Live
- 'Visually stunning spectacle': Yash heaps praise on 'Kalki 2898AD' starring 'darling' Prabhas
- 'Comprehensive', Maharashtra CM hails state budget 2024-25
- Indian economy slated for sustained growth: ITC annual report
- Delhi witnesses sizeable jump in temperature-related power demand: IEEFA report
- Maha budget an attempt to compensate Lok Sabha poll debacle: NCP-SP
- NSE warns investors against individuals promising assured returns in stock market
- Let's keep going, says Biden as Democrats deal with debate shocker
- Bengal school job case: CBI seizes sack full of documents from state Education Department
- Humanoid robotics conversations surged 80 pc on X during 1st half of 2024: Report
- T20 World Cup: 'South Africa ko choke karaana hoga,' says 1983 WC winner Kirti Azad ahead of final
Just In
Kaspersky Lab Empowers ICS Operators with Adaptive Information Security
10 Dec 2015 1:42 PM GMT
x
Highlights
Kaspersky Lab has patented a method of modeling IT security and adapting it to an enterprise’s individual needs.
Kaspersky Lab has patented a method of modeling IT security and adapting it to an enterprise’s individual needs. By analyzing the ways in which malware affects different elements of the IT infrastructure, the newly patented method can be used to simulate the possible effect of malware on the infrastructure as a whole and to choose the most effective methods of neutralizing threats based on a specific enterprise’s top security criteria. The patent was issued by the United States Patent and Trademark Office.
In an age of ubiquitous Internet-connectivity, an enterprise’s industrial network needs protection from cyberthreats at least as much as its office IT infrastructure does, if not more so. Moreover, there is ample proof that cyber-incidents in industrial networks can have far graver consequences than the same incidents in corporate networks. According to the RISI analytical agency, every tenth enterprise has suffered losses of between one and 10 million dollars from cyber-incidents that resulted in the disruption of an industrial process. In 2013, the downtime caused by a cyber-incident in an industrial network lasted 24 hours or more in 25% of cases.
In most cases, infection of the industrial network started with cybercriminals penetrating the corporate network. Importantly, there was often a direct data transfer channel between the two networks, with little or no protection. The next most popular method was found to be penetration via remote access to the industrial network (directly from controllers or the remote offices of the organization/contractor) using a Wi-Fi and/or cellular wireless channel and incorrect VPN connection settings.Access to the Industrial Control System (ICS) from contractor networks deserves a special mention, since it is impossible to fully control the security of a contractor’s remote networks and to inform the contractor’s employees about IT security rules.
The method patented by Kaspersky Lab makes it possible to create a model of an enterprise’s IT security system in several stages, adapt the security system to the enterprise’s specific requirements and identify the most effective methods of mitigating IT security incidents in an industrial network.
In the first stage, a complete model of the enterprise with all its electronic systems is created, based on the topology of computing devices and their connections. Next, the impact of malware on each individual computing device is reproduced and the result of that impact is modeled. In all subsequent stages, the IT system’s response to different malware-related events is calculated, as well as the most effective measures to mitigate the unwanted effects of these events.
“When implementing an enterprise’s cybersecurity system, it is very difficult to assess how effective it will be. Expensive solutions are not always the most effective,” - explained Andrey Doukhvalov, Head of Future Techs, Chief Strategy Architect, Future Technologies, Kaspersky Lab. “Modeling security incidents and designing an optimal response strategy for a specific information system can be used to calculate the most effective measures to protect industrial processes based on predefined criteria, such as data confidentiality or industrial process continuity.”
The ideas behind the patented method are used in the Kaspersky Industrial Protection Simulation training course.
Next Story
More Stories
ADVERTISEMENT
© 2024 Hyderabad Media House Limited/The Hans India. All rights reserved. Powered by hocalwire.com