 – of the vulnerabilities not published by NVD/CVE have a CVSSv2 score between 7.0 and 10, which include widely deployed software used by many organizations. Any security product or tool that relies on CVE/NVD is putting your organization at serious risk.” said Jake Kouns, Chief Information Security Officer for Risk Based Security.

“As Equifax dominated the data breach headlines, it was revealed that due to a series of delays they were unable to patch the exploited flaw, now commonly known as Struts-Shock, in a timely fashion. What the media missed is that there have been a total of 75 vulnerabilities in Apache Struts, and 5 new vulnerabilities since Struts-Shock was disclosed. It makes you wonder if there were any other delays in correcting those issues as well, and if Equifax has additional unpatched vulnerabilities”, added Kouns.

The newly released 2017 Q3 2017 report from Risk Based Security shows that 39.9% of total reported vulnerabilities received CVSSv2 scores above 7.0. This means that not only is the number of vulnerabilities on the rise, but the severity of the vulnerabilities disclosed remains high. What is more concerning for organizations is that 31.6% of the vulnerabilities disclosed have public exploits available and 47.9% can be exploited remotely.

The VulnDB QuickView report also highlights the relationships between researchers and vendors, showing that they are continuing to work together. Vulnerabilities disclosed in a coordinated fashion continues to be around 43%, on par from the mid-year report. In addition, 6.1% of the vulnerabilities disclosed in software products were coordinated through vendor and third-party bug bounty programs.

“While our proprietary Vulnerability, Timeline, and Exposure Metrics (VTEM) show that not all vendors are prioritizing and fixing vulnerabilities as quickly as we would prefer, the good news is that 75.8% of 2017 vulnerabilities through September do have a documented solution”, says Kouns.

Tuesday, November 14, 2017

Top 5 Predictions for ICS Security in 2018



Nozomi Networks has comprised the top 5 predictions for ICS Security in 2018.

1. ICS malware moves beyond Windows exploits to ICS-specific malware. Up to now, most malware that has infected ICS have used Windows vulnerabilities or protocols to infect and spread. For example, in 2017, WannaCry, Industroyer and Dragonfly 2 all used the Windows protocol, SMB, as a key infection and proliferation mechanism. Malware attacks using OT device software, such as PLC software, will start to occur adding to the sea of Windows-dependent attacks.

2.The cuffs will come off of Internet connectivity for ICS systems as IT technology is increasingly integrated with ICS systems to achieve operational efficiencies.  Progressive companies will implement new technologies and procedures necessary to not only bridge IT and OT, but also to defend their ICS from this source of cyber threats.

3. Artificial intelligence becomes more mainstream for ICS systems to provide next generation security to fight cyber threats. Organizations grappling with ICS cybersecurity staffing and skills shortages are turning to AI solutions to achieve security and productivity goals. AI powered monitoring tools are now able to discover breaches automatically and provide information on remediation.

4. The shortage of ICS cybersecurity skills will open the door for vendors to provide full security services. These services will move beyond risk assessments to become more full service.

5. Security-by-Design will start to improve ICS Security.  Major companies will increase their demands that security be included in new automation equipment purchases; for example, requiring that RTUs have encrypted software. Cybersecurity certification will also rapidly grow and major automation vendors will have their products tested for the ISA Secure certification.

For more, see these books:

Cyber Security for Industrial Control Systems: From the Viewpoint of Close-Loop

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS