A new poll has revealed that many MPs regard cyber-attacks on the UK’s critical national infrastructure (CNI) as the biggest online threat facing the nation. The good news is that we have an EU law to tackle exactly this challenge: the NIS Directive. But effective compliance will only be possible if organisations working in these sectors get better at bridging the traditional divide between IT and OT. Continue reading →
It’s that time of year again: on Tuesday the doors to Olympia will be flung open as London becomes the de facto centre of the global IT security industry for a few days. Yes, it’s Infosecurity Europe – one of the biggest and best attended events of its kind on the calendar. Trend Micro will be there as always, with a mountain of new research to share and experts on hand to explain why a layered, connected approach to cyber defence is the only effective way for organisations to battle modern threats. Continue reading →
With all the hype surrounding WannaCry over the past week, it’s easy to forget that organisations are facing a far broader range of threats than ransomware. Targeted attacks on critical infrastructure, particularly SCADA systems, have been on the radar since Stuxnet, but as the attacks on the Ukrainian power grid have shown, they’re still a major cause for concern.
That’s why Trend Micro compiled its latest report, Hacker Machine Interface, focusing specifically on the Human Machine Interface (HMI) displays present in most SCADA set-ups. Unfortunately, we found that a lot more needs to be done to architect more secure systems and to ensure patches are produced and applied swiftly. Continue reading →
Renowned think tank Chatham House this week published a new report warning that those in charge of the UK’s nuclear facilities have underestimated the risk of a serious cyber attack. While some of the sensational tabloid headlines it generated are somewhat wide of the mark, the report nevertheless highlights again the potentially catastrophic effects of cyber attacks on SCADA and industrial control systems (ICS).
It should provide food for thought for any CISO tasked with securing such systems. Continue reading →