Cyber Resilience Centers—A New Normal?
Could the LA Cyber Resilience Center be part of a new normal for critical national infrastructure? IBM certainly thinks so. In a press release, Christopher McCurdy, general manager, IBM Security Services said the CRC sets “a new industry standard” for cyber readiness.
He may be right. BitSight research finds that the nation’s largest infrastructure providers are at significant risk of ransomware attack and must do more to prevent cyber intrusions. For example, in the energy sector, 63% of companies are at heightened risk of ransomware attacks while 60% of utilities are at risk.
Much of this risk comes from misconfigured and unpatched systems. BitSight found that more than 75% of energy companies and 77% of utilities are exposed to ransomware risk due to poor configuration management. Furthermore, 41% of utilities and 32% of energy companies are slow to apply patches. Not surprisingly, poor performance in patch management is highly correlated with ransomware risk.
Both sectors could take a cue from the Port of Los Angeles and implement a more proactive and collaborative approach to detecting and protecting against cyber threats. But they must also focus on addressing gaps in their security programs, particularly with respect to vulnerability management, patching, configuration management, and endpoint security.
The Challenges of Mitigating Risk in Expanding Ecosystems
Unfortunately, as digital ecosystems expand—on-premise, in the cloud, and across geographies, business units, and remote offices—it’s hard to get a holistic view into areas of cyber risk.
What can critical infrastructure organizations do? Our findings stress that continuously monitoring security performance so that vulnerabilities are discovered and remediated before they are exploited is key to defending against any cyberattack.
The same cybersecurity vigilance must also extend to organizations’ suppliers and vendors. As they seek to get around traditional defenses, cybercriminals are increasingly finding and attacking the least secure business in the supply chain and using it as a foothold to gradually compromise their partners. But this is where companies have less visibility and control. Vendor security assessments have their place, but they provide incomplete and time-bound views of cyber risk.