Protect Your Port: Using Segmentation to Keep Cyber Attackers at Bay

Protect Your Port: Using Segmentation to Keep Cyber Attackers at Bay

What do the city of Atlanta, the Port of Barcelona, Spain and the Port of San Diego have in common? They all have been victims of ransomware attacks this year.

What do the city of Atlanta, the Port of Barcelona, Spain and the Port of San Diego have in common? They all have been victims of ransomware attacks this year. Critical infrastructure was held captive, creating a public inconvenience for residents trying to access to park permits, public records and other online services.

There will certainly other names added to this list, and soon. Why? Because ports and city governments are an economic gateway, providing critical services that when brought to a halt, result in significant lost dollars. This gives attackers leverage, knowing that these entities cannot afford extensive downtime.

Why Ports and Why Now?

Traditionally, local and federal governments have a history of poorly maintained cyber infrastructure, creating an obvious opportunity for exploitation. This is not due to any fault of their own, but rather to the fact that these entities provide a conglomeration of services, with information shared back and forth, and no central cyber strategy or individual in charge. They are essentially huge extranet services platforms, with data exchanges, application exchanges and interdependencies that funnel all the way down to local residents and consumers.

These dependencies, particularly on external vendors, create additional vulnerabilities as attackers can target those entry points to make their way to the port or government organization itself. The Target breach in 2013 is proof of how attackers can work their way into an organization’s network by compromising a third-party vendor. The scary truth is that it only takes one vulnerable point of entry for malicious actors to work their up the food chain and reach a port’s critical infrastructure.

Traditional Security Approaches Aren’t Enough

Many organizations falsely believe they are immune to ransomware and other cyber threats because they haven’t been a target, yet. Plus, traditional intrusion detection and patch management solutions give ports a false sense of security. These approaches do not provide a sufficient layer of protection on their own, as they are unable to effectively be applied to the multiple vendors — and endless consumers — doing business with the port. After all, a port has zero visibility into what cybersecurity methods are being used by local city residents, or even major shipping lines. When you don’t have a true view of all of the components that may potentially host malware, this creates blind spots for detection-based products, ultimately degrading the effectiveness.

Don’t Trust What You Can’t Control

Our hyper-connected way of doing business today makes it increasingly difficult to trust anyone or anything. If you accept the fact that most of networks will eventually get hacked, due to the increased connectedness and complexity of business operations, embracing Zero Trust is a great way to limit the damage.

Zero Trust, which originated out of Forrester Research nearly a decade ago, believes that organizations should not assume that anything inside or outside their network perimeter can be trusted. While it would be ideal for ports and government organization to restrict the exchange of information with parties, computers or networks that they don’t control, it’s would make doing business nearly impossible.

Zero Trust cannot be proactively applied everywhere, including for front-end systems used to power many business exchanges. However, for your most critical information, which you cannot afford to lose and over which you have 100 percent of control, you can add a much-needed layer of protection.

Maybe it is only applicable for a quarter of your business, but you start there — walling off critical systems from any systems that don’t meet those two criteria. Embracing Zero Trust where you can and making sure that critical pieces of your business that have no reason to be visible to the rest of the world are not connected to even the most secure perimeter is a must to keep cyber threats at bay.

The Critical Role of Segmentation

Segmentation is a must-have element to a Zero Trust approach, limiting the risk that comes with access and limiting access to the portions of information you can control. When embarking upon Zero Trust, shifting to a network segmentation philosophy has the quickest impact and the highest payoff, allowing you to protect systems in which security wasn’t traditionally a requirement.

When done right, segmentation shouldn’t impact productivity in order to enhance security. Neither should take a hit. Your systems should be protected without impacting day-to-day operations. Your employees, vendors and consumers should still have secure connectivity and access to desired information wherever and wherever it’s needed. Plus, segmentation should give you the peace of mind that your most critical infrastructure is secure without requiring network configuration changes, significant IT management oversight or dependence on external network infrastructure. Translation – it shouldn’t require heavy lifting or hard work.

Maintaining the integrity of your infrastructure is imperative to the livelihood of your business, your community and our economy. Minimizing the very real and advanced threats to critical systems, as well preventing the downtime of those systems, has to be a top priority. By taking advantage of segmentation, you can trust that you are taking critical steps needed to protect your infrastructure today from the looming threats of tomorrow — and help you stay off the growing list of ports weren’t as well prepared.

Featured

  • Allegion, Comfort Technologies Implement Mobile Credentials at the Artisan Apartment Homes in Florida

    Artisan Apartment Homes, a luxury apartment complex in Dunedin, Florida, recently transitioned from mechanical keys to electronic locks and centralized system software with support from Allegion US, a leading provider of security solutions, technology and services, and Florida-based Comfort Technologies, which specializes in deploying multifamily access control, IoT devices and software management solutions. Read Now

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.