Intelligent CISO Issue 19 | Page 6

news Mimecast announces eBook from Cyber Resilience Think Tank imecast Limited, a leading email and data security company, has announced the availability of Decluttering Your Security Environment, the latest eBook from the Cyber Resilience Think Tank (CR Think Tank). M The eBook is designed to provide expert insight and prescriptive advice to global industry influencers on how the industry may be to blame for all this complexity in security environments, best practices to effectively reduce security risk by minimising complexity and considerations for hiring the next generation of security professionals. CR Think Tank members gathered earlier this year to discuss how the complexity of a security environment can contribute to inefficiencies and ultimately, risk. Decluttering Your Security Environment details how security environments became cluttered in the first place, how it’s directly related to the cybersecurity skills gap and what organisations can do to minimise complexity. This report offers key insights to reduce the overall risk of an organisation through simplifying IT infrastructures, helping to improve the effectiveness of their security environments. Specifically, the CR Think Tank members offer three key points for organisations preparing to declutter their IT security environment. The CR Think Tank is an independent group of more than a dozen security leaders dedicated to working together to address cyber-resilience challenges facing organisations. 6 RESEARCH IDENTIFIES ‘DISRUPTIONWARE’ AS EMERGING CYBERSECURITY THREAT orescout Technologies, a leader in device visibility and control, has released a new report Rise of Disruptionware: A Cyber-Physical Threat to Operational Technology Environments, which explores how the nature of cyberattacks is changing. that ‘bad actors’ without extensive technology know-how are targeting industrial equipment with inadequate protection mechanisms to suspend operations, disrupt continuity and disseminate deliverables in order to target productivity rather than extract money for financial gain. The research found that, while the traditional concept of malware damaging operations for monetary gain are still present, a new breed of attacks – ‘disruptionware’ – is wreaking havoc in networked industrial control system (ICS) and operational technologies (OT) environments. These low sophistication attacks are becoming increasingly consequential to the operator community. F The research, conducted in partnership with the Institute for Critical Infrastructure Technology (ICIT), examines the attack patterns targeting critical industry sectors like manufacturing, energy and transportation including ransomware, disk-wiping malware and similarly disruptive malicious code. It found The report outlines several steps that companies need to focus on to better protect themselves, including planning for and implementing security-by- design controls, developing an incident response plan, increasing device visibility across the converged IT/OT environment and segmenting networks. To download the full report, visit forescout.com/platform/ operational-technology/report-rise-of- disruptionware-how-disruptionware- like-lockergoga-significantly-impacts- critical-infrastructure/. Issue 19 | www.intelligentciso.com