Industrial Cybersecurity Pulse
  • SUBSCRIBE
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
SUBSCRIBE
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
Industrial Cybersecurity Pulse
Subscribe
Industrial Cybersecurity Pulse
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Threats & Vulnerabilities

Six key takeaways from Black Hat USA 2021

  • Gary Cohen
  • September 14, 2021
Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.
Courtesy: Brett Sayles
Total
0
Shares
0
0
0
0

In early August, the industry’s largest hybrid event – Black Hat USA 2021 – took place online and at the Mandalay Bay Convention Center in Las Vegas. The event, which highlighted the latest security trends and technology best practices, attracted more than 6,000 in-person attendees, while over 14,000 tuned in via the virtual platform. Darktrace’s Eloy Avila shares his six key takeaways.

1. The cybersecurity landscape is changing, but the threat types remain the same

As hackers continue to innovate and the attack surface widens, the threat landscape is evolving drastically. Despite a massive shift to remote work, the significant threats themselves have not changed since Black Hat USA 2020 and the early days of the COVID-19 pandemic.

Zero-days, ransomware, advanced persistent threats (APTs), supply chain attacks, targeted phishing, and threats to operational technology (OT) and Internet of Things (IoT) environments are still the top concerns, though we have seen an increase in attacks on the email and software-as-a-service (SaaS) side. While the attack methods largely remain the same, high-profile attacks like that on Colonial Pipeline have business leaders paying increased attention.

2. CISOs rise to new prominence within the C-suite

CISOs report that their engagement with the rest of the C-suite has dramatically improved due to new priorities and discussions around cybersecurity. Broader fears about hackers’ sophistication – and that nation-state attacks can directly impact private sector companies even outside of critical infrastructure – have spotlighted the vital role a CISO plays within an organization.

3. The future of security tools: Understanding both OT and IT

Over the past year, more OT institutions have moved away from security tools that focus solely on OT environments to those that understand information technology (IT) and OT. Before Stuxnet in 2010, most cyberattacks targeted traditional IT environments. Now, OT environments are victims, too (for example, the attacks on Colonial Pipeline and JBS).

With the digitization of our world, IT and OT have become more interconnected (also known as IT-OT convergence), forcing OT security practices to adapt. CISOs are now widely recognizing the importance of tools that can defend both OT and IT. Security tools need to operate in both IT and OT environments with a multilayered approach to intelligently interrupt cyber threats early in the kill chain, on both sides of the network, and minimize disruption.

4. Supply chain attacks heavily reduce the operational cost of mass exploitation

Supply chain attacks create indiscriminate damage, as we saw with SolarWinds in December 2020 and Kaseya in July 2021. Regulation alone will not be enough to combat supply chain attacks, so businesses themselves need to invest in the right security tools and procedures to ensure cyber health and resilience. Supply chain attacks are virtually impossible to detect with legacy, signature-based security: The malicious software is packaged as legitimate and delivered into the heart of thousands of organizations by trusted suppliers and partners.

Artificial intelligence (AI) is making huge steps forward in this area. Today, the most cyber-mature organizations already rely on AI systems to continually monitor their risk across globally distributed networks, made up of multiple third parties worldwide.

5. Zero-day vulnerabilities are on the rise

Newly identified zero-day vulnerabilities in the wild have steadily risen over the past few years. 2021 saw an unprecedented spike in zero-day vulnerability detection, rapid reconnaissance and active exploitation. Data compiled by Google’s Project Zero reveals that 2021 is the biggest year on record for “in the wild” zero-day exploits. While security professionals can usually anticipate 20 to 25 exploited zero-days in any given year, 2021 saw a massive 33 before July alone. Notably, both supply chain attacks listed above (SolarWinds and Kaseya) resulted from hackers exploiting zero-day vulnerabilities.

6. Offensive vs. defensive security

Cyber compromises have increased over the past decade, and defenses that look in the rearview mirror are struggling to withstand the new wave of attacks.

Improving defensive security is possible with a better understanding of “action bias” (e.g., individuals will act without fully understanding o­r evaluating the situation). Security professionals need to fully understand what occurs when compromised before acting, even when the case is stressful or time sensitive.

Innovations like AI help augment human teams by providing complete visibility into the network, giving context around an attack, and helping human teams triage, prioritize and summarize incidents. We need to put cyber teams on the front foot: proactively monitoring and investigating threats in real time as they develop instead of consistently reacting to threats that have already escalated into attacks.

– This article on Black Hat USA originally appeared on Darktrace’s blog. Darktrace is a CFE Media content partner.

Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.

Gary Cohen

Gary Cohen is senior editor/product manager at CFE Media.

Related Topics
  • CFE Content
  • Featured
  • news
Previous Article
  • Strategies

A Case for SBOMs: Expert Interview Series, Eric Byres, aDolus Technology

  • Gary Cohen
  • September 10, 2021
Read More
Next Article
Courtesy: QG Media
  • Education

CS4CA USA Summit launches virtually on September 16 and 17

  • QG Media
  • September 14, 2021
Read More
You May Also Like
Read More

Protecting Critical Infrastructure eBook

Courtesy: Bundy Group
Read More

Cybersecurity mergers and acquisitions and capital markets update

Read More

Webcast: How to Protect Against Supply Chain Attacks

Courtesy of: Louisiana State University
Read More

Taking a ‘hands-on’ approach to smartphone identity verification

Courtesy: Applied Control Engineering Inc.
Read More

New funding will help University of Arizona grow the cybersecurity workforce

Hero and Rajapaske stand next to the microscope display showing an image of the multiplying B-cells. (Courtesy of: Silvia Cardarelli, Electrical and Computer Engineering, University of Michigan)
Read More

Immune to hacks: Inoculating deep neural networks to thwart attacks

Read More

Introduction to ICS security fundamentals

Courtesy: CFE Media and Technology
Read More

NSF award will help IUPUI train, increase diversity of next wave of cybersecurity engineers

SUBSCRIBE

GET ON THE BEAT

Keep your finger on the pulse of top industry news

SUBSCRIBE TODAY!
VULNERABILITY PULSE
  • Berkeley Internet Name Domain (BIND) - May 19, 2022
  • Mitsubishi Electric - May 19, 2022
  • Apache - May 16, 2022
  • CISA - May 16, 2022
  • Joint Cybersecurity Advisory - May 17, 2022

RECENT NEWS

  • Throwback Attack: Hackers attempt to flood Israeli water supply with chlorine
  • Will CISA recommend securing industrial control systems?
  • How to implement layered industrial cybersecurity in volatile times
  • Throwback Attack: DDoS attacks are born in the Big Ten
  • Improve two-factor authentication system security

EDUCATION BEAT

Introduction to Cybersecurity within Cyber-Physical Systems

Cyber-physical systems serve as the foundation and the invention base of the modern society making them critical to both government and business.

REGISTER NOW!
HACKS & ATTACKS
  • Ron Brash Interview: Expert advice on finding the root of the ransomware problem
  • Throwback Attack: How the modest Bowman Avenue Dam became the target of Iranian hackers
  • Minimizing the REvil impact delivered via Kaseya servers
  • Key takeaways from 2020 ICS-CERT vulnerabilities
Industrial Cybersecurity Pulse

Copyright 2022 CFE Media and Technology.
All rights reserved.


BETA

Version 1.0

  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions

Input your search keywords and press Enter.

By using this website, you agree to our use of cookies. This may include personalization of content and ads, and traffic analytics. Review our Privacy Policy for more information. ACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT