Home United States USA — software Risky Business: Preparedness Lessons Learned from the Florida Water Plant Hack

Risky Business: Preparedness Lessons Learned from the Florida Water Plant Hack

228
0
SHARE

We can all learn a lesson from the recent hack into a Florida water plant’s cyber infrastructure — namely, cybersecurity is a vital component of every business.
Join the DZone community and get the full member experience. You’d be hard-pressed to find someone in the IT security space who will argue against the importance of risk preparedness. Unfortunately, more often than not, people will talk-the-talk without walking the proverbial walk. It sounds smart: be ready for potential attacks before they happen. But we have a long way to go to put this sentiment into practice. Accidents are unplanned, and we’re never quite as prepared as we should be. The « that will never happen to us » attitude is rampant among the enterprise, especially when it comes to cybersecurity. Risk preparedness is something organizations need to start taking seriously, as seen by the recent Florida water plant hack, among others. If they don’t, the outcomes could be devastating. Imagine a stadium of sick Super Bowl attendees or worse. While the focus has been largely on protecting big businesses or federal entities with lots of valuable data, no one is truly safe from bad actors — not even local municipalities. In fact, these could be even more dangerous targets when you consider something as serious as compromising a community’s water supply or information theft. Whether a business, organization, or government entity, we should be auditing ourselves, assessing the risks, and adapting to new threats to prevent what could be far worse outcomes than what we saw in Florida a few weeks ago. So, how can we better prepare for attacks at any level? Here are several ways enterprise organizations, from big brands to local governments, can mitigate risks and take control of their security posture. Conventional knowledge and sports analogies tell us the best offense is a good defense, and the same can be said for cybersecurity. But the only way to tell if you have a good defense is to practice — over and over again in a multitude of different scenarios that may or may not occur during a game. From a federal level, the US government is focused on cybersecurity posture with foreign adversaries. We have red teams that attack and test the safety of our own systems.

Continue reading...