| Share

As “air gap” cyber solutions evolve, consider alternative approaches says U.S. critical infrastructure security expert from OPSWAT Inc.



Organisations seeking ultimate defence against cyber attacks can benefit from evolving security practices and automated security technologies

Adelaide, Australia – 6 April 2018: Australian and New Zealand organisations seeking the ultimate defence against cyber attacks should consider alternative approaches to traditional “air gap” solutions, according to visiting U.S. critical infrastructure security expert, Tom Mullen, a Senior Vice President at OPSWAT, Inc.
 
Mullen, a presenter at ACSC 2018, the Australian Cyber Security Centre Conference from 10-12 April in Canberra, says that best practices in air-gapped network security are evolving in response to escalating cyber attacks and improvements in security technology.
 
Not all air-gapped network implementations use advanced security technologies such as automated data sanitisation and behavioural analysis tools. As a result, the cost of maintaining these networks can be substantially higher than necessary.
 
Mullen’s ACSC 2018 presentation, “Best practices for securing critical/regulated infrastructures within the U.S.”, examines the experience of U.S. nuclear power facilities, with over 90% of nuclear power plants using OPSWAT’s solutions to inspect portable media for cyber threats, as well as for auditing. In air-gapped environments, portable media are typically used for software patching and updates, and exporting logs. Mullen also examines the experience of other organisations using OPSWAT’s tools to show how air-gapped or isolated networks can be operated more cost effectively without compromising security.
 
“We have customers focussed on using automation who are not processing all incoming data through physical kiosks,” says Mullen. “For example, you can use private subnetworks, where everything remains connected. There are markets that expect this approach.”
 
The ramifications of these evolving security practices extend well beyond Australian and New Zealand organisations currently operating air-gapped networks, says Scott Hagenus, CMO for cyber security software specialist, emt Distribution, distributor for OPSWAT’s MetaDefender threat detection and prevention platform in Australia and New Zealand.
 
“It’s not just operators of critical infrastructure, defence or secure government organisations that have a need for air-gapped or isolated networks,” says Hagenus. “We see manufacturing, healthcare, insurance and labour hire organisations that are looking up to step up their security. Even political parties and news organisations are now setting up air-gapped or secure networks to protect their most sensitive information.”
 
“For example, one organisation that relies heavily on customer supplied documents via uploads, email and media had suffered repeated ransomware attacks through files submitted to their business,” says Hagenus. “Data sanitisation solutions prevent those attacks by removing any active content, without destroying the integrity of the files.”
 
OPSWAT’s MetaDefender platform provides vulnerability detection and “sanitises” data using content disarm and reconstruct technology. Coupled with over 40 anti-malware engines, Metadefender protects organisations’ connected and air-gapped networks. The solution protects at web proxy, email, portable media and endpoint levels, covering the most commonly targeted attack surfaces.
 
About OPSWAT
OPSWAT® is a global cyber security company that has provided security solutions for enterprises since 2002. Trusted by more than 1,000 organisations worldwide, OPSWAT prevents corporate data breaches and malware infections with the most effective solutions to eliminate security risks from data and devices coming into an organisation. MetaDefender by OPSWAT is a powerful advanced threat detection and prevention platform, providing simultaneous access to data sanitisation (CDR), vulnerability assessment, multi-scanning, heuristics, and additional threat protection technologies. MetaAccess by OPSWAT is a cloud-based access control solution that helps enforce endpoint compliance and prevents contamination of cloud applications by blocking potentially compromised or noncompliant devices from accessing SaaS applications. See: www.opswat.com
 
About emt Distribution
emt Distribution is an Adelaide-based value added distributor and vendor representative with a presence in Australia, Singapore and Hong Kong. It also works closely with like-minded distributors in the UK, Netherlands and Germany. emt offers solutions that address the top four mitigation strategies to prevent cyber security incidents, the broader strategies in the Australian Government’s Information Security Manual (ISM) and solutions to assist channel partners and MSPs in delivering what their customers need. emt offers pre and post sales support, channel development, engaged sales processes and marketing assistance for both vendors and channel partners. See: www.emtdist.com