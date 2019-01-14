|By PR Newswire
|
Article Rating:
|January 14, 2019 08:15 AM EST
MAHWAH, New Jersey, Jan. 14, 2019 /PRNewswire/ -- Radiflow, a leading provider of industrial cybersecurity solutions for critical infrastructure, today announced that the company is presenting a new approach for classifying the attack characteristics and assessing attack vulnerabilities on OT networks in a recently published whitepaper titled Meet Your Attacker: SCADA Attackers Taxonomy and Analysis.
In the company's new whitepaper, Radiflow explains that while the reporting on cybersecurity incidents and attack campaigns is on the rise, each reporting organization uses a different analysis methodology.
For example, the cyberattack in the power grid in Ukraine in 2015 was covered by over 30 research centers around the world with each using its own methodology and publishing biased conclusions influenced by the researcher's knowledge and the organization's point of view.
"The increase in the number of reports, each with a different analysis methodology, makes it challenging for security analysts to derive coherent and clear conclusions from the cases," explained Yehonatan Kfir, CTO of Radiflow and the author of this whitepaper. "The current lack of a single taxonomy to analyze security incidents leads to difficulties in understanding the threat landscape in an unbiased way."
In the whitepaper, Radiflow analyzes several highly publicized cybersecurity incidents over the past ten years, including the Triton and the Ukraine electricity blackout cases, and puts forward a new evidence-based taxonomy for classifying and analyzing the impact of each on OT networks.
"We believe our new taxonomy and case analysis provides a clearer model for understanding cyber-attacks on SCADA systems," added Kfir. "Our new taxonomy gives risk managers a coherent framework for analyzing the different types of attackers and allows them to plan their security defenses according to the attacker models that are relevant for their specific organizations."
According to Radiflow, the next evolutional step in risk analysis for critical infrastructure operators and industrial enterprises is dynamically determining the impact of disclosed vulnerabilities. The company advocates that this should be done based on the context of the organization's OT network and business logic related to the relevant attacker models.
"Here too there are issues with the existing methods as the two major vulnerability disclosure organizations – NIST and ICS-CERT – use scoring standards for the risk assessment of disclosed vulnerabilities with a bias towards IT networks, specifically the potential of a vulnerability to compromise sensitive data and cause non-compliance with regulations," stated Kfir. "Even though these two organizations do not always agree on the impact of a disclosed vulnerability, this framework is clearly a good fit for corporate IT networks, although is not always applicable to the context of industrial environments and the SCADA and ICS systems running on OT networks."
For more information on Radiflow's new approach to classifying and assessing attack vulnerabilities on OT networks, please download the company's new whitepaper titled Meet Your Attacker: SCADA Attackers Taxonomy and Analysis.
Yehonatan Kfir, Radiflow's CTO, will also be speaking on the topic in his presentation titled ICS Security – Beyond Visibility Towards Analytics at the S4x19 event in Miami on January 14 – 17.
At the S4x19 event, Radiflow invites all participants to visit the company at Booth G and complete the company's short survey to discover the vulnerability score of their organizations. Participants that complete the survey will receive their results after the event and a copy of the overall survey results that will allow them to anonymously compare their results with their peers.
About Radiflow
Radiflow is a leading provider of cybersecurity solutions for critical infrastructure networks (SCADA), such as power utilities, oil, gas and water. SCADA networks often extend across multiple remote sites, allowing automation devices to be controlled from the control center. Radiflow's security tool set validates the behavior of both M2M applications and H2M (Human-to-Machine) sessions in distributed operational networks. Radiflow's security solutions are available both as in-line gateways for remote sites and as a non-intrusive IDS (Intrusion Detection System) that can be deployed per site or centrally. Radiflow was founded in 2009 as part of the RAD group, a family of ICT vendors with over $1Bn annual revenues. Radiflow solutions were launched at the end of 2011, validated by leading research labs and successfully deployed by major utilities worldwide. Radiflow's solutions are sold as either integrated into wider end-to-end solution of global automation vendors or as a standalone security solution by local channel partners. For more information, please visit www.radiflow.com and follow the company on LinkedIn.
Press Contact
Tony Miller
+1-617-418-3024
[email protected]
View original content:http://www.prnewswire.com/news-releases/radiflow-offers-new-approach-for-classifying-and-assessing-ot-attack-vulnerabilities-300777570.html
SOURCE Radiflow
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Jan. 14, 2019 08:45 AM EST
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundat...
Jan. 14, 2019 08:15 AM EST
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), while reinvention of IT Ops has lagged. However, new approaches like Site Reliability Engineering, Observability, Containerization, Operations Analytics, and ML/AI are driving a resurgence of IT Ops. In this session our expert panel will focus on how these new ideas are [putting the Ops back in DevOps orbringing modern IT Ops to DevOps].
Jan. 14, 2019 07:00 AM EST
While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.
Jan. 14, 2019 06:45 AM EST
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leadin...
Jan. 14, 2019 06:30 AM EST
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure...
Jan. 14, 2019 06:15 AM EST
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
Jan. 14, 2019 06:00 AM EST
In very short order, the term "Blockchain" has lost an incredible amount of meaning. With too many jumping on the bandwagon, the market is inundated with projects and use cases that miss the real potential of the technology. We have to begin removing Blockchain from the conversation and ground ourselves in the motivating principles of the technology itself; whether it is consumer privacy, data ownership, trust or even participation in the global economy, the world is faced with serious problems ...
Jan. 14, 2019 05:45 AM EST
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Jan. 14, 2019 05:45 AM EST
In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, as they represent yet another frontier for cyber-attacks. Complete visibility has never been more important-or more difficult. Powered by AI, Darktrace's Enterprise Immune System technology is the only solution to offer real-time visibility and insight into ...
Jan. 14, 2019 05:15 AM EST
Moving to Azure is the path to digital transformation, but not every journey is effective. Organizations that start with a cohesive, well-planned migration strategy can avoid common mistakes and stay a step ahead of the competition. Learn from Atmosera CEO, Jon Thomsen about the opportunities and challenges found in three pivotal phases of the journey to the cloud: Evaluation and Architecting, Migration and Management, and Optimization & Innovation. In each phase, there are distinct insights tha...
Jan. 14, 2019 05:15 AM EST
For enterprises to maintain business competitiveness in the digital economy, IT modernization is required. And cloud, with its on-demand, elastic and scalable principles has resoundingly been identified as the infrastructure model capable of supporting fast-changing business requirements that enterprises are challenged with, as a result of our increasingly connected world. In fact, Gartner states that by 2022, 28% of enterprise IT spending will have shifted to cloud. But enterprises still must d...
Jan. 14, 2019 05:00 AM EST
SUSE is a German-based, multinational, open-source software company that develops and sells Linux products to business customers. Founded in 1992, it was the first company to market Linux for the enterprise. Founded in 1992, SUSE is the world's first provider of an Enterprise Linux distribution.
Jan. 14, 2019 03:45 AM EST
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leadin...
Jan. 13, 2019 07:45 PM EST
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure...
Jan. 13, 2019 07:00 PM EST