OTORIO, the provider of next-generation OT digital and cybersecurity risk management solutions, announced today a new initiative designed to raise awareness for better cyber-risk management in the pulp and paper industry and help industrial companies navigate through the rough, uncharted waters of the COVID-19 crisis.
Cyber-criminals are known for taking advantage of large-scale disasters that influence online behavior trends. Currently, threat actors are stepping up their attacks on the computer networks and systems of individuals, businesses, and global organizations and are exploiting the global shift of focus on the health crisis. Although these same risks existed in the pre-COVID-19 world, they are amplified dramatically as remote connection solutions for OT will be used much more significantly to overcome lockdown, supply chain difficulties and social distancing, enabling access through various endpoints and building even more bridges between unsegmented IT and OT networks.
The pulp and paper industry has a long and unique supply chain that can be compromised at different stages, from the logging process to wood processing, refinery, and distribution and for some chemical processing and energy production.
Navigating through uncharted waters of the COVID-19 crisis
Designed to help organizations find out if they are at risk, OTORIO will provide security teams with an initial non-intrusive assessment of the organization’s security posture. This will include a snapshot of leaked passwords, internet-facing services provided by the company, IP addresses connected to the company prioritized by the ease of discovery, ease of exploitation and more. The information gathered will be presented to the companies in a special report, aimed at helping them craft better security policies.
OTORIO was Co-founded by Brig. Gen. (res.) Daniel Bren, the founder of the Israeli Military’s first cyber defense division, and its first commander - and Yair Attar, formerly the IDF’s chief threat hunter. OTORIO’s comprehensive offering addresses the different stages and challenges an industrial company faces when embarking on digital transformation.
Daniel Bren, OTORIO'S co-founder and CEO commented: "This unforeseen reality imposes new challenges for cybersecurity teams who are now dealing with distributed users who are utilizing private and public communication infrastructures for their daily work, instead of the central, controlled ones of their businesses".
Yoav Flint Rosenfeld, Head of Professional Services at OTORIO said: “Ever since the COVID-19 outbreak, security teams often find themselves short-staffed while having to cope with risks and focus their resources on mitigating them before hackers can exploit them”.
OTORIO’s unique technology and service offerings for digital and cyber risk management, enable industrial organizations to achieve reliable, safe, and efficient digital production. OTORIO’s professional cybersecurity experts bring years of experience in penetration testing, red team operations, threat intelligence, incident response, and more.
Risk-Management by Design
Digital and cyber breaches are typically caused by a lack of awareness, low-level monitoring, and unsafe design. They can be prevented by conducting periodic security assessments and penetration tests, along with threat intelligence collection and analysis.
Here are some risk-management steps:
· Monitor your digital footprint and map your exposure: Perform periodic scans to discover what information about your digital assets was exposed, or was leaked to an external location, and understand what an attacker can do with it. You can then
· create and implement a mitigation plan to manage your risks and increase your security posture.
· Apply Threat Intelligence: Learn which adversarial groups threaten your organization, collect information about their tactics, techniques and procedures (TTPs), and monitor their activity.
· Preparedness: Design your OT networks so that critical assets will be highly protected, minimizing both the probability and the potential severity of a cyber-attack.
· Proactive intervention: Be ready to handle an incident by training your security teams, developing clear security protocols, and having a professional incident response team (IRT) on-call.