In this meeting held in Bilbao, at the Hotel Silken Indautxu, the preliminary results of the study on cybersecurity in Basque industry were presented for the first time. More than 75 responses have been received to the questionnaire provided to industrial companies, which will allow the publication of a final study that will reflect the real situation on the situation of the Basque Country industry.
The meeting has served to share with attendees some experiences of cybersecurity managers from different organizations and industrial engineering.
During the meeting, Javier Diéguez, director of the Basque Cybersecurity Center presented the function and services offered by this new to Basque organizations. Its strategic objectives are to promote a culture of Cybersecurity, boost economic activity and strengthen the professional sector. For this, a CSIRT will be put into operation that operates exclusively in Euskadi, as well as R + D + I, education and entrepreneurship activities.
Also in this meeting, expert knowledge has been provided through several papers and a discussion table. David Marco and Edorta Echave from Innotec System presented cybersecurity as a benefit for industrial organizations, during their presentation we were able to attend a practical demonstration of how to protect an industrial control environment from the network.
Check Point brilliantly presented the context of the most recent attacks on industrial control systems, such as CrashOverride / Industroyer and because these attacks are possible, legacy equipment, default configurations, lack of updating, giving multiple examples of consequences. In this context, David Galdrán, security engineer at Check Point, proposed as a solution the protection of real-time control systems using advanced technology to protect against targeted attacks thanks to the precise recognition of protocols, anomaly detection and protection. automated
For the first time ProactivaNET, in collaboration with Intermak IT, participate in a meeting of the Voice of Industry, trying to give a vision of where to start ordering and securing the IT and OT infrastructure. For which they propose that the first step is to know what you have, and how you have it (you can not secure what you do not know). The proposed sequence of steps is:
What do you have? (Asset Management, Discovery)
What do you use it for? (Configuration Management, CMDB)
What happens? (Management of incidents)
What are you doing? (Change Management)
The industrial sectors are at the beginning of the digital transformation and we have been able to learn from Tecnalia how to approach cybersecurity in this new scenario. Affirming that it is necessary to “IoTizar” the technologies and infrastructures of operation, but not in any way and at any price.