Home TECHNOLOGY CYBER SECURITY Cybersecurity Measures Are No Longer Just A Recommendation - Security By Design

Cybersecurity Measures Are No Longer Just A Recommendation – Security By Design

What is certain is that the advancing development of new technologies goes hand in hand with a growing need for solutions and new cybersecurity approaches to reduce the exponentially expanding attack surface in “smart buildings” and “smart cities” or industrial plants.

Cyber-attacks have increased in recent weeks and months. Supermarkets, public authorities, universities, and even waste disposal services became victims of such attacks.

In addition to the media reporting on it, numerous studies indicate an increase in cyberattacks. Most recently, the BKA published a situation report about cybercrime in 2020. It can be seen from this that there was an increase of 8 percent in the last year alone. It is also known that large companies are falling victim and increasingly small and medium-sized organizations. No industry seems unattractive to cybercriminals. In addition, the advancing digitization allows hackers to become more creative, and they also constantly exploit new or unlocked security gaps.

“However, it is not just digitization that can be identified as the source of all evil, but also the carelessness of companies in upgrading and adequately training employees, making it easier for hackers to access company networks. Cybersecurity measures still seem to be seen more as a kind of recommendation,” claims Uwe Gries, Country Manager DACH of Stormshield. This cybersecurity manufacturer is part of the Airbus Group.

Smart Everything

With a view to the future, which should be designed as more “digital” and “smarter,” one wonders how the two should be compatible with one another according to the principle of Security by Design. Because, in addition to digitization, “smart everything” technologies are increasingly finding their way into critical infrastructures and, if there is insufficient security, create additional gateways for attackers. This is because many areas, such as the energy, finance, health, and administrative sectors, continue to show deficits in digitization and implementing security measures.

Suppose you now consider developing approaches to convert cities into smart cities with smart grids, infrastructures 4.0, and e-administrations. In that case, one has to deal more with the topic of cybersecurity. The reason is simple: fellow human beings are also considered to be “smart” because they can weigh up risks, avoid or limit them proactively, and react promptly in the event of an emergency. The “quantization” of all infrastructures should be based on the same principle and be accompanied from the outset by adequate security measures.

Critis

Some of the recent attacks have clearly shown that critical infrastructures (KRITIS) in particular need to be protected more strongly, as these are fundamental to the functioning of a society. The KRITIS includes the energy, administration, and health sectors and the food and pharmaceutical industries. It is precisely these that need to be secured so that their attack surface is reduced to an acceptable minimum.

What is not justifiable in this context is clearly shown by the hacker attack on the US company Colonial Pipeline. The country concerned has severe consequences of complaining about, but such an incident often causes changes on a global level: In this case, oil prices rose worldwide. In addition, it becomes clear that the damage caused by such an attack can often not be repaired within a few minutes/hours, which increases the cost of repairing it exponentially. Security measures, such as solutions that also protect networks and workstations that have been decoupled from the Internet in real-time against suspicious behavior (such as sudden encryption or the transmission of commands contrary to protocol) would have been just as necessary here as behavior-based firewalling. And this for a fraction of the damage caused by the attack.

Public Hand

Another area that belongs to the “Smart City” concept and at least partially to KRITIS is the public sector, another popular cyber criminals target. In the last few months, in particular, authorities, public institutions, and hospitals have repeatedly fallen victim to cyber-attacks. The damage that occurred varied, but also the period until everything worked “normally” again. The hackers responsible not only got sensitive data through their attacks but also paralyzed the entire system so that the daily work of many authorities was impaired. ”Public sector organizations, particularly the reliability of which determines the level of trust of citizens, especially about the handling of personal data and the efficient provision of services, must not be satisfied with anything less than 100% preservation of sovereignty over their data and infrastructures.

This includes strict zero trust models to determine the access to data and resources and segmentation strategies that are intended to prevent attacks from spreading horizontally,” continues Gries. Here, too, the costs of security-by-design concepts and corresponding solutions would be significantly lower than the costs of repairing the damage.

As a European company specializing in cybersecurity for critical infrastructures and industrial environments, we cannot affirm often enough that cybersecurity measures can no longer be regarded as just a recommendation. The successful further development of all mentioned segments should be based exclusively on a solid line of defense, «adds Gries in conclusion.

Tech Buzz Reviews
Techbuzzreviews are a team full of web designers, freelancers, marketing experts, bloggers. We are on a mission to provide the best technology-related news with passion and tenacity. We mainly focus on the areas like the latest technology news, upcoming gadgets, business strategies and many more upcoming trends which are trending all over the world.

Most Popular

Troubleshooting, Restoring, And Connection Establishment: Troubleshoot Windows 365

Windows 365 is set up quickly, and users can work with the system. Various means are available if something does not work on the...

Why Does Google CAPTCHA Appear Often? I’m Not A Robot

What criteria lead Google to show the user a CAPTCHA and solve a graphical quiz? The acronym CAPTCHA stands for Completely Automated Public Turing-test-to-tell...

6G: Smartphones Will Be Excessive In 15 Years

Smartphones are omnipresent in our everyday life today. However, in 15 years, they may be gone. Market researcher GlobalData assumes this. According to an...

New Applications From The Google Play Store To Download Now

Here we are back with our survey of seven helpful/fascinating applications chosen from the new arrivals of the Google Play Store. This week we...

Attack Perimeters: Definition And Management

There's been a lot of talks lately about safety. And when it comes to security, the term" attack perimeter" often pops up. But what...

Sky Built Into The TV? It Is Possible, Thanks To Sky Glass

Sky Glass has begun to show itself to the public with all its potential. Its most significant selling point? The software, of course. The...

What Is The Intranet? Microsoft SharePoint As An Example

We usually talk about external communication when a company creates personalized advertisements to tell its target audience. Today we speak instead of the internal...