FEATURE: CYBERSECURITY
//////////////////////////////////////////////////////////////////////////
Kim Legelis, CMO,
Nozomi Networks
would be. It’s a great way to speed your
ability to respond in the face of an attack.
How is this relevant to CNI?
Because the impact of a breach or an attack
on a critical national infrastructure company
or system could be so dramatic. We’ve seen
that most of the really significant exercises
and testing is going on in those sectors
because they want to minimise the possible
impact of damage.
Is the issue of cyberattacks on CNI
taken seriously by governments and
companies within the EU?
THE IMPACT OF CYBERATTACKS ON
CNI COULD HAVE LONG-LASTING
EFFECTS ON BOTH THE SAFETY OF
CITIZENS AND ON NATIONAL AND
ECONOMIC SECURITY.
What sectors do you see being most
targeted by cyberattacks?
I believe the utility sector, the oil and
gas sector, transportation, and critical
manufacturing are all areas where we see
companies taking steps to put technologies
and programmes in place to minimise the
cybersecurity risk.
Why do you think these sectors are
being most targeted?
There are several motivations for threat
actors, which include: nation states
motivated by a wide range of factors – from
espionage to disruption and hacktivists who
need to make their point.
From our experience, most of the issues
that exist inside CNI that are discovered
through our innovations around giving
visibility actually have more to do with
62
INTELLIGENTCIO
misconfigurations or human error that
has happened when the systems were
set up or maintained, as oppose to actual
cyberthreats from the outside. So, it’s not
really an attack that creates risks in most
cases, it’s actually just the exposures that
exist within those operating systems. When
you put defences and monitoring in place,
you identify those in advance of attacks
which helps you lower your risk.
How are fire drill tests used as a
cyberdefence method?
Organisations and governments conduct
exercises that pull together the players in a
company or in an industry to simulate an
attack. They do this sometimes as a public-
private collaboration across an industry
where they simulate various aspects of an
attack – cyber, sometimes physical – and
they observe the monitoring that goes on
and people simulate what their reactions
I think it’s taken extremely seriously both
by governments and by private sector
companies who operate CNIs, whether
that’s power plants, water companies or
transportation companies. If you’re an
intelligent CIO or an intelligent CISO, your
board is asking you if your operations are
secure – how are we protecting our power
plant, our oil refineries, our water supply
and our transportation systems from
cyberthreats? That’s the question that’s
being asked at the highest level within those
organisations and that’s driving action for
CISOs to ensure they have both visibility and
strong cybersecurity programmes to protect
their critical operations.
What immediate action do you think
would be best moving forward to
secure operations?
You might have a pessimistic attitude when
it comes to being able to secure critical
national infrastructure. However, many in
the industry are now quite optimistic about
the ability to secure CNI against attacks
due to the advances in technology that
allow them to have visibility and situational
awareness into these operating systems.
This also allows them to mask the assets
that need to be protected and to monitor
them to identify threats that exist in those
environments. Those are the aspects that
are really making the difference.
The combination of people and technology
is at a point now where it’s time for the
industry to take action. They have been
improving and now it’s time to make sure
you have what you need in place for a robust
cybersecurity programme for CNI. n
www.intelligentcio.com