MicroSolved’s HoneyPoint Wasp Nominated for TechColumbus Innovation Award

MSI is proud to announce their nomination in the annual Innovation Awards, sponsored by TechColumbus, which recognizes outstanding achievements in technology leadership and innovation. HoneyPoint Wasp has been nominated for Outstanding Product for companies with 250 employees or less. 

We’re thrilled to be nominated. We believe our HoneyPoint Wasp is an excellent product, helping our clients battle bots and malware on their desktops. For more information, please read our press release and visit our HoneyPoint webpage. We look forward to the Awards Dinner in February 2012. Good luck to everyone who has been nominated!

Central Ohio ISSA Presentation: “Social Media Threats: Real, Imagined, & Maybe…”

Brent Huston, CEO and Security Evangelist of MicroSolved, Inc., delivered a fascinating presentation on social media security. In this talk, Brent discusses:

 

  • The explosive growth of social technology 
  • Conspiracy theories – what is real and what is imagined 
  • Where the real threats exist 
  • What controls you can use to minimize risk 
  • What you can do to deal with social media’s security risks

To download the slide deck and audio, click here for the zip file.

And as always, stay safe out there!

Reason #1 To Attend Ohio SCADA Symposium: DHS Warns “Hacktavists” Are Focusing on Control Systems

The Department of Homeland Security recently warned:

“…that Anonymous hacktivists may cyberattack industrial control systems. In fact, the Department of Homeland Security and Idaho National Laboratory have engaged in mock hack-offs to wreak havoc and to highlight the vulnerabilities at factories, electrical plants and chemical facilities.”

Full story

It isn’t a surprise that attacks are increasing on industrial control systems. Claiming responsibility for knocking out an electricity company may seem cool, but I’m not sure how “cool” it would be when they realized they knocked out their own Internet and cable connection.

This brings up a great reason to attend our Ohio SCADA Security Symposium on November 1. Click here for details!

MSI Strategy & Tactics Talk Ep. 13: SCADA & Handling Threats In a Post-Stuxnet World


SCADA is becoming a hot property among security professionals who work with Industry Control Systems (ICS). During this discussion, our team tackles how to view threats and respond accordingly. Discussion questions include:

  • How can organizations get their heads wrapped around what it takes to secure a modern SCADA/Business environment hybrid?
  • What happened to the air gap approach that we hear so many SCADA history folks talk about? Why did that model break down? Why can’t we go back to it?
  • What happens to threats against SCADA/ICS as mobile integration, smart grid components and other disruptive technologies come online?
  • How can SCADA/ICS security teams engage with other security professionals and each other?

 
Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

MSI Announces The Ohio SCADA Security Symposium

The need for the latest information about SCADA/ICS is extended to Ohio businesses and utility companies and supports security for Ohio. We’d like to invite all Ohio SCADA/ICS professionals to attend this free event!

The Ohio SCADA Security Symposium, to be held on November 1, 2011 in Columbus, Ohio, is designed to serve as a level set for teams and organizations who are actively managing production SCADA and Industrial Control System (ICS) environments in Ohio.

A full one day session will include best practices advice, incident response, detection techniques and a current threat briefing focused on SCADA/ICS providers. Presenters will cover a variety of topics about what is working and what is not, in terms of information security, network protection and trust management.

Takeaways from this event will include peer networking, insights into emerging threats, action items for actively improving the availability, integrity and confidentiality of control systems, utility networks, manufacturing lines and other SCADA/ICS concerns.

Topics include: How the State Is Here to Help You, Physical Security, Assessment of SCADA/ICS Environments, Cyber Security, Honey Pots in SCADA/ICS Environments, and The FBI Viewpoint. Key participation will feature NiSource, American Electric Power, American Municipal Power, Greater Cincinnati Water Works, Ohio PUCO, the Department of Homeland Security, and the FBI.

The event runs from 8:30 AM to 6:00 PM. Registration opens at 8:00 AM and is free. Those who work with SCADA/ICS are invited to attend. RSVP’s can be sent to mmaguire@microsolved.com. Please include your contact information. Seating is limited and available ONLY to those individuals actively working in Ohio with SCADA/ICS components.

MSI looks forward to providing an excellent event that will help organizations secure their SCADA/ICS systems and discuss best practices and industry standards at the event!

Control Valuable Data By Using Maps

As the battle rages, attackers look for every angle they can leverage in order to access your data. Our team has spent countless hours discussing the importance of identifying what ‘valuable data’ means (it is NOT the same for everyone), learning where that data lives, and understanding how it is accessed. Data flow mapping provides a useful tool that helps illustrate how data moves through any given process or system. When approaching this project in the field, we often see how compartmentalized our business processes are as each person, department, and/or unit knows a little about the target system/process. But when we take an in depth look, rarely does anyone understand it thoroughly! While this philosophy presents a challenge to any organization, the payoff can be priceless- especially in the case of a breach!

These maps are not only helpful to a new employee; but can also explain the system/process to an auditor or regulatory authority in a fraction of the time, and more thoroughly than most employees can. Realizing how our data is handled is vital to the next stage in protecting the data as the battlefield continually changes!

We have to focus on wrapping better controls around our valuable data. Don’t be discouraged by the challenge ahead. Instead, embrace the opportunity to help change the way the world thinks about Information Security! Nothing worth doing is ever easy, and applying this strategy to your environment won’t be either. But as we repeat the process over each facet of our organizations we become more efficient. After all, practice makes perfect!

The graphic below is what the finished product looks like. Yours will look entirely different, no doubt! Don’t focus on this map or this process, but on the underlying principle instead. By combining this with a network map, trust map, and surface map, we can create a comprehensive mechanism to provide useful, accurate intelligence that is easily parsed and processed on demand.

Why a Data Flow Map Will Make Your Life Easier

It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust rela- tionships is where the effort pays off.

This information is useful in many ways

  • If Server A is compromised incident responders can quickly assess what other components may have been affected by reviewing its trust relationships
  • Having a clear depiction of component dependencies eases the re-architecture process allowing for faster, more efficient upgrades
  • Creating a physical map in accordance with data flow and trust relationships ensures that components are not forgotten
  • Categorizing system functions eases the enclaving process

Don’t know where to start? It’s usually easiest to map one business process at a time. This enables everyone to better understand the current environment and data operations. Once the maps are completed they must be updated peri- odically to reflect changes in the environment.

Click here to see an example of a Data Flow Map. The more you know, the better prepared you can be!

MSI Strategy & Tactics Talk Ep. 12: Managing Mobile Security Part II

“Enterprises are starting to move toward mobile device management services. This could be in-house or off-site. It allows remote provisioning and configuration. It really helps an organization with policy issues.”  – Adam Hostetler, Network Engineer and Security Analyst, MicroSolved, Inc.

Samsung Galaxy, Google Android, Apple iPad — mobile devices are a hot item and consumers are bringing them to their workplaces. We wrap up our discussion from Episode 9 on Mobile Security by discussing what you can do to choose your mobile devices wisely and create an action plan for your organization. Discussion questions include:

  • Does it matter which mobile device you use?
  • How can an organization create a plan that is focused on attack prevention?
Panelists:
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!