McAfee offers guidance to improve critical infrastructure security
Posted on 09 April 2009.
Recent reports that the US electrical grid has been penetrated by spies from China and Russia has prompted security experts from McAfee to issue a warning and advice to organizations tasked with protecting the nationís critical infrastructures. Former national security officials have said that cyberspies penetrated the electrical grid and have left behind software programs that could disrupt the system.

The disclosure of electrical grid vulnerabilities confirms what McAfee experts have said for some time. Traditionally, critical networks have had little to no cyber protection, and have relied on physical protection from guards, gates and guns. Today these networks are being expanded to provide remote monitoring and management and are linked up to corporate networks, opening doors for attackers.

In a study released in November 2008, more than 50 percent of respondents said that utilities, oil and gas, transportation, telecommunications, chemical, emergency services and postal/shipping industries were not prepared for a cyberattack. The McAfee study surveyed 199 international security experts and other industry insiders from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries.

Organizations, particularly energy companies, need to establish multi-function task forces that include IT staff and security experts. McAfee recommends that critical infrastructure asset owners and operators take five steps towards greater cybersecurity:
  • Performing ongoing vulnerability assessments
  • Vigilant monitoring of network automation and control systems
  • Sharing information about threats and attacks through the industry Information Sharing and Analysis Centers (ISACs) such as the electricity sector ISAC and up the chain of command within organizations
  • Taking a proactive approach utilizing global threat intelligence and implementing reputation-based technology
  • Thinking beyond regulatory compliance.





Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //