CYBER SECURITY

Cybersecurity Measures Are No Longer Just A Recommendation – Security By Design

What is certain is that the advancing development of new technologies goes hand in hand with a growing need for solutions and new cybersecurity approaches to reduce the exponentially expanding attack surface in “smart buildings” and “smart cities” or industrial plants.

Cyber-attacks have increased in recent weeks and months. Supermarkets, public authorities, universities, and even waste disposal services became victims of such attacks.

In addition to the media reporting on it, numerous studies indicate an increase in cyberattacks. Most recently, the BKA published a situation report about cybercrime in 2020. It can be seen from this that there was an increase of 8 percent in the last year alone. It is also known that large companies are falling victim and increasingly small and medium-sized organizations. No industry seems unattractive to cybercriminals. In addition, the advancing digitization allows hackers to become more creative, and they also constantly exploit new or unlocked security gaps.

“However, it is not just digitization that can be identified as the source of all evil, but also the carelessness of companies in upgrading and adequately training employees, making it easier for hackers to access company networks. Cybersecurity measures still seem to be seen more as a kind of recommendation,” claims Uwe Gries, Country Manager DACH of Stormshield. This cybersecurity manufacturer is part of the Airbus Group.

Smart Everything

With a view to the future, which should be designed as more “digital” and “smarter,” one wonders how the two should be compatible with one another according to the principle of Security by Design. Because, in addition to digitization, “smart everything” technologies are increasingly finding their way into critical infrastructures and, if there is insufficient security, create additional gateways for attackers. This is because many areas, such as the energy, finance, health, and administrative sectors, continue to show deficits in digitization and implementing security measures.

Suppose you now consider developing approaches to convert cities into smart cities with smart grids, infrastructures 4.0, and e-administrations. In that case, one has to deal more with the topic of cybersecurity. The reason is simple: fellow human beings are also considered to be “smart” because they can weigh up risks, avoid or limit them proactively, and react promptly in the event of an emergency. The “quantization” of all infrastructures should be based on the same principle and be accompanied from the outset by adequate security measures.

Critis

Some of the recent attacks have clearly shown that critical infrastructures (KRITIS) in particular need to be protected more strongly, as these are fundamental to the functioning of a society. The KRITIS includes the energy, administration, and health sectors and the food and pharmaceutical industries. It is precisely these that need to be secured so that their attack surface is reduced to an acceptable minimum.

What is not justifiable in this context is clearly shown by the hacker attack on the US company Colonial Pipeline. The country concerned has severe consequences of complaining about, but such an incident often causes changes on a global level: In this case, oil prices rose worldwide. In addition, it becomes clear that the damage caused by such an attack can often not be repaired within a few minutes/hours, which increases the cost of repairing it exponentially. Security measures, such as solutions that also protect networks and workstations that have been decoupled from the Internet in real-time against suspicious behavior (such as sudden encryption or the transmission of commands contrary to protocol) would have been just as necessary here as behavior-based firewalling. And this for a fraction of the damage caused by the attack.

Public Hand

Another area that belongs to the “Smart City” concept and at least partially to KRITIS is the public sector, another popular cyber criminals target. In the last few months, in particular, authorities, public institutions, and hospitals have repeatedly fallen victim to cyber-attacks. The damage that occurred varied, but also the period until everything worked “normally” again. The hackers responsible not only got sensitive data through their attacks but also paralyzed the entire system so that the daily work of many authorities was impaired. ”Public sector organizations, particularly the reliability of which determines the level of trust of citizens, especially about the handling of personal data and the efficient provision of services, must not be satisfied with anything less than 100% preservation of sovereignty over their data and infrastructures.

This includes strict zero trust models to determine the access to data and resources and segmentation strategies that are intended to prevent attacks from spreading horizontally,” continues Gries. Here, too, the costs of security-by-design concepts and corresponding solutions would be significantly lower than the costs of repairing the damage.

As a European company specializing in cybersecurity for critical infrastructures and industrial environments, we cannot affirm often enough that cybersecurity measures can no longer be regarded as just a recommendation. The successful further development of all mentioned segments should be based exclusively on a solid line of defense, «adds Gries in conclusion.

Tech Buzz Reviews

Techbuzzreviews are a team full of web designers, freelancers, marketing experts, bloggers. We are on a mission to provide the best technology-related news with passion and tenacity. We mainly focus on the areas like the latest technology news, upcoming gadgets, business strategies and many more upcoming trends which are trending all over the world.

Recent Posts

  • BUSINESS

Simple Steps to Reduce Office Energy Bills

As someone who’s spent years working in an office setting, I’ve seen firsthand how energy… Read More

1 month ago
  • BUSINESS

Legal Compliance In Background Checks

Background checks are a staple in the hiring process. They can make or break a… Read More

1 month ago
  • BUSINESS

6 Ways Your Company Should Be Using AI

There's so much talk about AI at the moment, with a lot of opinions on… Read More

3 months ago
  • DIGITAL MARKETING

Improving User Experience to Increase Website Traffic

Improving user experience (UX) is not just about making things look pretty; it's about creating… Read More

3 months ago
  • GADGETS

Why Is The iPhone 12 Still A Good Choice?

In the incessant whirlwind of technological advances, where new smartphone launches follow one another at… Read More

3 months ago
  • BUSINESS

Securing The Hybrid Data Center

What should organizations consider while searching for answers to secure their cross-breed server farm? Against… Read More

5 months ago