Tufin urges greater focus on network context for those tasked with the security and defence of critical infrastructure
August 2022 by John Moran, Technical Director, Business Development at Tufin
The comment from John Moran, Technical Director, Business Development at Tufin, a specialize in security policy.
In May 2022, there was a reported 70% spike in cyber attacks on UK critical infrastructure and summer 2022 has been marked by a series of attacks on UK critical infrastructure including a recent attack on South Staffordshire Water Company.
Meanwhile, on August 17, the US Department of Energy (DOE) announced a $45 million injection into technology designed to protect the national electric grid from cyber-attacks.
“Critical infrastructure is especially vulnerable - not only is it a prime target for cyber criminals and nation state actors, but it also often operates on legacy operational technologies (OT) which have vulnerabilities that cannot be fixed easily or directly.
With the stakes so high, it’s about gathering context fast to quickly triage, investigate and contain any incident or vulnerability.
However, the complexity of today’s networks, which are increasingly dynamic and hybrid, and the increasing convergence of IT, OT, and 5G networks, add to the challenges of protecting against cyber attacks. Both accurately prioritizing vulnerabilities and effectively responding to a potential security incident require comprehensive internal network intelligence – something teams tasked with these activities often lack. Without this critical network context, it is difficult to accurately prioritize vulnerabilities or security events, increasing the likelihood of a major security incident.
Unfortunately, many organizations still rely on static documents and manual processes to store and retrieve this critical information. These legacy practices result in information that quickly becomes outdated and processes which cannot scale to deliver the agility required by today’s organizations. This leads to vulnerabilities remaining exposed to attackers and security incidents persisting undetected in some of the world’s most essential networks.”