Monitoring Is the First Step to IT Security
According to the recent survey by Positive Technologies, 61% of companies have such a weak network perimeter security that an intruder with basic hacking skills can easily penetrate it. Experts from ICL and Positive Technologies reported about the most important aspects of building IT security strategy for every company.
ICL and Positive Technologies held a joint workshop on IT security. Representatives of the largest enterprises of the Republic of Tatarstan attended the event.
Workshop participants discussed the current IT security trends and challenges, in particular, the accelerated development and scaling of threats, replication of attacks as in the case of Mirai botnet incident involving hacked IoT devices. Alexey Kachalin, Deputy Director for Business Development in Russia, Positive Technologies, pointed out that IoT security issues are hardly new, however, they have recently transformed into real threats that lead to high profile incidents causing substantial damage. At the same time, one can hardly expect the increase of security awareness among the producers of IoT devices because today none of them willingly spends time and money to test their products for vulnerabilities since in some cases it may threaten their leading positions in introducing products to the market. As a result, there are a lot of vulnerable devices in the market that can be used by the intruders to launch cyber attacks targeted on both users and companies as well as on critical systems and Internet infrastructure.
In the course of the discussion, Alexey Kachalin presented the incident analysis that also included incidents affecting industrial control systems (ICS). The workshop participants came to an understanding that merging IT systems with ICS systems and generation of process flows require a mature approach to IT security management and the ICS security monitoring and interpreting capabilities. PT ISIM and MaxPatrol SIEM solutions were used to demonstrate efficient approach to building IT security of a manufacturing company.
ICL experts presented their proposed solutions to IT security monitoring issues. Vladimir Dmitriev, Deputy Head of IT Security Tools Department at ICL, unveiled the Security Operations Centre (SOC Centre) established by ICL and intended for cyberattacks detection and prevention.
«Implementation and support of software and hardware tools designed for cyber attack prevention and building IT security monitoring processes are fairly labour-consuming and cost intensive for the enterprise in terms of both invested money and time. Not all enterprises can afford to establish an in-house IT security monitoring service,» commented Vladimir Dmitriev. «ICL SOC Centre is built on service model where security monitoring and cyberattacks prevention tasks are performed by the outsourced team of professionals that possess all necessary tools, knowledge and experience. Thus, the enterprise receives the guaranteed quality of service, reduces monitoring costs and can promptly protect its IT infrastructure from cyber attacks.»
Positive Technologies is a partner of SOC Centre project and a vendor of solutions SOC Centre is built upon.
«In order to establish a SOC Centre, the developed methodology is required and lots of arrangements should be made and preparatory work should be successfully completed in addition to the efficient monitoring and vulnerability analysis tools that are obviously a must. We are delighted that our partners chose solutions designed by Positive Technologies to build their monitoring centre. It is important to bear in mind that managing SOC operations gives us a chance to gain unrivalled experience. From this perspective, our companies can reap double benefit from this cooperation: firstly, we will share expertise that is important to further develop our products, and secondly, we will join our efforts to develop expertise in various SOC practices,» commented Alexey Kachalin.