Amid the ever-changing and intensifying landscape of cyber threats, four essential sectors – finance, healthcare, energy, and the manufacturing industry – are turning to increasingly complex and often secretive technologies to protect themselves from harmful forces.
Public discussion serves to emphasise the importance of strong cybersecurity defences, yet such sectors’ particular, protective methods are known only to those involved in using and defending their interest and the secrecy is vital to maintain the systems’ effectiveness against those out to cause harm.
In banking, they are very concerned with safeguarding valuable financial information, and with maintaining the confidence of their customers. Organizations that are implementing Network Detection and Response (NDR) solutions to examine network traffic for subtle data exfiltration evidence might forego detection of “noisy” immediate infiltrations for “quiet” ongoing ones.
Multifactor authentication is quickly becoming the norm, applying layers of security beyond a password. It’s also a heavily-invested space when it comes to behavioral analytics for identifying abnormal database queries and access patterns that might indicate tampering or data exfiltration activities. Regulatory requirements also generate considerable investments in data encryption, obscuring and highly controlled access.
Healthcare is one of the most vulnerable industries; as patient data is highly sensitive, and can significantly disrupt healthcare operations, but with more and more interconnected devices in use, the challenges are greater still.
Their defense-in-depth tactics prioritize IT/OT security convergence to defend both patient data and life-saving medical devices. Introducing network segmentation is important to contain breaches and continual observation and vulnerability management is needed to counteract flaws in a growingly complicated landscape.
Equally important is training employees to spot phishing attacks and enforcing strong access controls using the principle of least privilege.
The energy industry, which is lifeblood infrastructure, also is threatened in ways that could have broad impact. They have a hidden protection strategy of NDR solutions that are trained in the details of industrial control system (ICS) communication protocols so that any irregularities that could signify an attack or an illegitimate command are caught.
For example, one critical method is to watch Modbus, to detect unintended commands to life impacting gear. In addition, compliance requires tightly monitored internal network security that can detect early-stage reconnaissance against critical systems.
The computerised factory is the backbone of any manufacturing system and as operations technology and internet of things (IoT) devices become increasingly interconnected, manufacturers are becoming obsessed with securing more connected systems.
Measures include deploying “Zero Trust” architectures, treating breaches as a given, and mandating that every network communication be verified perpetually. Endpoint Detection and Response (EDR) solutions are essential in both watching and reacting to anomalous activity on all endpoints.
Also, the deception technology, which generates decoys to deceive attackers, has been widely used for discovering and analyzing the attack process.
There’s also a common focus across all four sectors on the rise of advanced threat intelligence use cases, as well as on AI and machine learning’s role in bolstering threat detection and response efforts.
Although the details of how they protect their networks may be rational secrets, the cyber defense tenets of layered security, 24/7 vigilance by man and machine, proactive hunting for in-progress intrusions, and deep knowledge on industry-specific risks form the core of their sustained fight against cyber tormentors.
