Cybersecurity has an asymmetry of economics - defenders must defend everything but attackers need find just one-way in … and it need not be one seen before. Attackers are updating methods more, attacking more and impacting more devices and people.
The harms associated with attacks are escalating from legacy data breaches, to DDoS and ransomware, to potentially physical damages, injuries, deaths or debilitation of critical infrastructure.
Likely you already have legacy solutions from FireEye, Symantec, McAfee and others, so already have in place the layers of defense that these established vendors offer.
Detailed below are a selection of 5 emerging tech partners that add to your security posture, complement existing infrastructure.
That these companies leverage automation is hugely important since even the most deep-pocketed DoD command, government agency, West Coast tech company or Wall Street Bank cannot simply keep adding cybersecurity staff or contractors to meet mushrooming cybersecurity needs.
CyVision Cauldron - Automated cybersecurity assessment visualization
New visualization and modeling technology automates a key aspect of enhanced cybersecurity assessments, allowing highest priority threats to be quickly identified and remediated first.
InLitics - Automated cognitive analytics
InLitics applies a cognitive analytics approach to the neglected people side of critical infrastructure protection. It automatically leverages and interlaces multi-discipline human dimensions for threat and vulnerability detection against such data as still photos, video feeds (images and/or voice), emails, text, or other data extractions.
Packet Viper - Automated network traffic control
New IP filtering technology sits outside of existing firewalls as an undetectable in-line bridge that can automatically reduce network traffic, logging and alerts up to 70%, protect from flooding and DDoS, mitigate risks from bots and proxies, with faster threat detection.
RunSafe Security - Automated cyber hardening
RunSafe is a pioneer in automated cyber hardening with the ability to make embedded system and devices functionally identical but logically unique. Its patented binary stirring technology automatically renders threats inert by eliminating attack vectors, significantly reducing vulnerabilities and denying malware the uniformity required to propagate.
Sepio - Automated detection of rogue and ghost hardware devices
Sepio works with the neglected physical side of cybersecurity. Its unique behavior-detection software suite automatically identifies all connected hardware devices in a network — including nefarious ones that compromise IT infrastructure.
About the author
Simon is an industry recognized expert in cybersecurity, mobility and IoT, part of a growing family of Washington DC-based cybersecurity startups including RunSafe Security and 202 Partners. He is a member of SAE’s Cybersecurity IoT Committee and a contributing author of their new book “Cybersecurity for Commercial Vehicles". RunSafe’s IP was developed as part of DARPA’s High-Assurance Cyber Military Systems (HACMS) program of cybersecurity for military vehicles, drones and medical devices. Simon also worked with Apple and Samsung in hardening their mobile devices for DoD and government use.
Previously, he was VP of Sales at Kaprica Security (acquired by Samsung), Mobile Program Director, DMI, market leader in enterprise managed mobility and Director of Sales at Thursby Software, market leader in strong iPhone security. Prior executive sales and management roles in the US and EMEA include Red Hat, HP, Capgemini, a $9B hedge fund, a $50MM dot com and a background in nuclear software engineering. He holds a BS in Physics from U-Manchester, England, a MS in Law & Cybersecurity from U-Maryland Carey Law, CISSP, CEH and CIPP/US cybersecurity and privacy certifications.
The bad news is that the last week has seen an unprecedented number of ransomware attacks around the world which have hit some large organizations very hard.
The good news is that these particular attacks are entirely preventable with some easy short term steps, which are cornerstones of a larger cybersecurity strategy that can prevent others.
The short term steps are
1) Install the latest updates for (in this case) Windows
2) Run backups and check that they are good
3) Keep doing the above steps and look at a wider cybersecurity framework.
The longer term steps are
1) CIS Controls
For a simple checklist approach, follow the "top 20" list of CIS Controls.
It is mandatory in the State of California
2) NIST CsF
For a more nuanced and risk-based approach, follow NIST's Cybersecurity Framework and the various standards that it embodies for your particular vertical.
It is mandatory for Federal Agencies, the preferred standard for US Critical Infrastructure.
The best news
The best news is that legacy desktop and server computers were the targets and not Internet of Things (IoT) systems where ransomware or malware targets infrastructure from traffic lights, to trucking fleets, to dams and the electric grid, with the potential to cause property damage, bodily injury, death and debilitation of national security.
Delivering todays's business outcomes requires hardware, software, services, processes and people.
In the past, many of these had to be procured and assembled separately, requiring armies of contractors
Today, the cloud and Software-As-A-Service (SaaS) bring together the hardware and software although their rough edges can still require armies of skilled staff to integrate, deploy and maintain them.
The best tools mitigate attacks directly, minimize their impact and facilitate analysis and response without also adding heavy expenses, long time lines and new staffing resources, or worse requiring re-engineering or rip and replace approaches.
Some emerging technology tools include:
- RunSafe Security - automatically makes embedded systems and device functionally identical but logically unique, taking away economies of scale from cyber attackers
- Packet Viper - sits on the network edge automatically reducing up to 70% of illegitimate network traffic, reducing loads on existing firewalls and network engineers alike
- CyVision Cauldron - visually models environments automatically as part of cybersecurity assessments, allowing highest priority threats to be quickly identified and remediated first
Simon is part of a growing family of DC-based cybersecurity, mobility and IoT startups including RunSafe Security and 202 Partners, and a member of SAE’s IoT Cybersecurity Committee. RunSafe’s technology was developed within the DARPA High-Assurance Cyber Military Systems (HACMS) contract, focusing on cybersecurity for military vehicles, drones and medical devices, and in testing with law enforcement, government agencies and commercial fleets.
Previously, VP of Sales at Kaprica Security (acquired by Samsung), Mobile Program Director, DMI, market leader in enterprise managed mobility and head of sales at Thursby Software, market leader in strong iPhone security. Prior executive sales and management roles include Red Hat, HP, Capgemini, a $9B hedge fund, a $50MM dot com and a background in nuclear software engineering. Holds BSc (Hons.) Physics from Manchester University, MS Law and Cybersecurity from University of Maryland Carey Law, CISSP, CEH and CMDSP certifications.
Click for video
Had the privilege of presenting at the Society of Automotive Engineer's 2017 World Congress.
Was a pleasure to hear and meet so many of the folks involved in cybersecurity for cars, trucks and commercial vehicles from SAE itself, to Auto-ISAC, to manufacturers, suppliers, cybersecurity specialists, academia and Homeland Security.
Had the opportunity to go-over all the progress that has been made and also to highlight 3 areas deserving of more attention:
- Systematically running pen tests with independent testers
- Updating for the forgotten ¼ billion vehicles already on US roads
Fleets are the most vulnerable.
- Reducing attack surface across the entire supply chain, mitigating weak links
Transportation critical infrastructure shares many of same vulnerabilities as energy, emergency response and other sectors when viewed end-to-end.