In the wake of successful ransomware attacks on Colonial Pipeline, which provides 45% of the U.S. East Coast’s fuel, and JBS Foods, the world’s largest meat supplier, the United States government has released recommendations to improve ICS cybersecurity.
Those recommendations are:
- Use foundational best practices, including multi-factor authentication, endpoint detection and response, encryption, and employing a dedicated security team.
- Back up data regularly.
- Regularly schedule updates and patching for assets and software.
- Create, test, and deploy an incident response plan.
- Use an outside penetration testing service to check the security team’s work.
- Segment networks.
President Biden and his staff have recognized that the spread of ransomware results in significant impact to the global economy and traditional methods of cyber defense are no longer adequate to prevent attacks. At TXOne Networks we fully support this message and we look forward to working together with organizations to create a healthier, safer internet for communication and commerce.
Out of this set of recommendations, some are easier to deploy than others – especially with regard to the importance of keeping the operation running safely and steadily. Patching and updating software can lead to delays and complications, especially in an environment running equipment from a variety of different suppliers, and furthermore in most work sites many assets are past their end-of-service date and no longer receive updates. Network segmentation can be complicated and time consuming to set up if it’s not done with appliances that are tailored to the job.
TXOne’s Edge series, with its inbuilt network segmentation and virtual patching technology, is perfect for streamlining both of these challenging needs. Virtual patching is a network-based behavior that puts a “shield” around vulnerable assets, with special attention to those legacy assets which can no longer be patched or updated. At the time of deployment, the Edge series can segment the network based on business intentionality, so that devices can only communicate as they must in order to do their work, requiring no changes to existing topology to prevent lateral movement across the network. The Edge series is made up of EdgeIPS, EdgeIPS Proand EdgeFire, all of which can be managed and maintained from the same centralized management software, OT Defense Console.