
Define the Risks
Defend the Assets
Define the Risks
Defend the Assets
LeveL5Cyber’s repository of our posts that cover a wide range of relevant topics within the cybersecurity realm. Our team weighs in on evolving risks and the importance of outpacing threat actors as your business grows. Learn about current events that could impact your organization and how LeveL5Cyber’s team of experts can help to strengthen your cybersecurity posture with our customized solutions.
IT (Information Technology) and OT (Operational Technology) platforms continue to converge and present risks to environments that may not have been viable in the past. While we list just a few items of note below, understanding how nuanced differences impact the overall architecture to an organization is a key benefit when assessing, planning, and designing complex OT solutions.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future. Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
A Few Key Differences...
Got a handle on securing your factory or high-risk manufacturing area? As cyber-attacks continue, many organizations are taking steps to implement OT asset visibility solutions to better understand the assets in their factories. This is a foundational step to secure the environment.
However, visibility is only the beginning. While it is critical to have an up-to-date, automated asset inventory, that is often followed by a need to mitigate the risks and vulnerabilities you now know about.
Critical assets most often cannot be taken offline to patch or upgrade. With the “bad guys” still pivoting from corporate systems they’ve established a foothold on, it is a great time to introduce segmentation into the environment if it is not already there. Even with the most basic level of segmentation, there is some level of risk reduction and a foundation that can be built upon.
There are significant advantages to segmenting your OT environment and it doesn’t have to be overwhelming. Talk to one of our experts today and “exploit” our more than two decades of experience in this space.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
Securing your OT environment...
At LeveL5Cyber, we understand the importance of implementing security measures early in any business or technology process. “Shift Left” is a term used to describe the need to integrate cybersecurity mindset, standards and technologies as early as possible in the strategy and implementation cycle – or to the left, if looking at a timeline.
Complexity comes with converged risk across IT (Information Technology), OT (Operational Technology) and IoT (Internet of Things) systems. The earlier you identify the risk landscape and implement mitigation controls, the more mature business continuity and cyber resilience becomes.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
A Proactive Approach...
It’s no secret that the frequency and severity of cyber attacks are increasing. Trained, experienced professionals are crucial in combating modern threats and fortifying your organization’s defenses. As we approach the end of 2021, we are taking a look at a few of the workforce trends that have been reported over the last year.
1)As of November 2021, there are nearly 600,000 open Cybersecurity positions in the United States.
2) Cloud Security and Data Analysis are among the most important technical skills for Cybersecurity professionals to have.
3) Hands-on experience is critical in developing strong Cybersecurity skills.
The LeveL5Cyber team is a uniquely qualified group of experts with the knowledge and capability to help you find a “right-sized” solution for your company’s cybersecurity needs. Reach out to learn more!
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
2021 Trends and Conclusions...
Have you or your security team experienced any of the following in your OT (Operational Technology) environments? The LeveL5Cyber team has hands-on experience protecting critical infrastructure, sensitive data, and regulated industries. Reach out to learn more!
1. End of Support/Life
– Managing Vendor-Enforced Deadlines
– Managing Restricted Change Requirements
– Identifying and Addressing Misconfigurations
2. Acquisitions
– Prioritizing Business Transactions
– Identifying Security Gaps
– Surge Security Support
3. Joint Ventures
– Managing Access and Data
– Verifying Corporate Standards
– Protecting Crown Jewels
4. Flat Networks (Protecting Plant Assets)
– Prioritizing Highest Value Assets
– Implementing Firewalls
– Accelerating Plans and Execution
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
Security in your plant...
Change is a risk in #industrialoperations, but at least on the security side of things, rapid change is the order of the day when connecting an acquisition to a new owner’s infrastructures. Anthony Morrone and Marianne Swarter of LeveL5Cyber join us to look at issues and solutions for mergers, acquisitions and divestitures of industrial operations.
Listen now >> https://hubs.li/H0-w8nx0
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
rapid change is the order of the day...
Come see one of our industry veterans and Cyber Risk experts as he presents at the Secure Delaware cybersecurity workshop on October 28th!
Anthony Morrone will be presenting on “Building an Adaptable Security Strategy” followed by advice on applying that methodology to your Third-Party Risk Management (TPRM) strategy.
This hybrid event (in-person and live streamed) will take place in Wilmington, DE at the Chase Center on the Riverfront. If you haven’t already registered for the event, get registered now at the link below!
Members of the L5C team will also be in attendance and we look forward to seeing all of you that can make this exciting event!
https://digiknow.dti.delaware.gov/…/2021/secureDelaware/
#level5cyber #SecureDelaware #cybersecurity
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
Building an Adaptable Security Strategy...
With another slew of recent industrial control system (ICS) advisories released by Siemens and Schneider Electric last month, most organizations can not immediately apply the released patches. While patching is essential to reduce risk, it is one of the many mitigation efforts that can be applied.
For most, immediate patching of OT assets is not feasible. As a result, a layered defense is even more important, and starts with the OT architecture. As industrial IoT becomes increasingly prevalent, air gapping the OT network is no longer a realistic option in many cases. Network segmentation, if done properly, provides a stop gap measure to reduce risk while the organization takes the necessary steps to get patches before applying them.
Network design will vary by industry and organization, but there are best practices and frameworks that can be followed to prioritize safety and availability. Talk with one of our experts today to find out how our decades of experience can help reduce risk to your organization!
#networksegmentation #level5cyber #cybersecurity
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
Immediate patching of OT assets is not feasible...
Operational Technology (OT) is a prime target for Nation-States and cybercriminals given its criticality and potential for significant collateral damage. As a result, there are three core risk impact areas that are affected with IOT devices, further compounding the issues. These risk areas include:
Operational Disruption: Financial Impact
Operational Disruption: Physical Damage
Health and Safety: Employees and the Community at Large
Industry research is clear; Attacks on OT systems are increasing, the economic impacts too the company are growing, and the severity of the attacks are impacting the health and safety of employees and the communities they serve.
With the efficiencies that IoT brings and the introduction of leveraged vendor support for OT systems, the business value is here to stay. That means the risk landscape has become significantly more complex and security leaders must enable the business as a partner through the digital transformation age.
Three questions all business leaders should be asking:
• What is your organization’s confidence in its ability to respond to a malware attack on the OT network?
• Are you confident your firewall policies can prevent the spread of malware to your OT network?
• Do you have an inventory of third-party vendors with remote access to your OT networks?
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
OT Cyber Risk, Operational Efficiencies, Business Continuity...
When developing a security strategy, understanding threats, capabilities, controls and risks are all critical to a successful plan. A leader may choose from many standards to help them on this journey; but where do they begin? A mature, industry-accepted framework is a good place to start, and the NIST Cybersecurity Framework (CSF) meets those requirements. The good news is that many of the standards bodies are cross referenced, so mapping to another standard is possible. The NIST CSF standard provides a seven-step process which addresses: defining the scope, control maturity, assessing risks and developing a plan of actions. Keep in mind that defining the right scope is integral to successful and meaningful results. If this is the first time executing a NIST CSF, start small and meaningful, possibly with a finance system or company website. Far too often, security leaders are pressured into expansive scopes for their first alignment efforts, which tends to lead to unexpected hurdles.
Now that you have aligned on a framework, the next step is to determine what standard will be used to assess your environment. For example, if assessing Operational Technology (OT), ISA/IEC 62443 is an appropriate standard, whereas NIST SP 800-53 is suited for Information Technology (IT) environments. Each standard can be situationally applied to the environment being assessed. This step can be the most challenging for beginners, especially if this is a self-assessment. This step requires scheduling time with the various subject matter experts and the ability to properly interview the experts. Be honest when assessing a control, if it is “in the works,” this is not fully deployed in the scope of systems. Once completed, the security plan can be leveraged in other assessments.
Once the maturity of the controls is understood, how do you determine what to work on? To answer this, there needs to be a clear understanding of the risks facing the company and scope of systems assessed. This is the risk assessment step of the NIST CSF process, where the threats are analyzed for likelihood, probability, and impact. For example, the threats of a standalone scheduling application are different from an online banking application. As such, the risks and compensating controls are also different. Like the previous step, there are multiple standards and methods of performing a risk assessment. NIST SP 800-30 is one risk assessment methodology and Factor Analysis of Information Risk (FAIR) is another. FAIR has the benefit of communicating risk in financial terms and NIST SP 800-30 provides a straightforward process to quantify risk. Alternatively, adding financial impact to NIST SP 800-30 achieves both. Once the risks are assessed, there will be a clear picture of what threats may need to be addressed in adherence to the risk tolerance of the company. This list is the Plan of Actions and Milestones, or POAM. POAMs are a great way to formally track the aspects of correcting cybersecurity related issues, so that different levels of interested stakeholders can understand that there is a plan with identified actions to take and milestones with which to measure the progress.
Having a solid assessment framework, effective control standards, and a risk assessment methodology are all required to effectively develop a defensible security strategy. There are many other uses for these tools. A new security leader could use these methods to understand the capabilities of their new team, whereas a seasoned CISO may use the framework to objectively measure the progress towards execution of an existing strategy. It is also common for CISOs to use the framework to communicate cyber maturity to their Board of Directors. Taking the results of the assessment alone can be enlightening, but when compared to peers or other companies in the same vertical, they can be very useful for selling a message.
How else can your identified and selected frameworks and assessment methodologies be used to advance a security organization? The organizationally adopted frameworks and methodologies can be used in concert with other referenceable works, such as the MITRE ATT&CK framework, to better understand the ability of specific attacks. Additionally, they can be used to potentially answer the questions around ransomware readiness or even the development of a data protection strategy. Overall, these powerful enablers can assist the security leader in many different aspects of the organization and other lines of business.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
A mature, industry-accepted framework is a good place to start...
The bottom line in business is change, and with that change comes new risks. One of the greatest catalysts of change are mergers and acquisitions. In one day, a company can double the number of users, computers, vendors, applications, and sites. The often-overlooked change is to a company’s threat landscape. While this sound daunting, mergers, acquisitions, divestitures and joint ventures are a critical part of many companies’ business strategies. There are several drivers to engage in portfolio changes, such as pressures from shareholders, changes in business strategies and the global market.
It is important to keep in mind that all portfolio changes present risks to each company. The unique threats introduced by a merger or acquisition, a divestiture, or a joint venture are all significant and impact a company’s threat landscape.
So, let us look at some of the challenges introduced by such activities. Not fully understanding the risk introduced with a new IT ecosystem post-merger/acquisition can lead to increased risk of malware attacks like ransomware, business email compromise and other cyber-attacks. One risk area often overlooked is Data Loss. Change can be stressful to employees and may lead to intentional and accidental data loss. Not to mention, acquisitions often include intellectual property (IP), which may have driven a premium in the cost. Misunderstanding and not addressing the risks to the IP could lead to significant and rapid loss of value in the acquisition. A comprehensive understanding what IP exists and the controls in place are critical to a successful acquisition. One of the common understated risks of acquisitions is the potential for technical debt in the acquired company. An early and extensive understanding of the IT landscape will allow for appropriate funding and staffing expectations to mitigate the risk of unmanageable systems. If all this was not enough, mergers and acquisitions often come with an expectation to shareholders that significant cost savings and synergies can be achieved. This can drive an acceptance of risk which could have been avoided.
LeveL5Cyber’s M&A Security Guidance and Risk assessment process provides security oversight throughout the acquisition lifecycle. This is accomplished through early engagement at the Valuation Analysis stage to understand the security profile of the company being acquired. The next phase of the assessment begins at Due Diligence, where an interview process is used to validate the security posture and gain deeper insight into potential synergy opportunities or technical debt issues. L5C will use these details to assist the acquirer in developing the Integration Strategy and potential cost to achieve the desired security posture. Once the deal is closed, L5C can perform a deeper interview and tool-based assessment to provide a comprehensive security risk assessment to further support the integration strategy. Our team’s experience with developing standardized architectures and controls used to support portfolio changes can be leveraged, resulting in a cost savings, improved efficiencies and potential reduction in resources and transition service agreements.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
MADJV, a critical part of many companies’ business strategies...
What are some of the potential risks an enterprise takes on if it neglects to include cybersecurity in its MADJV vetting process? A rushed or limited cybersecurity vetting process may miss exposures and can lead to increased risk of malware attacks, intellectual property (IP) loss, business email compromise, critical data loss, and unforeseen costs.
• Is your organization aware of undisclosed prior data breaches?
• Is your organization aware of the inherited third-party relationships with service level expectations, customer privacy agreements and regulatory compliance requirements?
• Does your organization understand the differing technical capabilities between organizations which could lead to unexpected integration costs, increased support costs, or weak spots in the cybersecurity protection capabilities?
When a company embarks on a portfolio transition, cybersecurity risks must be considered. The LeveL5Cyber MADJV security guidance and risk assessment process provides security oversight throughout the lifecycle. We have a team of cyber experts from Fortune 500 companies and real-world critical manufacturing operations (chemical, manufacturing, and aerospace) ready to leverage their years of experience in a right-sized, results-driven model.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
How can cybersecurity risks threaten industry deals?...
Companies of all sizes use third-party vendors. These relationships can bring a host of benefits to an organization, but they also raise concerns, especially around data, risk, and security. Attacks originating from insecure third parties heighten security concerns, yet most companies fail to address this source of vulnerability.
What are some of the challenges that organizations face?
1. Data silos: Many corporate teams believe that Third-Party Risk Management and data security is the responsibility of the Information Security organization alone. Vendor risk impacts several functions across the organization, from procurement and legal to finance and executive management. With lingering data silos, it can be difficult to make progress towards a long-term Third-Party Risk Management strategy.
2. Shadow IT: Unknown vendors introduce multiple risks.
3. One size does not fit all when it comes to risk assessments. Assessments need to be scalable to meet varying degrees of risk.
4. Time management to sustain it: Addressing future risks takes less time and fewer resources.
5. On-going monitoring: Utilize continuous monitoring to assess third parties beyond point-in-time assessments.
During a time when third-party risks are at an increased level due to risk of exposure or loss resulting from a cyberattack, security breach, or other security incidents, having a well-planned Third-Party Risk Management program in place is crucial. Corporate leaders need to adopt new approaches to managing vendor risk in response to growing business, information security concerns, and new regulatory frameworks for managing risks related to third-party business relationships. A strong Third-Party Risk Management program should include a governance framework, a vendor selection and inventory process, due diligence and continued oversight, a vendor risk assessment and ongoing vendor monitoring.
Building these essential steps into your program can contribute significantly toward mitigating a cyberattack, security breach, or other security incidents associated with outsourcing tasks and services. It can also save thousands of dollars in fines and penalties.
The LeveL5Cyber team has 116+ years of hands-on experience in Fortune 500 companies (including DuPont and Lockheed Martin), the military, complex manufacturing environments and more. We bring to your business the expertise to identify gaps in your data protection strategy and help create a roadmap to a more secure future.
Connect with the LeveL5Cyber team and learn how we can tailor an assessment program specific to the business needs of your company.
Let’s give Third-Party Risk Management the attention it deserves....
LeveL5Cyber was forged by a group of experienced leaders highly skilled in the protection of critical infrastructure, sensitive data, regulated environments, and the many organizations that are at the very heart of keeping our nation running. With decades of hands-on experience, LeveL5Cyber is committed to providing the highest caliber cyber consulting services that were built with people, processes, and solutions in mind.