July 31, 2015 Leave a comment
What if you woke up one morning and found that the New York Stock Exchange, The Wall Street Journal and United Airlines had all been breached? Would you fear our crucial infrastructure was under attack? While researchers have yet to find evidence of a coordinated cyberattack, the events of July 8 provide unsettling reminders of the fragility of automated systems. Institutions like the NYSE that are supposed to be the safest in the world with the most ironclad security measures in place are also vulnerable to attack. And the breach at the Office of Personal Management shows us that government networks can be breached as easily as those in the private sector.
Every day, endpoint machines in the construction, utilities and maintenance sectors are susceptible to a host of IT challenges and cyber threats. As we continue down a path of total connectivity to each other and the Internet – commonly referred to as the Internet of Things (IoT) – it is evident that our core infrastructure is outdated and at risk. The risk is compounded by the fact that many of the organizations that make up our critical infrastructure – those mentioned above as well as hospitals, utilities, airlines, and major media – have large computer populations that are geographically dispersed or have historically operated in isolated environments, far away from hostile network traffic.
Organizations that fall under the critical infrastructure domain are charged with protecting sensitive data and in some cases personal information. At the same time, they need to control costs and demonstrate compliance with a variety of regulatory demands. Unfortunately, all too often, connected capabilities are layered atop aged infrastructures and ‘good enough’ security practices are usually off-the-shelf software that relies on slow patches to handle emerging threats.
Triumfant’s AtomicEye enables organizations that are responsible for critical infrastructure projects to close gaps in endpoint computer security, enforce important configuration standards and maintain continuous compliance. We do this by detecting, stopping and remediating endpoint threats while limiting the need for human interaction. This approach reduces labor costs while assuring compliance with Supervisory Control and Data Acquisition (SCADA) standards and a host of government and industry regulations.
Triumfant’s AtomicEye complements and extends the defensive measures that the sector already has in place by:
- Ensuring that the defensive software on each machine is in place, properly configured and in working order;
- Enforcing security policies and configuration settings on a daily basis;
- Serving as the last line of defense by detecting the malicious software that evades traditional signature based antivirus software such as zero day attacks;
- Ensuring compliance with National Institute of Standards and Technology (NIST) and ICS (Industrial Control Systems);
- And, if a machine is attacked, Triumfant performs a holistic remediation to ensure there are no harmful artifacts from the attack that leave the machine vulnerable. Best of all, the Triumfant remediation doesn’t disrupt day-to-day operations. If a breach is detected, the system will stay online during the fix.
In order to avoid a potential Cyber 911, it’s time for critical infrastructure providers to invest in proper security measures, to be proactive vs. reactive, and to lead other market segments by example.