The storing and processing of data sets that contain personally identifiable information (PII) is increasingly regulated and is subject to onerous notification requirements when data breaches occur. Such data includes health information, financial data and legal records. When your business stores or processes this information and when it can be linked to a particular person, you are automatically subject to the applicable regulations.
Industrial enterprises such as electric utilities, petroleum companies, and manufacturing organizations invest heavily in industrial control systems (ICS) to efficiently, reliably, and safely operate industrial processes. Without this technology operating the plant floor, these businesses cannot exist.
Board members, executives, and security officers are often unaware that the technology operating the economic engine of their enterprise invites undetected subversion.
In this paper, FireEye iSIGHT Intelligence prepares risk executives and security practitioners to knowledgeably discuss six core weaknesses an adversary can use to undermine a plant's operation:
- Unauthenticated protocols
- Outdated hardware
- Weak user authentication
- Weak file integrity checks
- Vulnerable Windows operating systems
- Undocumented third-party relationships
Download the report to learn more. To discuss these six subversive vulnerabilities threatening today’s industrial environments, register for our live webinar scheduled for Tuesday, April 25 at 11:00am ET/8:00am PT. Explore the implications and how to address them firsthand with our ICS intelligence experts.
This article is the third in a series that discusses data breach threats and possible solutions. The first two articles, “What You Need to Know,” and “Threats and Consequences,” make it clear that businesses need to take action to reduce data breach risks. The current article presents encryption as a possible solution but details what type of encryption is needed to effectively address data breach issues.