Close

Search for a Glomacs Course by Keywords

Categories
Articles

Recent SolarWinds Breach: A Warning of the Perils to Critical Infrastructures (PART 3)

Many pressing questions arise from the SolarWinds breach for example, why did the attack go undetected for such a long time? are there ways to have a strong defense against such attacks? how do you manage events such as this and develop an incident response plan and strategy, and how can organizations prevent the occurrence of cybersecurity events in the future?

While cybersecurity as a technology, industry, or concept does not have good answers to the above questions, a few general comments are in order. The fact that the SolarWinds attack went undetected for such a long time indicates that whatever event identification and attack detection methods we are using are not working well. There are many cybersecurity frameworks such as that of NIST which include components for identifying the context, protecting assets, detecting anomalies, responding to and recovering from incidents. The SolarWinds breach has demonstrated that whatever cybersecurity frameworks was used, it needs to be reinforced and improved. It is likely that we need new models and frameworks that would enable a more resilient and stronger defense system particularly in the area of intrusion detection. A strong defense needs a holistic approach starting at the highest level of an organization where management and planning plays a key role. In addition to management all members of an organization are responsible in one way or another and with different levels of engagement on the cybersecurity of the organization. From this perspective, when a breach occurs, we are all to blame for the hack.

Unfortunately, neither the technology of cybersecurity has good answers to the above questions because of a number of reasons whose discussion goes beyond the scope of this paper. Nevertheless, we will discuss just one underlying technology that cybersecurity is built upon which is intrinsically unsecure, the Internet. It was designed over 50 years ago, at a time when its creators did not imagine that hackers would cause widespread damage on purpose. The main Internet protocols are IP (Internet Protocols), UDP (User datagram protocol), and TCP (Transport control protocol) which were created with no security in mind. Whatever security the Internet has today, it was developed after the fact, as an addition to the original protocols which need constant patching and updates. This is one reason that it is easy to hack Internet protocols because they are intrinsically unsecure. In fact, the Internet engineering community at one point was planning of scrapping the entire suite of Internet protocols and creating a suite of new protocols from scratch but with strong security built in. Unfortunately, this has not materialized.

One way to improve the cybersecurity culture in an organization is to establish processes that will facilitate and empower the organization to perform all that is required by a good cybersecurity culture. The organization shall ensure the persons within the organization that are involved in assuring cybersecurity of vehicles possess the cybersecurity competences and awareness to fulfil their responsibilities.” One way of meeting this requirement is to attend training programs, courses, or seminars.

GLOMACS is Offering a New Training Course on “Cybersecurity Monitoring, Event Management, and Incident Response in Intelligent Transportation Systems

The participants of this GLOMACS training course, will:

  • Enhance their analytical and problem-solving skills through participation in breakout exercises
  • Learn how to analyze the cybersecurity of the Intelligent Transport Systems (ITS) infrastructure
  • Be able to apply cybersecurity techniques to implement resilience and strong defenses
  • Learn how to perform cybersecurity risk assessments for their organization
  • Improve the cybersecurity of their organizations
  • Develop cybersecurity plans including those for monitoring, event management, and incident response

Although the above training course focuses on Intelligent Transportation Systems, many of the concepts and methodologies are generic which can be applied to other IT and OT areas. As a result, participating organization will become adaptive and improve their cybersecurity while at the same time serve stakeholders and the public at the highest level.

STAY TUNED FOR PART 4

GLOMACS Training & Consultancy
Typically replies within an hour

Olivia
Hi there 👋
My name is Olivia. Please tell me how I can assist you..
1:40
×