Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Emanuel Ghebreyesus, Strategic Account Executive (UK Government, Nuclear & CNI), Tripwire

November 2020 by Marc Jacob

Seasoned IT security professional Emanuel Ghebreyesus joined Tripwire in 2015 to lead engagements in the Government and CNI verticals. Tripwire protects the world’s leading organisations against the most damaging cyber attacks, working on-site and in the cloud to find, monitor and minimise a wide range of threats without disrupting daily operations or productivity.

(c) Vilmos_Varga

What will you be discussing at ISWeek?

I will be discussing the relationship between enterprise (IT) and the operational (OT) sides of organisations, a topic that Tripwire has been advising on for many years. I’ll explain why the two need to come to the same table with a common goal. Historically, OT and IT teams have always had difficulties in working together as their roles dictated two different ways of addressing their estates: IT is more focused in confidentiality, integrity, availability (CIA), whereas OT is focused on safety, availability, integrity, and confidentiality (SAIC). Only when those two teams work together as one, will C level executives have all of the information they need to make senior-level decisions about what is needed. Tripwire, as part of Belden, caters for the seven layers of the operational OSI model, and the five and a half layers of the internet-based PURDUE model, meaning that we can advise on the total estate and understand both points of view. There’s not a lot of organisations or security vendors that can provide the expertise across both teams.

What can IT and OT professionals do to best protect critical assets?

Firstly, be clear with each other about what the critical assets are, what they are, where they are, and what kind of functions they are providing within the organisation’s estate. Agree what needs to be changed or upgraded, what effects this will have and if this will hinder availability/uptime that will affect the organisations BAU (Business as Usual) functions. As enablers of business functions, being the first and last point of call if anything was to go wrong, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) should be part of Board level discussions and planning. A simple email where they advise/notify the business leaders on what needs to be done, changed, upgraded/updated etc. is no longer sufficient. They need be part of the overall decision making process to continue to provide the business the tools to continue to function and they need to advise what security measures the business needs to have now, and due to the always changing world of technology, the future.

What have been the main challenges for security professionals in the UK public sector this year?

One of the biggest challenges is, as ever, the lack of qualified resources. However, when you look at what’s going on with the economy, Brexit and the COVID-19 pandemic this year, it’s clear that the UK public sector has been asked to reduce its budget drastically. But at the same time, they’re having to deal with something that they never really had to before - remote working on a large scale. So they’ve had to upskill their IT departments, upgrade a lot of their systems to provide much better security, VPNs, remote connectivity, and also deal with multiple people trying to log into the same system at the same time. An organisation can have all the required security it needs to secure the estate, but it is only as secure as its weakest link, normally an unintended mistake by an employee who clicks on a phishing email or plugging in an unauthorised device. Therefore, it is not only important to have security protection, but all employees need to be trained on cybersecurity.

What about challenges for Critical National Infrastructure (CNI)?

There are a lot of legacy systems in CNI estates which are open to cyber attacks. A lot of CNI systems have been around for many years - it will cost a lot of money to replace them, and downtime is not an option in most cases. They must also adhere to compliance requirements, as they are prime targets for bad actors/hackers.

Ofgem also required CNI organisations to comply with The Security of Network & Information Systems Regulations (NIS Regulations) which provides advice on legal measures to boost the level of security (both cyber & physical resilience) of network and information systems for the provision of essential services and digital services. Though these have been postponed due to the pandemic, audits by OFGEM will be taking place. And non-compliance of the NIS/CAF directive will result in penalties that most providers cannot afford. Such penalties are made public and as such, brand name protection is a must.

When it comes to cyber security within the operational technology environment of CNI, there’s an extreme lack of resources, as it is a very specialised field and there aren’t many people who are cybersecurity qualified for this area. A recent survey conducted by Tripwire found that 85% of infosec personnel felt it has become more difficult for their organisations to hire skilled security professionals.

How much of a global leader is the UK in the security arena?

One of the UK’s biggest exports is information technology and we offer a lot of value for the cybersecurity industry worldwide. The UK government is focused on supporting the sector – you only have to look at the NCSC website and the number of cyber security advice documents available for all organisations. On a rolling 10 year basis, the UK remains the second largest global defence exporter after the USA.

Emanuel will be speaking on Day Two of International Security Week (ISWeek), sponsored by Tripwire, in a session on IT - OT Convergence. The virtual event will take place 30 November – 3 December 2020.

Register for ISW 2020 for free now: https://www.internationalsecurityex...

For more information on International Security Week, visit https://www.internationalsecurityex... or join the conversation online:
• Follow International Security Expo on Twitter: https://twitter.com/ISE_Expo
• Follow International Security Expo on LinkedIn: https://www.linkedin.com/company/in...




See previous articles