Tomorrow's FM September 2020

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

FEATURE

During challenging times, though, the strategy may need to pivot to be more responsive. With investments in containment and recovery planning, threats can be contained, minimising damage and ensuring recovery processes are successful.

Prior to COVID-19, we conducted a study that indicates that people remain one of the most prevalent security risks to businesses across the economy. With third party facilities staff manning the front line in a host of critical environments like hospitals, it’s important their role as the first line of defence is communicated effectively when they are onboarded and at regular intervals throughout the pandemic and beyond. There has been a marked increase in phishing attacks – a relatively simple approach, such as an official-looking email that encourages staff to provide sensitive login details – in recent months which are so often an easy but preventable way into a business.

“A comprehensive cybersecurity strategy should always focus on two elements – technology and people.”

IT teams should also be working on the basis that a sophisticated or well-motivated intruder will usually find a way in, even if it involves manipulating staff, so defence strategies should focus on detection and recovery, not just protection. Typically, the faster a breach is detected, the less impact it has and the cheaper it is to fix.

Bam Construct and Elexon have been targeted given their involvement in government contracts and critical infrastructure. Both Interserve and Bam, for example were involved in the set-up of NHS Nightingale hospitals, while the former provides services to essential travel networks including the London Underground.

Whether these attacks were orchestrated by malicious nation states or by opportunistic criminal groups – the finger of blame in the case of EasyJet, for example, has been pointed at Chinese groups – it stands to reason that large outsourced service providers will remain the focus of their attention throughout the course of the pandemic.

Security should therefore be high on the agenda of those providers as well as those procuring their services.

A comprehensive cybersecurity strategy should always focus on two elements – technology and people. Both provide a defensive shield but the latter presents the greater vulnerability, particularly the bigger an organisation is.

www.tomorrowsfm.com

One of the best recovery strategies is a well-managed backup system with a granular restoration process so that a point in time can be recovered prior to the attack being deployed. This appears to have been the case for Bam Construct where the attack – at least according to the company – has had limited impact on day-to-day operations. There are also arguments that some offline backups should be kept for critical systems, such as Active Directory servers (in a Windows world), as these can often be the key to a rapid re-instatement of service.

With a comprehensive history of backups and by creating a structure where digital information is stored in a siloed manner, it is possible to de-value an attackers’ target. That way, with limited collateral exposed, the majority of effort can be focused on the initial point of attack, how the intruder gained access, and identifying mitigations that could have been put in place to limit it (as well as any secondary attack that usually takes place after an initial compromise).

In doing so, FM service providers will be able to continue the fight against invisible threats on both fronts.

www.coalfire.com/ TOMORROW’S FM | 27

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48 | Page 49 | Page 50 | Page 51 | Page 52 | Page 53 | Page 54 | Page 55 | Page 56 | Page 57 | Page 58 | Page 59 | Page 60 | Page 61 | Page 62 | Page 63 | Page 64 | Page 65 | Page 66 | Page 67 | Page 68 | Page 69 | Page 70