I’ve run into several folks who wanted to ignore the Biden Administration’s recently announced National Cybersecurity Strategy – “isn’t that just for Federal agencies?”. That would be a dangerously flawed assumption! This is a major shift in strategy, and regardless of how small your organization is, it’s going to change how you get to a secure state, and how you show that you’re doing it.
The administration makes no secret of its goals, even if they are controversial. They openly describe a target of shifting the playing field, and as always, this creates winners and losers. You need to be agile to ensure you’re on the winner side of this equation! The tilted playing field is aiming for two effects. One goal is to change the economic risk/reward so that bad actors think twice. The other is a significant shift in the burden of defense, pushing it up from smaller mom-and-pop scale organizations, transferring it to larger, more capable companies.
One of the biggest elephant in the room questions for Security Operations groups that deal with Vulnerability Scanners is very simple to state, but very, very tricky to answer, “are you sure you are scanning the entire network?” Sounds like it should be a simple yes or no answer. However, with any network of scale, the answer can be almost impossible to verify.
I was in a high level meeting for a large Health Organization with the CTO, head of Network Operations (NetOps), the head of Security Operations (SecOps), along with other people that had different stakes in the performance and security of the network. Since the network was the main instrument supporting the “Money Engine” of the operation, all attendees were laser focused on answers to any questions.
In recent years, the healthcare sector has been steadily adopting web and cloud-based technologies and shifting towards an internet-enabled system to improve quality of care.
However, along with the limitless benefits that the internet offers — like sharing information, simplifying operational processes, tracking workflows, enhancing connectivity, and storing and organizing data — is an increased risk of cyberattacks, data breaches, and other types of fraud. This makes hospitals and healthcare organizations increasingly vulnerable to advanced threats and targeted attacks.
While working with a large customer with multiple, interconnected, environments; their greatest fear was that infection in one environment might cross over one environment into the others. They had purchased a managed service, which meant I was the primary RedSeal Admin. They approached me with a request and it was obvious they were having a possible “incident”. It was obvious they didn’t want to provide TOO many details, but I’ve spent enough time on both sides of these topics that I was pretty sure what I was up against.
Developed in 1992 by Theodore J. Williams and the Purdue University Consortium, the Purdue diagram — itself a part of the Purdue Enterprise Reference Architecture (PERA) — was one of the first models used to map data flows in computer-integrated manufacturing (CIM).
By defining six layers that contain both information technology (IT) and operational (OT) technology, along with a demilitarized zone (DMZ) separating them, the Purdue diagram made it easier for companies to understand the relationship between IT and OT technologies and establish effective access controls to limit total risk.
As OT technologies have evolved to include network-enabled functions and outward-facing connections, however, it’s time for companies to prioritize a Purdue update that puts security front and center.
Today’s infrastructure is complex and constantly evolving. In the cloud, security controls are implemented by developers and DevOps teams while on-premises controls are implemented by the firewall/network operations teams. These can create significant knowledge gaps, leading to unknown attack points.
Most security spending these days is focused on the cloud and treated as a silo, but you can’t afford to ignore your on-prem resources and how the two entities work together.
While working with a global reach chip manufacturer, a new member was added to those who helped manage RedSeal. As we were reviewing some of the RedSeal findings and giving him a tour of the capabilities of the deployment, it was pretty obvious he was neither impressed nor entertained. With his history of designing, building, and managing the network; he was almost offended that some product could tell him ANYTHING that he didn’t already know about his network.
Cyberattacks and data breaches in the healthcare sector are increasing at an alarming rate, especially during the pandemic when patient communications and records moved online. Between March 2021 and February 2022, over 42,076,805 healthcare records were exposed. Businesses lose an average of $10.10 million per healthcare data breach, while lost or stolen protected health information (PHI) and personally identifiable information (PII) cost the U.S. healthcare industry billions of dollars annually.
The use of big data and advanced analytics is now essential for innovation across the pharmaceutical and healthcare industries. However, working with vast amounts of data — experimental data, clinical trial data, patient data — has become a double-edged sword as organizations face immense challenges in protecting data integrity and ensuring data security in today’s digital environment.
Numbers are a tricky business and more numbers equals more tricky, and sometimes our brains see what they want to see and not what is actually there.