COVER STORY
SentinelOne has taken care of the tedious , timeconsuming manual work . This makes it a great partner , a partner in crime-fighting . an agent or even IoT are being detected and reported , this takes the visibility aspect to the next level .
What are some of the overall business benefits you ’ ve seen since implementation ?
In our case , the number one cybersecurity priority is to keep the trains running . The focus is on cyberresilience . We adopted the ‘ assume breach ’ mentality a while ago .
That doesn ’ t mean we no longer invest in the protection of our environment , but we rather focus on the detect and systems stop working , that immediately has a knock-on effect on the ground , impacting our trains and our customers . We simply cannot afford any downtime .
What are some of the common cyberattacks you witness within the transport industry and how do you ensure you can protect against these ?
We have not experienced any specific attacks besides the types of attacks we are all suffering from . We did experience a successful attack at the beginning of the year . You may remember the widespread panic around the Citrix Netscaler vulnerabilities around the year end . We had successfully and swiftly patched the vulnerabilities when they had been announced . Or at least we thought . Apparently , we had missed one instance which got compromised . Luckily , this was detected rather quickly , followed by an isolation and eventually removal of the affected host . Further analysis showed no fallout . This again is evidence that technology alone will not save us . A proper compliance check after patching was omitted . The proper processes need to support the technology we are using .
How has the solution offered improved visibility to better monitor the entire network ?
SentinelOne sits at the core of our security operations . The agent is running on all endpoints and servers . The visibility we get in relation to malicious activity across the network is invaluable . With new features where hosts without respond side of things . Whatever we do , a breach or compromise will happen . We just don ’ t know when . But we ’ d rather be prepared by making sure we have the visibility combined with proper detection capabilities so we can contain as fast as we can when it happens .
How does the solution allow you to future-proof your operations , especially as the future is so uncertain ?
That ’ s exactly why we need to focus on being cyber-resilient . We don ’ t know what the future will bring . What we do know is that with enough resources and time , any kind of attack will succeed . If you are being targeted , you will be compromised . Just make sure you are ready to detect , contain and rebound in the shortest amount of time possible . u www . intelligentciso . com
53