Cyberattacks remains an omnipresent threat that has brought some of the foremost organisations and their sophisticated datacentre infrastructures to their knees. According to recent report by Bloomberg, hackers have stolen data centre credentials from major corporations, publishing this information on the dark web.
By Hennie Colyn, direct sales executive: process automation at Schneider Electric
The report also found that the following information was stolen from these major corporation data centres: customer services, ticket management support, portals remote management services datacentre employee and customer email account credentials.
It’s a sinister, calculated operation that sees hacker groups monitoring certain accounts or streams of data for month. Once they pick up an anomaly, they will target the datacentre and penetrate its security infrastructure.
The results can be catastrophic, putting both organisations and their customers are risk. A comprised data centre can lead system downtime or even complete shutdown, financial loss and worst, private, sensitive information entering the public, dubious domain.
Data centres need to be fortified today and the best way to do so is taking a systematic, committed approach.
* Work with vendors that take cybersecurity seriously. When implementing products it’s important that organisations opt for vendor solutions that use cyber secure development processes and validation. At Schneider Electric, we follow cybersecurity best practices in our product development along the development lifecycle. From cybersecurity training for our engineers to meeting security regulatory requirements, from securing design reviews to using secure coding practices and implementing secure release management and deployment, and ultimately to incident response should a security breach occur.
* Look for vendors who partner with experts. Technology partnership forms a critical part of fighting cyberattacks. Ensure that your vendor partners work with who have best cybersecurity experts in the market for secure firewalls, servers, workstations and cloud services.
* Think about your legacy control system. Here we recommend working with a vendor that can provide consulting services regardless of the age, type or manufacturer and who can effectively address the full range of address cybersecurity assessments, workshops, remediation, and response to cyber security incidents.
Prioritise continuous threat detection
Continuous threat detection (CTD) software improves network resilience and overcomes the limitations of monitoring threats on location.
In essence, CTD creates a detailed inventory of industrial network assets, identifies misconfigurations, monitors traffic between assets, and finds anomalies that may indicate the presence of a malicious actor. Context rich alerts provide plant and security personnel with actionable insights for efficient investigation, response, and recovery.