Page 134 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 134

b. Use different management servers to the OT and IT networks (Windows domains, etc).
                          By doing so, compromising the IT domain will not compromise the OT domain.

                   4. Constant Network Monitoring
                   A constant network monitoring platform (we happen to know a really good one), will help you

                   identify threats while analyzing network traffic and will help you see the bigger picture of what’s
                   happening in your network.

                   5. Data Exfiltration
                   Monitor your network for unusual outbound traffic. Everyday user activity should not generate
                   uplink activity higher than about 200MB/daily per user.

            How SCADAfence Helps You

            We provide a comprehensive solution - The SCADAfence’s platform which was built to protect industrial
            organizations like yours from industrial cyber attacks (including ransomware). It also helps you implement
            better security practices amongst its built-in features. Some of these include:

               •  Asset Management
               •  Network Maps
               •  Traffic Analyzers

            These tools will help your organization to implement better network segmentation, to make sure that your
            firewalls are functioning properly, and that every device in the OT network is communicating only with
            the ones that they should be communicating with. You will also be able to spot assets that are not where
            they're supposed to be, for example, forgotten assets in the DMZ.

            The platform, which is also the highest-rated OT & IoT security platform, also monitors the network traffic
            for any threats, including ones that are found in typical ransomware attacks; such as:


               •  Security exploits being sent across the network.
               •  Lateral movement attempts using the latest techniques.
               •  Network scanning and network reconnaissance.
            In an event of a security breach, SCADAfence’s detailed alerts will help you to contain these threats as
            quickly as possible. Ultimately, we built this tool to help industrial organizations to understand their attack
            surface,  to  implement  effective  segmentation  and  constant  network  monitoring  for  any  malicious  or
            anomalous activity.

            We’d like to share with you a true story of our recent incident response to an industrial ransomware
            cyberattack. SCADAfence’s incident response team assists companies in cybersecurity emergencies. In
            this video, we will review a recent incident response activity in which we took part. This research has
            been published with the goal of assisting organizations to plan for such events and reduce the impact of
            targeted industrial ransomware in their networks.

            For more detailed information on this story, we prepared a full whitepaper here:






                                                                                                            134
   129   130   131   132   133   134   135   136   137   138   139