SmartStateIndia
Interview

“The Critical Infrastructure has become a high-value target for Cyberattacks by Cybercriminals”

Tenable Dick Bussiere

Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. In an interaction with Mr. Dick Bussiere, Technical Director for APAC, Tenable, about the cyber security and company’s innovative solution in this space.

Why is India’s critical infrastructure attractive to cybercriminals?
Critical infrastructure fuels India’s economy by providing services essential to daily life such as energy, food, water, transport, communications, health and financial services. An attack on critical infrastructure would be exceptionally disruptive on the nation’s economy and the daily lives of her people. As a result, critical infrastructure has become a high-value target for cyberattacks by cybercriminals.

Critical infrastructure is more vulnerable than you think. The convergence of IT and operational technology (OT) has connected once-isolated OT systems directly and indirectly to the Internet, providing a rich variety of attack pathways. This makes an organisation more susceptible to threats than at any time in history.

In today’s digitally-connected world, do air-gapped networks still even exist?
An uptick in ransomware attacks?

Air-gaps are no longer an operationally feasible solution in today’s digital world where OT infrastructure has been brought online for efficiency and efficacy. These interconnections are there for a reason. The OT infrastructures contain real-time information that have real business value and can be used to optimise the respective controlled processes. In today’s competitive landscape, extracting this data is essential so that security teams are aware of all assets and the respective tasks they perform. To drive the point home even further, introducing just a single laptop that was connected at some point to the Internet effectively breaches the air-gap, since any malicious code that is present on that machine could be introduced into the OT environment.

Why air-gaps are impractical for organisations in India?
Despite air-gapping and various other isolation schemes such as data diodes, attacks on OT networks are increasing in frequency and severity. As a result, organisations from a range of industrial and critical infrastructure sectors are seeking more effective approaches for achieving unified IT/OT cybersecurity.

At best, the air-gap model provides a false sense of security that no longer reflects reality in today’s business environment. This is because organisations require information transfer between the internal [air-gapped] and external networks [everything else] to be efficient.

How do you react to the trend of Work From Home (WFH)? What’s your advice for this segment?
Much of the current security activity is focused on keeping the bad guys out so it’s easy to lose sight of internal threats that might pose a danger to the organisation. Insider threats are users with legitimate access to an organisation’s network and resources, who use their privilege to accidentally or intentionally harm the organisation. These users can be employees, partners or contractors, past and present. Insider threats are often a great, unresolved risk in most organisations compared to external threats because they come from what would normally be considered a “trusted entity.”

Organisations trying to detect insider threats face the challenge of not only differentiating attacks from “normal” traffic but also ensuring they are not inundated with false positives from users performing legitimate tasks:

What is the concept of Accidental Convergence? Why is it important for organisations to understand this?
Air-gapping has historically been perceived to be the gold standard of security given that OT systems are physically isolated from other risky networks. In reality, air-gapped networks still have a large number of attack vectors.

There are many instances of isolated facilities being breached by something as simple and seemingly harmless as an infected laptop computer brought in by an authorised vendor to perform maintenance or a USB drive containing malware being connected to a Windows-based Engineering Workstation controlling the OT systems. On average, an OT environment is composed of at least 20% “traditional” IT devices.

Organisations need to understand that Accidental Convergence of IT and OT environments can occur at any time. What is most worrying is that it happens in many organisations without their knowledge because of the mistaken belief that air-gaps safeguard daily operations.

The Emergence of Industry 4.0
Industry 4.0 is a trend towards increased cooperation between a given company and its suppliers, customers, engineering teams and so-on. It requires increased penetration into the OT environment such that external entities can obtain real-time information about the production process, and input real-time information into that process. It allows for the rapid adaptation of production processes to real-time demands, facilitating improved efficiency and better customer response.

When a company implements an Industry 4.0 initiative, the population of IT or IoT devices within the OT world can increase to as much as 40%. In that sense, the introduction of these devices with their necessary external connections introduces additional risks to the production environment since these devices are being embedded deep within the facility.

What innovative solutions we are expecting from Tenable in future?

We recently announced a first-of-its kind integration with Tenable.ot 3.7 and Nessus Professional to help organisations secure both IT and OT devices in converged environments. This means for the first time, our customers can use a single solution — Tenable.ot — for unmatched visibility and control to secure IT assets alongside OT systems and reduce their cyber risk in converged, modern environments.

Related posts

“ BLACKbox is a single hardware single endpoint solution for multiple functions of Data Loss, Leakage, and Theft Prevention”

SSI Bureau

We extensively use AI and especially with Infraon IoTMS as well as other products

SSI Bureau

Driving Business Growth with Generative AI and Observability: Insights from Peter Marelas, Chief Architect at New Relic

SSI Bureau

38 comments

Rlzjiy March 9, 2024 at 7:31 pm

buy cheap atorvastatin atorvastatin 20mg pill order atorvastatin 80mg pills

Reply
Psisyo March 20, 2024 at 4:34 am

ivermectin 12mg without prescription – sumycin for sale order generic tetracycline 500mg

Reply
Fpwtqb March 20, 2024 at 12:20 pm

buy generic valacyclovir over the counter – buy mebendazole 100mg sale zovirax usa

Reply
Tqzqfg March 24, 2024 at 4:22 am

buy lasix 100mg pills – warfarin 5mg generic captopril online order

Reply
Jkvktb March 26, 2024 at 12:40 am

buy metformin 1000mg sale – order ciprofloxacin without prescription lincomycin online buy

Reply
Aqbqjy March 28, 2024 at 9:34 am

clozapine 50mg sale – coversyl medication buy pepcid generic

Reply
Orgdin April 10, 2024 at 1:09 pm

cleocin medication – buy cefixime medication chloromycetin for sale online

Reply
Hjtowg April 12, 2024 at 9:00 pm

buy ivermectin 12mg – order levaquin pill cefaclor usa

Reply
Xqpknu April 14, 2024 at 4:09 am

ventolin 2mg cheap – order fluticasone online cheap buy generic theophylline 400 mg

Reply
Lnhrqk April 15, 2024 at 9:12 pm

medrol otc – order astelin 10ml buy astelin sprayers

Reply
Trbwwc April 16, 2024 at 2:31 pm

desloratadine online – buy generic flixotide buy albuterol without prescription

Reply
Nrzpku April 18, 2024 at 11:32 am

micronase canada – glyburide 2.5mg cost generic forxiga

Reply
Ogxmli April 19, 2024 at 11:38 pm

buy glucophage paypal – acarbose without prescription order acarbose generic

Reply
Fyuksq April 20, 2024 at 2:45 pm

repaglinide for sale online – buy empagliflozin 10mg pills buy empagliflozin 25mg for sale

Reply
Wcqbyh April 23, 2024 at 1:24 am

order rybelsus for sale – cheap semaglutide 14 mg DDAVP online order

Reply
Vmodko April 25, 2024 at 9:44 am

how to buy nizoral – buy itraconazole without a prescription buy itraconazole 100mg online

Reply
Oaybmq April 27, 2024 at 12:27 pm

lanoxin 250mg for sale – buy dipyridamole pills for sale buy lasix 40mg pills

Reply
Gbjwto April 29, 2024 at 5:47 am

buy lopressor no prescription – order benicar 10mg for sale adalat 10mg us

Reply
Llaplg May 1, 2024 at 1:22 pm

purchase nitroglycerin without prescription – buy clonidine without prescription buy diovan 80mg generic

Reply
Tbgpkv May 4, 2024 at 5:28 am

rosuvastatin pills kitty – ezetimibe online side caduet glitter

Reply
Ceotcr May 20, 2024 at 5:44 pm

asthma medication familiar – inhalers for asthma hail inhalers for asthma employ

Reply
Fzvhju May 20, 2024 at 8:08 pm

acne treatment perceive – acne treatment chicken acne treatment farther

Reply
Wqivjc May 22, 2024 at 2:42 pm

pills for treat prostatitis still – pills for treat prostatitis dust prostatitis pills weakness

Reply
Sgxuij May 22, 2024 at 4:19 pm

treatment for uti lover – uti medication game uti antibiotics subtle

Reply
Kzjbmu May 24, 2024 at 12:54 pm

claritin sense – claritin pills delight claritin pills language

Reply
Osjswg May 24, 2024 at 2:47 pm

valacyclovir online lord – valacyclovir online lucky valacyclovir pills hair

Reply
Icxqzh May 28, 2024 at 5:38 pm

loratadine medication comment – claritin pills tent claritin unlike

Reply
Fxcugn May 31, 2024 at 2:45 am

ascorbic acid cut – ascorbic acid milk ascorbic acid frog

Reply
Ohrsxl May 31, 2024 at 5:16 pm

promethazine net – promethazine code promethazine channel

Reply
Ubxlja June 2, 2024 at 2:58 am

biaxin host – albenza pills deceive cytotec pills suppress

Reply
Ianful June 7, 2024 at 1:55 pm

bisacodyl over the counter – order oxybutynin 2.5mg generic order liv52 10mg online cheap

Reply
Lpwfvi June 9, 2024 at 9:35 pm

buy zovirax generic – buy dydrogesterone medication dydrogesterone 10 mg for sale

Reply
Meorjj June 10, 2024 at 4:02 am

order cotrimoxazole without prescription – order keppra tobramycin 5mg us

Reply
Nvvkil June 11, 2024 at 10:21 pm

griseofulvin 250mg us – how to get griseofulvin without a prescription buy lopid 300mg for sale

Reply
Ofgkhe June 13, 2024 at 10:02 pm

dimenhydrinate price – buy risedronate 35 mg generic order actonel 35mg generic

Reply
Nxuxco June 14, 2024 at 4:16 pm

vasotec tablet – order doxazosin 1mg generic how to buy latanoprost

Reply
Ndutjc June 15, 2024 at 8:59 pm

cost etodolac 600mg – buy etodolac 600 mg buy cilostazol

Reply
Gplqft June 17, 2024 at 3:39 am

piroxicam 20mg canada – order feldene rivastigmine for sale online

Reply

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More