On December 12, Scott Coleman shares his expert perspective during the Smart Industry webinar “Protecting Industry in the Age of New Threats: Cybersecurity in the Digital Industrial Enterprise.”
Today the director of marketing & product management with Owl Cyber Defense provides a preview of the topics he will explore. Take a look…
Smart Industry: Define "data-diode technology" and detail how this affects your approach to cybersecurity.
Scott: In broad terms, a data diode could be defined as a device with two nodes or circuits—one send only and one receive only—that allows the flow of data in one direction only, from a source to a destination, while securing the source and/or destination networks and applications from external access. It is, perhaps, simplest to think of data diodes as digital one-way valves for data, allowing data to flow one way, without a way back. The hardware-based functionality requires minimal/no modifications to existing systems, which is a major factor in many industrial organizations, and data diodes are enforced by the laws of physics, so they can’t be hacked.
The purpose of data diode one-way transfer devices is two-fold: network security through segmentation (separation), often in place of a physical air gap; and data availability (getting the data to the end-users), whether it be via file transfer, or more complex functions such as database replication. By enabling both strong security and data availability, organizations don’t have to choose whether to keep their networks and devices secure or keep channels of data communication open.
Smart Industry: What are the elements of integrated security and why is this tactic critical to thwart modern attacks?
Scott: Integrated security involves layers of security working together to protect data and systems, also known as a “defense-in-depth” strategy. This includes SIEM, data diodes, firewalls, encryption or tokenization, Ethernet switches, and other cybersecurity tools, devices, software, and best practices. By layering security rather than relying on any one technology or strategy, if one of these layers fails there will be another right behind it to continue protecting. Integrated security enables users, operators, security professionals, and everyday people to reduce risk and provides the strongest, best chance to protect their networks and data from cyber-threats.
Scott: Of course! People tend to think of security and functionality as a spectrum with high security and low functionality on one end, and low security and high functionality at the other. But the reality is much more nuanced. What kinds of security you implement, where you implement it, and how you use it can all affect its impact on digital applications and data access. Data diodes are a great example, in that they provide extremely high security to networks and devices, while data is made available to any users and applications that need it. Tokenization is another, in that it can protect data while retaining the properties and formatting that allow applications and data stores to process it.
However, because the structure, purpose, and people in every organization can vary dramatically, there is no panacea that can be applied to solve every situation. The challenge is finding the right mix of technology and best practices that can ensure the highest levels of both security and data access to meet your organization’s unique needs.
Smart Industry: What is the greatest misconception about cybersecurity in this age of digital transformation?
Scott: The idea that most cybersecurity is ineffective or a lost cause. It seems like every day a new major breach gets announced—often at organizations expected to be very secure—and every cybersecurity vendor will downplay another technology as insufficient or insecure. The truth is a lot of cybersecurity isn’t just reliant on the technology—it comes down to people, and people are fallible. They also do a lot of things they shouldn’t, like open up ports, bypass security protocols, fail to reset passwords, lose their laptops, give unauthorized access, and all kinds of other things for the sake of convenience, by mistake, or even sometimes as a malicious internal actor.
The answer in some of these cases is more or better technology. But in many cases, it’s simply better training and education, more scrutiny and accountability, and two-person authentication. Just like layers of security technology, it can be equally as effective to have multiple layers of people to control your security and sensitive systems.
