KnowBe4 Webinar: A Former CIA Cyber Threat Analyst Shows You How to Make Your Organization a Hard Target

In this exclusive webinar, we find out why Rosa L. Smothers, a former threat analyst at CIA’s Center for Cyber Intelligence and the Counterterrorism Mission Center and now KnowBe4’s SVP of Cyber Operations, encourages organizations like yours to maintain a healthy sense of paranoia. She and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer, walk you through the murky underworld of threats and exploits that your organization can’t afford to ignore.

To watch the webinar click on this button

KnowBe4

KnowBe4 is the world’s most largest and popular integrated Security Awareness Training combined with Simulated Phishing attack platform, utilizing social engineering methods and strategies to conduct training. Founded in 2010, a US company located in Tama Bay, Florida with over 19,000 customers base across different sectors globally. Managing by CEO & employees of ex-antivirus experts and IT security Pros. KnowBe4 has been a winner of two consecutives Inc. 500 awards.

Contact TeleScience to learn more

RAD Webinar: New IoT Paradigms Revolutionize the ICS Market

Meet LPWAN, LoRa, MQTT, and Cloud/Edge Computing –
The IoT revolution enables automation and monitoring of sensors and systems like never before – not only at a larger scale, but also with a much wider geographical coverage. It affects the traditional utilities and industry verticals by enabling new and advanced applications, just as new domains such as agriculture, laundromats, parking, etc., are embracing its powerful capabilities. The allure of application agility, intuitive HMI and analytics is irresistible, posing a serious gap for traditional PLCs/RTUs.

In this webinar, we’ll review the technological advancements and open standards that are changing supply chains and reducing costs and time to market (TTM). Join us as we examine how modern IT paradigms such as cloud, MQTT and Edge Computing can be used to augment legacy systems to bring tangible value to CxOs in a variety of organizations.

To watch the webinar click on this button

About RAD

RAD is a global telecom access solutions and products vendor, enabling service providers and network operators to evolve any service over any network. By allowing mobile, business and wholesale service providers to decouple service evolution from network evolution, we assist them in migrating at a pace that is right for them. They can leverage existing resources and prolong the use of a large variety of their current legacy interfaces and equipment, as well as maintain network and service performance to guarantee user experience. In addition to providing an economical migration path to network edge virtualization, our Service Assured Access solutions are designed to deliver complete visibility for greater operational efficiency, as well as timing synchronization for LTE/LTE-A and future 5G deployments.

Founded in 1981, RAD has an installed base of more than 16 million units, and works closely with Tier 1 operators and service providers around the globe. RAD is a member of the $1.3 billion RAD Group of companies, a world leader in communications solutions.

Microchip: Protect Your Critical Infrastructure from GNSS Spoofing and Jamming

While the use of GNSS based time has become more vital for critical infrastructure operations, the security of the GNSS signal itself has become increasingly vulnerable to a wide range of jamming and spoofing threats, both intentional and unintentional. Given the inherently fragile nature of the GNSS signal, an important way in which reception of the GNSS signal can be guarded is through better visibility of the GNSS signal characteristics in real-time.

Security hardening of a GNSS system is a continual process due to the constant emergence of new threats. Like network security vulnerabilities, new GNSS vulnerabilities are on the rise and “GNSS signal visibility” is a vital capability for helping to determine the root cause of a GNSS vulnerability, especially before a minor disruption becomes a more serious outage.

Security has become the most important requirement for critical infrastructure operations. Any device connected to critical infrastructure can become a target for exploitation and needs to be as secure as possible.

Security hardening of a GNSS system is a continual process due to the constant emergence of new threats. Like network security vulnerabilities, new GNSS vulnerabilities are on the rise and “GNSS signal visibility” is a vital capability for helping to determine the root cause of a GNSS vulnerability, especially before a minor disruption becomes a more serious outage.

When a GNSS vulnerability is detected, BlueSky Performance Monitoring provides surveillance of GNSS reception quality and enables critical infrastructure operators to identify if the problem is specific to a location or affecting a larger geographical area. Further, having visibility of key performance metrics enables the operator to take quick and cost-effective action. Dispatching network operations personnel to a roof-top on a high rise building to unnecessarily check on a GNSS antenna is expensive. “GNSS visibility” using BlueSky Performance Monitoring prevents these costly mistakes.

Contact TeleScience to learn more

Ready Or Not, Here Comes 5G

Why it’s better for utilities to embrace and not eschew 5G

While the rise of technology has permeated almost every corner of culture, commerce and society, some areas – by their very nature – have proved more resistant to change. And for good reason. Take utility companies, for example. As part of the critical infrastructure (CI) market, it makes complete sense for them to hold back from adopting the latest, smoothest, shiniest and, often, unproven, untested technology. To quote poet Alexander Pope, “Fools rush in where angels fear to tread”.

What’s more, much are entering, or are in the middle of upgrading their OT networks, upgrading to modern packet systems from their old SDH and SONET systems. So no sooner has this cycle come to an end (and no doubt it was a bruising experience for some), the industry has hardly paused for breath before it’s started talking about the next cycle of change – 5G.

So it’s understandable why introducing 5G into the industry might chill the spine of any utility company. Utility companies – be they electricity, gas, water or sewage – have, between them, a very unique set of pressures, challenges and responsibilities that few other sectors have to endure. For example:

  • There’s no room for unreliability or uncertainty in critical infrastructure. It’s a case of ‘better the devil you know’. Upgrading ageing infrastructure, or migrating to new systems adds complexity and increases the risk of outages and downtime, which in turn could affect service supply. 5G is essentially untested, and therefore unproven.
  • Higher powers (aka industry regulators or government) heap a lot of rules and regulations on utility companies. And this is only set to increase as technological change occurs elsewhere, and trends such as the ‘energy cloud’ start to affect CI providers.
  • If it ain’t broke, why fix it? Utility companies have been operating the same business models for decades. These may continue to work fine in the short term, but it won’t be long before these become inefficient and uncompetitive – especially as many vendors’ tech road maps are driven by the service provider market. And 5G looks to be playing a big part in the future of that market.
  • Security – Utilities will become more vulnerable because there will be many more points of entry to the system due to smart metering and mobility. Add in threats from hackers, disgruntled employees and the like, and it’s easy to see why addressing security in this 5G-enabled world will be hugely challenging for any utility company.

Introducing 5G technology into the mix will surely make things infinitely tougher for utilities, so is it any wonder they want to make sure that any technology they adopt is fit for-purpose, field-tested, and battle-hardened, before they consider adopting it?

So what will 5G do for utility companies?

To appreciate the full benefits that 5G could bring to utilities does require a bit of context, so the simple answer to the question is that 5G will help utilities in two fundamental ways.

Firstly, it will help create a hyper-efficient, reliable, scalable, controllable and secure network that supports better internal processes and feedback. How? By replacing numerous different technologies (UHF, VHF and wireless systems connecting meters to aggregation and data centres, and 3G and LTE to sensors demand-response centres and SCADA servers) with 5G only.

Secondly, 5G will open up all sorts of opportunities and revenue streams for utilities that invest in laying their own fiber. How? By enabling them to sell on their spare capacity to wholesalers, service providers, network operators or others who might need it – such as civic authorities keen to make their cities smart.

So there you have it. Utilities are facing change from industry regulators keen to run a tight industry ship, governments keen to move to high-performing, multi-directional networks, and technology vendors keen to map their products and solutions to the needs of the service provider market.

How will you react?

In reality, most utility companies can only react to, and implement, directives the best way they can. However, you do have considerable control over how you respond to external change. So will you not just embrace 5G, but use it to shape and influence the direction of your business?

Contact TeleScience to learn more

Graylog + Ixia: Find Threats Faster with Combined Log and Flow Data

Today’s cyber threats come in many forms and from many sources and finding them requires data from multiple sources. Graylog and Ixia have teamed to offer a joint solution combining the benefits of log and flow data analysis into an integrated solution. Graylog has long been a leader in log management and analysis, expert at overcoming challenges of collecting, managing, and searching through logs at scale. Ixia adds powerful network visibility solution adds rich contextual flow data through network-wide data collection, deep packet inspection (DPI), and metadata generation.

Logs vs. Flows

IT and Security Operations (SecOps) practitioners rely on collecting log data to alert on the status of infrastructure and applications. Analyzing logs is a common technique for security, compliance, information technology (IT) and development operations (DevOps) use cases, and emitting logs proves a relatively common and simple task.

But as useful as they are, logs come with limitations. The sheer volume and variability of formats makes the task of collecting, storing, and searching logs on an enterprise-wide basis a daunting task. Alert overload is also common as having too many events to review leads to important issues getting lost amidst background noise. Lastly, while logs are good at alerting — for example, event “A” occurred on resource “X” — they aren’t well suited to providing context. For example, what was the surrounding impact of event A?

Flow-based metadata on the other hand can be a rich source of context showing which users are talking to which devices, where they are located, which applications they are using, and whether observed behavior is anomalous compared to baseline data. But to complicate matters, flow and logs have typically been collected into separate tools, making it hard to correlate data and make use of their respective strengths.

Graylog + Ixia: The Best of Both Worlds

Graylog ingests both log and flow data sources, indexing them into a single searchable data store so that all metrics can be searched and correlated in an efficient manner. Graylog also supports ingestion, indexing, and searching of Ixia’s enhanced IPFIX flow data called IxFlow.

Generated by Ixia’s Vision network packet brokers (NPBs), IxFlow includes standard IPFIX fields such as top talkers, as well as additional enriched metadata fields such as geolocation, threat categories, browser type, encryption ciphers, and other data obtained using Ixia’s deep packet inspection (DPI) techniques. This new data source can be searched and correlated along with information collected via logs in Graylog’s common data management and analysis store.

Graylog’s correlation engine helps identify anomalies and flag issues for investigation. Log data enrichment combines with Ixia’s enhanced flow metadata to deliver richer insights for faster troubleshooting of performance and security issues.

The result: reduced investigation time and in-depth insights that could not be achieved using a single data source.

Sample Use Cases

Integrated Graylog-Ixia solutions offer richer insight to speed investigations.

For example, authentication logs are effective at telling administrators that users have logged into an IT system and, when correlated with DHCP logs, help determine the IP address associated with that specific user. Combining log data with Ixia’s IxFlow shows who the user was talking to, in what geography they reside, which applications they’re running, and whether a communication was sent to known bad actors.

Similarly, endpoint logs do a good job of assessing the vulnerability of a particular system but aren’t as useful in judging the broader impact. By analyzing this information along with flow data from Ixia, Graylog makes it easy to see who the vulnerable host is talking to, and whether the number or location of peers is unusual.

Joint Solution Benefits

Together, Graylog and Ixia deliver a comprehensive, efficient solution for collection, search, and analysis of both log and flow data, resulting in quicker and more complete threat investigations and performance troubleshooting. Benefit include:

  • Alerts and contextual benefits of both types of data sources in a single solution
  • Cost-effective business model avoids having to pick and choose which data to
    collect and analyze
  • Avoids parallel data collection and management systems and the challenges of
    correlating flow and log sources across them
  • Reduced alert noise narrows down relevant events to investigate
  • More efficient workflow in IT, security, compliance and DevOps troubleshooting
  • Reduced investigation time and faster root cause analysis
  • Simplified conversion of network wire data to rich detailed metadata

About Graylog

Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. We deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Thousands of IT professionals rely on Graylog’s scalability, comprehensive access to complete data, and exceptional user experience to solve security, compliance, operational, and DevOps issues every day. Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can quickly and easily find meaning in data and take action faster.

Contact TeleScience to learn more

IXIA: Why are Taps Critical to Network Visibility and Security?

Taps Passively Access and Monitor Network Data

IT managers have a nearly impossible job. They must understand, manage, and secure the network all the time against all problems. Anything less than a 100 percent working network is a failure. As the network grows larger, visibility becomes harder as blind spots creep into the network. These blind spots, or the inability to completely see what is happening on the network, can compromise network quality. Taps provide an unobtrusive way to capture network monitoring data and begin the process of removing blind spots.

Taps are used to help IT groups easily and passively monitor all network data. They are normally placed between any two network devices, including switches, routers, and firewalls. Taps provide continuous, non disruptive access to the network data you need to monitor performance and troubleshoot problems. Taps are easily deployed, without the need to disrupt live network traffic. Any monitoring device connected to a tap receives all inline traffic. The tap duplicates all traffic on the link and forwards it to the monitoring tools. Taps do not introduce delay, or alter the content or structure of the data. They also “fail open,” meaning traffic continues to flow between network devices in the event a monitoring tool is removed or power is lost.

Taps vs. SPAN Ports

Taps offer significant advantages over the use of switch port analyzer (SPAN) ports to monitor the network. SPAN ports require an engineer to configure the switch or switches. Switches also eliminate corrupt packets or packets that are below a minimum size. In addition, switches may drop Layer 1 and select Layer 2 errors, depending on what has been deemed as high priority. This means SPAN ports do not get all the traffic. On the other hand, a tap passes all data on a link. Taps capture everything needed to properly troubleshoot common physical-layer problems. This includes bad frames that can be caused by a faulty network interface card (NIC).

Real-Time Accessibility

Taps pass through full duplex traffic at line-rate non-blocking speeds. Low-end switch SPAN ports can introduce delay while packets are copied to them. Data being aggregated from lower-speed ports to a higher-speed port can also introduce signal delay. Furthermore, a SPAN port needs 200Mb of capacity to capture all the data from speed SPAN port is needed to get all the data from a lower-speed link, which is not an efficient solution.

Common networking practice is to SPAN virtual local area networks (VLANs) across gigabit ports. In addition to requiring more ports than may be available in one switch, it is often difficult to “combine” or match packets to a particular originating link. So while spanning a VLAN is an accepted way to get an overall feel for network issues, pinpointing the source of actual problems becomes difficult. Some switches have problems processing normal network traffic, depending on loads. With SPAN, the switch also needs to determine what traffic gets sent to monitoring tools. This extra processing may introduce performance issues. Taps provide permanent, passive, zero delay alternatives.

Advantage: Taps

The use of taps optimizes both network and personnel resources. Monitoring devices can be easily added when and where they are needed. No extra cables are needed to monitor traffic or reconfigure switches. The example to the right illustrates a typical tap deployment for one monitoring device. A tap that includes two monitoring ports means the network and security teams do not share the one SPAN port. They get all the data they need.

Ixia’s Tap Family

Ixia’s comprehensive tap portfolio is the foundation of our integrated IxVision Visibility Architecture. Our taps pass all network traffic, including Layer 1 and 2 errors, without introducing bottlenecks or points of failure. Regardless of interface or location in the network, Ixia provides a tap solution, supporting copper, or multi mode and single mode fiber at speeds up to 100Gbps with media conversion models available.

ABOUT KEYSIGHT TECHNOLOGIES

Keysight Technologies, Inc. (NYSE: KEYS) is a leading technology company that helps enterprises, service providers, and governments accelerate innovation to connect and secure the world. Keysight’s solutions optimize networks and bring electronic products to market faster and at a lower cost with offerings from design simulation, to prototype validation, to manufacturing test, to optimization in networks and cloud environments. Customers span the worldwide communications ecosystem, aerospace and defense, automotive, energy, semiconductor and general electronics end markets. Keysight generated revenues of $3.2B in fiscal year 2017. In April 2017, Keysight acquired Ixia, a leader in network test, visibility, and security.

Contact TeleScience to learn more

Fortinet and RAD Security Solution

The IoT revolution in businesses goes hand-in-hand with digital transformation. The complexity of networks and infrastructure has never been higher with far-reaching implications for securing safety and production of highly valued assets in Operational Technology (OT) environments. Recent years have brought security to the forefront, especially in the industrial and critical infrastructure sectors.

The top three major challenges IoT brings to security can be summarized as follows:

  • Cyber Security Threats – unreliable networks are exposed to malicious attacks. Multiply this by the countless devices that are already – or about to be – deployed and the results can be catastrophic.
  • Operational Complexity – installing, configuring, maintaining and replacing thousands of edge devices require careful planning, organization, and the right tools and capabilities to avoid costly mistakes and lengthy delays.
  • Data Usability – thousands, and even millions of IoT devices in the field can process, transmit and receive data. That data is then aggregated, but not necessarily in filtered format. Thee need to transform this data to actionable information requires a cost effective Edge Computing gateway.

Securing IoT requires access control, secure access points, visibility into all devices on the network, constant monitoring, unified management, and automated responses to threats. Security solutions also need to meet extreme performance requirements, be available on demand and be provisioned and de-provisioned in real time while the environment they are protecting is adapting to demands.

Security for today’s IoT network infrastructure must include a smart solution that can provide the combined benefits of cyber security, and cost-effective data usability across all security devices in the OT network for more effective management.

Joint Solution Description

The Fortinet and RAD integrated solution addresses the above challenges, by leveraging the Fortinet Security Fabric’s open architecture that connects traditionally disparate security solutions into a unified framework. This allow such solutions to dynamically adapt to evolving infrastructure in order to defend its rapidly changing attack surface. Fortinet’s open approach extends the broad visibility, integrated threat detection and automated response of its Security Fabric architecture to RAD’s solutions through the Fabric APIs.The integration results in a flexible, ruggedized and cost-effective joint solution that addresses the growing IoT visibility and security challenges.

Solution Components

Fortinet FortiSIEM & RAD SecFlow

The integration of FortiSIEM with RAD’s SecFlow offers a viable solution to the growing complexity of managing network operations by providing a comprehensive, scalable way of monitoring all OT and IoT security systems. RAD’s SecFlow is able to share threat intelligence and comprehensive event logs with FortiSIEM to correlate security events across protected IoT devices and all other Fortinet Security Fabric components.

RAD’s SecFlow constitutes the level 0 and level 1 ruggedized edge computing solution for Fortinet. Acting as the hub, Fortinet collects data from the remote gateways of RAD.

RAD helps tackle IoT challenges with:

  • Connectivity: Always-on seamless connectivity over any media
    with resiliency & redundancy options
  • Security: End-to-end IPsec VPN tunnels over private and public
    networks with firewall and encryption
  • Edge computing: Fog/edge application support to minimize
    latency and maximizing efficiency
  • Simplified operation: Secure zero-touch configuration for
    automated installation and provisioning

Joint Use Cases

Edge Computing Use Cases

  • IPS\IDS for SCADA– serving DNP3, Modbus, IEC 104 protocols; converting legacy RTU protocols to their IP equivalents and activating IPS\IDS on the converted IP traffic (in the future, this could be the Fortinet containerized IPS\IDS)
  • Protocol conversion gateway
  • ICS software (e.g., open Embedded RTU\PLC) – containerizing PLC capabilities within a secure and ruggedized gateway
  • Sensor aggregation software
  • Store and Forward or periodic broadcast for low speed and infrequent data sync (e.g. metering aggregation)
  • Access Control Software
  • MQTT, Azure, other

Fortinet Security Fabric

The Fortinet Security Fabric is an architectural approach that unifies the security technologies deployed across the digital network – including multi-cloud, endpoints, email and web applications and network access points – into a single security system integrated through a combination of open standards and a common operating system. These same types of solutions are integrated into the OT environments that are enhanced through the integration of advanced threat protection technologies and a unified correlation, management, orchestration, and analysis system.

RAD SecFlow

RAD’s next generation SecFlow industrial IoT (IIoT) gateway hosts third-party applications, such as Fortinet’s, using the most advanced, LXD container-based Edge Computing capabilities. In addition, it enables efficient, secure and fast connectivity of IoT devices over wireless, fiber and even copper networks – either public or private. The SecFlow features a Global SIM, dual SIM and a dual cellular modem supporting flexible connectivity. Advanced Ethernet and IP feature-set provides reliable and secure Layer 2 and Layer 3 communications, while serial protocol handling with transparent tunneling/protocol conversion and terminal servers capabilities support all RTU traffic. In addition, the SecFlow supports the environmental needs of Level 0 and Level 1 of the solution fabric.

About RAD

RAD is a leader in Service Assured Networking (SAN) solutions for critical infrastructure. We address all communication needs of the utilities, transportation and government sectors with always-on reliability and mission-critical protection. We offer best-of-breed SAN solutions that are used for cyber-secure industrial IoT (IIoT) and operational WANs, fog/edge computing, TDM to packet migration, distance Teleprotection and distribution automation, as well as Smart/Safe City deployments.

Founded in 1981, RAD has an installed base of more than 16 million units and is a member of the $1.46 billion RAD Group of companies, a world leader in communications solutions.

Contact TeleScience to learn more

Christmas Greetings 2019

 

TeleScience Singapore Pte Ltd
Visit us www.telescience.asia | Connect with us
 

 * Icons are designed by Freepik

TeleScience is a leading ICT equipment and solutions provider in the telecoms & networking industry.
We provide pre-sales and post-sales support for semi-turnkey and turnkey projects in the area of design,
consultancy, installation, network health-check and project management.

Telecom Access Solutions
Network Test, Security and Monitoring
Timing and Synchronisation Solutions
Synchronised Clock System Solutions

Visit us www.telescience.asia | Send us your enquiries marketing@telescience.asia

KnowBe4 Webinar: In the Hot Seat: Three Experts Tackle 10 Critical Security Awareness Issues

Three experts. 10 hot topics. Sixty minutes. What happens when you lock highly opinionated security awareness experts in a room with a microphone and a list of top security issues facing your organization? This is your chance to find out!

In this webinar, Perry CarpenterKnowBe4’s Chief Evangelist and Strategy Officer, and, our guests, Forrester’s Jinan Budge and Claire O’Malley provide practical advice and pithy comments as they take on a wide-ranging list of security awareness topics, behavior, and culture management issues in rapid-fire format.

Key topics include:

  • The real cost of ignoring the human element
  • What can security awareness mean for your organization’s overall reputation?
  • Talking to your execs and the board about cybersecurity
  • How do you measure the benefit of awareness, behavior and culture change?
  • Security awareness & training content: Quality versus quantity
  • And many others!

To watch the webinar click on this button

KnowBe4

KnowBe4 is the world’s most largest and popular integrated Security Awareness Training combined with Simulated Phishing attack platform, utilizing social engineering methods and strategies to conduct training. Founded in 2010, a US company located in Tama Bay, Florida with over 19,000 customers base across different sectors globally. Managing by CEO & employees of ex-antivirus experts and IT security Pros. KnowBe4 has been a winner of two consecutives Inc. 500 awards.

Contact TeleScience to learn more

RAD Webinar: 5G xHaul Q&A: How CSPs Can Build a Solid ROI

How can communications service providers (CSPs) reconcile competitive pressures to launch 5G services with the financial constraints and technology uncertainties associated with new network buildouts? What are their best options for splitting the 5G RAN? Which investment decisions need to be taken in advance and which can be delayed to meet revenue ramp up? What lessons can be learned from early adopters?

These are some of the questions CSPs must answer before launching 5G to ensure a solid ROI. Join us for this session of 5G xHaul Q&A, in which we’ll address these and other issues, and share from RAD’s own experience in the field.

To watch the webinar click on this button

About RAD

RAD is a global telecom access solutions and products vendor, enabling service providers and network operators to evolve any service over any network. By allowing mobile, business and wholesale service providers to decouple service evolution from network evolution, we assist them in migrating at a pace that is right for them. They can leverage existing resources and prolong the use of a large variety of their current legacy interfaces and equipment, as well as maintain network and service performance to guarantee user experience. In addition to providing an economical migration path to network edge virtualization, our Service Assured Access solutions are designed to deliver complete visibility for greater operational efficiency, as well as timing synchronization for LTE/LTE-A and future 5G deployments.

Founded in 1981, RAD has an installed base of more than 16 million units, and works closely with Tier 1 operators and service providers around the globe. RAD is a member of the $1.3 billion RAD Group of companies, a world leader in communications solutions.