For instance, the use of AI-driven cyber threat intelligence data platforms can help these organizations to pinpoint Indicators of Compromise within the emerging global threat landscape. Sources of threat intelligence include:

    • internet backbone services
    • closed and open-source threat intelligence feeds
    • intelligence platform customers and partners including Europol, the European Union’s law enforcement agency, and other Computer Emergency Response Teams (CERTs)
    • the entire global threat landscape including malware, phishing, ransomware, and Advanced Persistent Threats.
    • the Application Programming Interfaces (APIs) developer community
    • Security Information and Event Management; Security Orchestration, Automation and Response; and Endpoint Detection and Response communities.

Our experience working with our clients in the manufacturing industry has helped us recognize:

    • many industrial systems are legacy technologies that were not designed with security in mind
    • retrofitting security measures into these systems can be difficult
    • the gap between IT and Operational Technology (OT) teams will therefore need to be bridged
    • to do so, manufacturing firms will need to evaluate their security posture with full transparency and understand and define the operational risks at stake
    • one of the most basic security issues found when tracing back successful breaches is, once attackers had compromised an entry point, they could move fairly easy within the network. So, while the outside perimeter proved to be resilient, there was virtually no control that could restrict on what is known as “lateral movement” within the victims’ network.
    • a possible solution is for manufacturing firms to extend their security programs through the separation and secure management of IT and OT networks. This approach helps enhance cybersecurity by minimizing the potential for cyber threats that could impact critical operational systems.