Web Links Directory - Free human edited web sites directory  - Article Details
CATEGORIES
STATISTICS
  • Active Links: 293846
  • Pending Links: 1214025
  • Todays Links: 0
  • Total Articles: 2460
  • Total Categories:
  • Sub Categories:

enterprise security for IT and ICS or SCADA networks

Date Added: December 01, 2011 06:41:35 AM
Author: Astal Mark
Category:
Stuxnet – stress testing for enterprise security CONNECTING THE DOTS The most secure networks today are multi-layered and don’t rely on a single security technology or vendor. They’re often integrated, with a SIEM system aggregating outputs from applications, operating systems and network solutions to ensure easy data correlation and interpretation. This enables security staff to bridge their different technology systems, to see all the activity across the organisation, and gain centralised monitoring perspective. Modern targeted attacks have shown they can bypass even the best traditional enterprise security systems such as firewalls, Intrusion Detection Systems and other point solutions. Hackers even use multi-vector attacks in different parts of enterprise systems to obscure the identity of the real threat. As a result, better tools are needed, not more of the same. As Ernst & Young has warned: ‘Simply shoring up existing and conventional defenses is not enough’. This is so in any environment, including critical infrastructure and industrial plants. In enterprise security as in life, non-compliant or suspicious activity is often the first indictor of planned malicious activity. For this reason, behaviour-based technologies can strengthen the protection offered by rules-only SIEM systems, by detecting and alerting on the abnormal patterns of activity which may be an early warning of misuse. Behaviour Anomaly Detection (BAD) helps security staff see suspicious events that are often invisible to rules-only SIEMs. By connecting the dots between abnormal and apparently unrelated activities, BAD allows security staff to quickly spot any (i) internal misuse, or (ii) carefully orchestrated attack designed to exploit security blind spots. In ICS systems and other IT environments, these early alerts can make the difference between responding in real time and making a difference, or after the damage is done. THE TAKE-AWAY Stuxnet sounded a warning about the vulnerability of the security monitoring and control procedures in organisations using ICS systems. We’ve seen that this new vector or a variant can penetrate the SCADA and control systems that were once thought secure. Moreover, leveraging the Internet’s connectivity for new technologies like smart grids and smart metering for electricity and gas will expose greater areas of vulnerability, and open millions of unsecured end points across the grid for attack. In May 2011, we learned how easily a SIM card in a Tasmanian smart meter trial was hacke Clearly, ICS (and other) operators should frequently review their security policies and processes, to: •Undertake a risk assessment of systems, monitoring and control processes across all parts of the enterprise; •Confirm and monitor the integrity of remote sites and communication links; •Aggregate IT and ICS event logging for integrated real-time correlation and interpretation; •Implement technologies and procedures that can extend beyond policy-based compliance monitoring to detect risky and suspicious system activity as it occurs; and •Adopt a security monitoring and control system that maintains evidential integrity and can adapt to current and future needs.
Ratings
You must be logged in to leave a rating.
Average rating: (0 votes)
Comments

No Comments Yet.


You must be logged in to leave a Comment.
ARTICLES
How to remove link from Wldirectory
Here is the short description, how to remove your link, if you no longer need it.
Get started with jewellery online shopping and find yourself many discounts and offers to avail
Today, Internet is the most versatile tools in the field of marketing. People generally uses it, as to advertise their business and products, as to attaing more and more money and also to get some merchandise.
Shared Hosting Cons And Professionals
Tie this to the fact that Bluehost offer a one month, full money back guarantee if you are unsatisfied for just about any cause. This would be particularly so as it pertains to multiple web hosting.of datacenters.
Monster Beats Headphones Outlet
A center channel is also included. When you are experienced enough, try your hand on starting your own recording studio.
Are you purchasing quality furniture?
When it comes to purchasing furniture you have so many places to choose from.