Page 86 - CDM-CYBER-DEFENSE-eMAGAZINE-December-2018
P. 86

Detecting Threats Early

            The ability to detect real threats from the deluge of the incoming security alerts is critical, which requires
            some investment into a solution that includes machine learning and AI.



            Without artificial intelligence and data analytics, it’s nearly impossible to dig out the real threats from the
            thousands of flagged events every day. And, as attacks become more distributed and long-term, this
            analysis becomes critical to network security. Mere compliance with regulations will not put all these
            pillars in place.



            A complete cybersecurity approach isn't limited to just one or a few parts of a company, like a typical IT
            department for example. The adherence to self-decided standards, rules and practices must be a top-
            down and a bottom-up responsibility flow. A company's security solution must be complementary to all
            current security approaches and will ultimately fail without company-wide awareness and implementation
            of practices and procedures.





            Security is About Collaboration

            Open systems allow collaboration among many people working on the solution, and the intelligence of
            the analytics systems gets better every day. Utility networks can absolutely be made very secure. Just
            don’t assume that compliance with the regulations is the only step in that process.



            Open  systems  also  allow  for  companies  to  leverage  far  better  intelligence  and  analytics  to  ensure
            companies can be both compliant and secure. In a world where the only constant is change, the only
            means of staying ‘future proof’ is through constant feedback.



            As a result of recent regulations, however, most utilities have started to perform routine threat analysis
            scenarios and consultations, as well as intensive staff training on data and cybersecurity practices, using
            the regulations as a framework. These regulations must be combined with regular on-site and real-time
            threat analysis of the OT network and other critical assets, so that deployment of security and safety tools
            is performed giving a high level of effectiveness while responding to the three main pillars described
            above.












                                 86
   81   82   83   84   85   86   87   88   89   90   91