Check Point’s Critical Infrastructure Roadshow gathering at Auckland’s Langham Hotel today brought together a dedicated of security partners to discuss problems, infrastructure weak points and partner alliances.
The event features presentations from Rob Waddell, Check Point’s global security architect Jeroen De Corel and chief strategist Tony Jarvis. Director of partner alliances Liron Yosefian also conducted an informal session with partners to further discuss security issues.
Olympic gold rowing medalist and world record holder Rob Waddell took the stage and talked about his career how he and his team worked the Rio Olympics and underlining how preparation is the key ingredient for success.
“There’s a couple of things that helped me cope with stress and pressure. It’s the hours and hours of preparation work beforehand. On the day, I was focusing on the only thing that mattered: Getting the boat from A to B in the fastest way possible.”
Talking about Team NZ’s America’s cup failure, Waddell said, "Find out what went wrong. From that solutions become obvious. When you find those solutions comes faith, belief and confidence".
His main message was that his team was able to find solutions to problems because they were the best planned and the best prepared.
Jeroen De Corel, global security architect, critical infrastructure, Check Point, talked about design and implementation recommendations in operational technology (OT). He mentioned a specific case study in the OT world, which had many security weak points.
The infrastructure was running old, outdated technology, no AV and blocked removable media in BIOS. In terms of the network, there was no encryption or authentication. In essence, there were many gaps.
"Physical security was built mainly on trust. There were no protections against unauthorised access or insider jobs. “People could walk in and out of the back door of the server room to smoke. That’s crazy.”
Tony Jarvis, chief strategist, threat protection for APAC, Middle East and Asia, talked extensively about the first major case of global ransomware against hospitals.
“2016 was the year of ransomware. It was huge. 2017 is still a year of ransomware, IoT malware and many other things.”
He mentioned that the WannaCry ransomware had far-reaching consequences and are after information.
“The other reason somebody wants to go after you is the profit. They don’t care if you’re a multinational and paying hundreds of thousands of dollars of ransom or a mum and pop shop paying $200. It doesn’t matter to them.”
He spoke extensively about how the ransomware infected not only enterprises and personal computers, but everything from digital signage and mall kiosks.
He mentioned that 86% of exploits use vulnerabilities that are more than 10 years old.
He says that while other organisations may have experienced success with a particular solution, every organisation is unique and therefore the strategies must be unique as well.
What should organisations do about it? Focus on the known threats, the unknown threats, protect all endpoints and devices, devise a risk framework and understand the threat trends.
This week Check Point took its Critical Infrastructure Roadshow to Wellington and Auckland. The company will be taking the roadshow to Hamilton tomorrow.