CEO Insights: Why Cybersecurity is an enablement of IIoT
Lucian Fogoros: How would you rate the level of cybersecurity awareness among industry in general? What level of uptake do you see regarding the level of cybersecurity best practices and systems?
Joseph Saunders: With the many reported attacks on utilities, SCADA systems, and operational technology, I’d have to say that the level of cybersecurity awareness – especially within IIoT and ICS – is increasing. In the U.S., the Department of Homeland Security Computer Emergency Readiness Team (CERT), publishes dozens of advisories about identified vulnerabilities each week. These notices provide owners and operators of critical infrastructure with information about threats or activity with the potential to impact computing networks and the cybersecurity of embedded systems. This effort aids in making more organizations aware of cyber risks.
There is growing adoption and subscription to threat intelligence monitoring by CISO’s, and they are relying on this data to determine current exposure. However, with the increasing threats from connected devices and IIoT, more companies are realizing they have to invest in mitigation techniques, rather than just reporting. So I’m seeing the evolution from cyber intrusion defense and monitoring to mitigation – or, put another way, from detection to prevention. The C-suite is beginning to ask the question, “Are the cybersecurity methods I’m using actually reducing the risks of attack?”
Lucian Fogoros: Can Industrial Internet of Things and Cybersecurity co-exist? If so, how?
Joseph Saunders: Productivity gains and cost reduction from the implementation of IIoT devices are dramatically improving operations across all critical infrastructure, but especially in energy, telecom, healthcare, manufacturing, and transportation. As with any gain, there may be a downside, and that is the threat that accompanies the increased connectivity and proliferation of such devices. Cybersecurity is an enablement of IIoT because it reduces the downside – and should be incorporated in every IIoT deployment. The good news is there are solutions that don’t detract from IIoT’s advantages.
Lucian Fogoros: How do you think cybersecurity professionals can better secure critical infrastructure?
Joseph Saunders: The most important thing is to think beyond traditional defense techniques like gateways, firewalls, intrusion detection, and anti-virus agents. You have to remember that detection tools offer no help in cases where the supply chain itself is compromised, in the case of file-less attacks like memory corruption exploits, stack and heap attacks, Return-Oriented Programming (ROP) chain attacks or zero-day attacks. Cyber professionals should assume that attacks will occur, and therefore protect from the inside out by hardening the software itself. This will protect against operational disruption, ransomware, data exfiltration, reputational damage, and execution of malicious payloads.
Lucian Fogoros: Why should a company choose RunSafe Security’s Alkemist™ to secure an industrial asset?
Joseph Saunders: RunSafe’s Alkemist™ transforms IIoT systems and devices into a protected version of the same. It hardens software binaries (files and programs) against memory corruption errors and buffer overflow exploits – the techniques attackers typically use to gain control. Alkemist™ is remotely deployable and can be accessed through a web client or RestAPI. It eliminates the need for re-engineering, re-testing, and patch management emergencies, so resources can be applied to maintain system uptime and continuity of operations. I’ll also note that Alkemist™ doesn’t require any new software, services, or hardware; no access to source code, compiler, or operating system, and no alerts to monitor – so organizations can achieve advanced cybersecurity protection directly and easily across multiple vendor systems.
Lucian Fogoros: What makes you the most optimistic about the future of cybersecurity?
Joseph Saunders: I’m optimistic because, with Alkemist™, cybersecurity is not just about building protection into new systems – it can be applied to systems already deployed in the field. So “rip and replace” is not necessary. Companies can extend capital investment, integrate operational technology with IT, and add on to legacy equipment, all without having to completely replace machinery and facilities.
Joe Saunders has more than 25 years of leadership, business building, and startup experience having served in a variety of business development and general management roles for high growth companies. Prior to founding RunSafe Security, Joe served as director of Thomson Reuters Special Services, where he led analytical solutions to help law enforcement agencies identify national security threats. Joe previously led the digital technology division of AIMS Worldwide and was a member of the management team at TARGUSinfo, which was acquired by Neustar for $750M in 2011.