Moving Forward: Digitalization Boosts Remote Access
By Gregory Hale
The human spirit. Not one to rely on the tried and true, but, rather, always ready to acquire, react and respond to whatever daunting issue it is facing. Human spirit will rise to any occasion and come forward with ideas and innovations to counteract – and conquer – any kind of adversity.

That spirit has been tested across the globe for well over six months and we have all seen some good and some bad, but through it all, that spirit has persevered. Not only have companies survived in the work-at-home world, they have continued to move forward. Digitalization has been a major component of that movement, and with it, cybersecurity has been the backbone to support manufacturer’s initiatives.

“The idea of cyber has become substantially more critical,” said Jay Abdallah, vice president cybersecurity services at Schneider Electric. “Now, the entirety of what we’ve depended on in the past 10 years of isolation and segmentation is really no longer easy to do. The pandemic has accelerated substantially stronger adoption of security policies and the building of security management systems. It’s not just about the technology, but it’s actually about having a fully incorporated cybersecurity management system into the corporate culture.”

Threats Continue to Rise
That system must end up engrained into the corporate mindset as threats continue to rise and vulnerability exposure is much more evident in these days of remote access through work at home.

By enabling remote workers access to critical operations, a manufacturer significantly expands its attack surface. Along those lines, 62% of employees are now more vulnerable to cyberattacks, thanks to the use of personal devices for remote work during the COVID-19 pandemic, according to research from NordVPN.

Another survey found COVID-19-related phishing emails are on the rise, with many embedding different malware strains as attachments. AgentTesla (45%), NetWire (30%), and LokiBot (8%) were the most actively exploited malware families, said researchers at Singapore-based Group-IB’s Computer Emergency Response Team’s (CERT-GIB). With some minor differences, the goal of all these malware samples is to harvest user credentials from browsers, mail clients and file transfer protocol (FTP) clients, as well as capture screenshots, and secretly track user behavior and send it to cybercriminals’ command and control centers.

“What we have seen based upon the research, and in some cases even some direct examples, we’ve seen an increase of over 300% of phishing and malicious activities at external company perimeters,” Abdallah said. “What we’ve noticed when we cross reference that with organizations that have very strong cybersecurity plans, which includes a very specific policy set of how to react to this type of malicious behavior, versus those organizations that have only had, for example, external firewall or perimeter protection, internal controls that are protecting the host in the network without necessarily having a specific plan, the impact has been substantially different.”

Schneider Bold

“If we’re looking to operate in this new normal, we definitely have to be ready to make changes to our strategy and pivot where it’s necessary to pivot.”

–Jay Abdallah

That means moving forward the importance of cyber programs will grow as the reliance on technology will become even stronger in the security triumvirate with people and process.

“If we’re looking to operate in this new normal, we definitely have to be ready to make changes to our strategy and pivot where it’s necessary to pivot. Technology is what is allowing the industry to continue to be able to operate from secure or remote locations,” Abdallah said. “Without a doubt, dependency on technology has substantially increased. We can’t forget about that all-encompassing and all-important third portion of the cybersecurity triad, and that is making sure that, to enable the technology to work at its peak, we’ve got to have policies and procedures in place that are showing us how to use the technology and what kind of acceptable practices are required. Then, of course, the people themselves must also at least be trained to the level to understand where these threats could come from, what the potential impact could be, and give them the basic level of training they require to operate the systems themselves. In some cases, we’ve seen that certain trains or production lines have had to be shut down, not only because of malicious impact, but just because of the increased risk and the possibility of that production line being taken down by a cyber attack has subsequently forced some of these organizations to make a change with respect to building upon, or at least expediting the build of a cyber security plan.”

Those manufacturers that had a cybersecurity plan in place understood the future and knew they were ready to adapt to whatever change came their way because they had a solid base.

Cybersecurity and Digital Transformation
“Digital transformation is a big part of the cybersecurity story,” Abdallah said. “As a matter of fact, we like to call cybersecurity one of the foundation partners of digital transformation. When we see plans that are already in place and that have a relatively moderate to high level of maturity, without any shadow of a doubt, it’s much easier to accept newer technologies than it would be if we didn’t have anything in place to begin with. One of those technologies, of course, comes down to secure remote access or encryption capabilities. Without a doubt, having a plan in place beforehand will help reveal the bigger picture.”

As a part of the picture, secure access technologies, be they hardware-based, software-based, cloud-based, are going to start becoming much more readily available and licensing models are going to start becoming easier to afford.

“Eventually, if you have an employee badge and you work for company XYZ, most likely you’re going to have that access to securely connect from anywhere in the world, which is going to even bring us closer together from a global perspective, because we literally will be able to do our work from anywhere,” Abdallah said.

When you see the word “eventually,” it is easy to say that is something that will happen in the future. But that is hardly the case. It is happening now.

“When we take into consideration the fact that we were able to run our businesses, our businesses did not collapse, everybody worked from home, we figured out how to do it,” Abdallah said. “It’s that human spirit of adapting to change, adapting to difficult situation, and putting our best foot forward. That ultimately will spell out what kind of trajectory we can see in the future.”

Gregory Hale is the Editor/Founder of Industrial Safety and Security Source.

Remote Access Best Practices
The following are some best practices Jay Abdallah, vice president cybersecurity services at Schneider Electric, suggested to ensure a secure environment in these days of remote access:

  • Ensure high degrees of encryption are a default consideration.
  • End-to-end hardware that is pre-configured at a site that has the capability of ensuring a connection is established is very difficult to break into.
  • Software-based solutions as long as encryption is high enough to meet security needs and reduce risk profile.
  • Establishing and maintaining an encrypted connection that has an audit trail, either through recording the sessions, or logging.
  • Having the ability to trace that information and input it into a security information management system (SIEM) collector, or a log analyzer that is able to collate data is going to help.
  • Central controls. Making sure security controls are installed, they’re configured correctly, and they are updated on a regular and consistent basis.

 

ISSSource

Pin It on Pinterest

Share This