In this interview with Help Net Security, Yossi Appleboum, CEO of Sepiotalk about assets risk management challenges for different industries and where it’s heading.
Cyberattacks show no signs of slowing down. What should organizations do to strengthen their asset risk management?
They need to understand what is in their environment. You can’t do anything to manage risk if you don’t know what assets you have and their associated risk position. Increasing spending on cybersecurity tools is a waste if those tools can’t see all the assets in your infrastructure. And, unfortunately, that’s where a lot of businesses fail. So, the first thing companies need to do is get back to basics and focus on what forms the foundation of strong asset risk management, which is risk visibility and understanding.
What are the most common threats plaguing the financial industry and how can asset visibility mitigate risk?
The first threat that comes to mind is ransomware. The financial sector, by nature, has access to large sums of money, and disruptions in financial services can have a significant impact on society and the economy. These two factors make financial institutions the ideal target for a ransomware attack because the tolerance for downtime is low and the funds to pay the ransom are there. Ransomware can be introduced into the environment through IT assets, and asset visibility mitigates risk by accounting for anomalies that could indicate a potential threat.
Social engineering is another threat facing the financial sector. The thousands of employees who work for large financial corporations each act as a gateway into the organization through simple methods of manipulation. A bad actor can convince a staff member to bring in an unwanted asset through bribes or blackmail or have them do it unknowingly by enticing them with free handouts. Who can refuse a free iPhone charger? Asset visibility mitigates risk by accounting for these new connections, which security teams can then investigate.
What about health facilities? How vulnerable are they and what should they do to ensure continuity of service and avoid data leaks?
Health care is vulnerable in large part to the number of connected medical devices in their environment that are inherently risky. Additionally, the healthcare industry prioritizes the delivery of uninterrupted patient care over cybersecurity, which means it tends to forgo many cybersecurity measures due to the disruption they cause. . However, in the long term, it can cause more harm to the patient, if the lack of cybersecurity measures results in a data breach or operational disruptions.
Healthcare should consider implementing stronger zero-trust protocols to disable unnecessary connectivity between devices. Currently, the industry has been found to have critical medical devices running on the same network segments as the vulnerable computing devices, which increases the overall risk. Removing these connections, where possible, can reduce the risk of unwanted disruptions or possible data breaches.
What makes critical infrastructure vulnerable and how can it improve its security?
Critical infrastructure leverages both IT and OT. What makes it vulnerable is that these two environments, once idiosyncratic, are now converging thanks to the development of industrial internet of things (IIoT), resulting in cyber-physical systems. Naturally, this has greatly expanded the attack surface, exposing critical OT to the same security threats that IT faces. To make matters worse, older OT systems were built without considering cybersecurity.
The concept of zero trust is a valuable tool for strengthening the security posture of critical infrastructure as it allows for improved network access control through micro-segmentation and the principle of least privilege protocols. In addition, in the event of an attack, the radius of the explosion is contained thanks to these protocols, thus considerably reducing the impact of the attack. However, asset risk management is paramount to an effective Zero Trust architecture. Understanding asset risk provides the necessary context to ensure proper application of zero trust protocols.
How do you see asset management evolving in the future? Do you see the risk factor of assets reaching new highs, and why is this so?
In the world of cybersecurity, asset management is, at its core, the understanding of IT assets in an entity’s environment. This means being able to identify all assets in order to support the cybersecurity strategy. But what is a cybersecurity strategy without considering the risks; specifically, asset risk. So, yes, the asset risk factor will reach new heights as it is an integral part of asset management and therefore cybersecurity.
Asset management will evolve to place a greater emphasis on asset risk, because asset identification only gets you so far. For asset management to truly support cybersecurity strategy, the risk factor cannot be ignored; it provides the context needed to execute a robust cybersecurity strategy. Businesses will find that in order to secure their environment, the risk factor of assets is non-negotiable.
Comments are closed.