Riaan Joyina abaphathi abaphezulu eSan Francisco ngoJulayi 11-12, ukuzwa ukuthi abaholi bahlanganisa kanjani futhi bathuthukisa kanjani ukutshalwa kwezimali kwe-AI ukuze kuphumelele. Funda kabanzi
Izinkampani ezihamba phambili emhlabeni zokunakekelwa kwezempilo, usizo, ukukhiqizwa kwemithi namandla (okuhlanganisa namandla enuzi) zithembele kuwo. I-inductive I-Automation’s Ukuthungela inkundla ukunika amandla, ukuvikela kanye nokugcina impilo nempilo yezigidi zabantu ababasebenzelayo. Ukuthola i-cybersecurity futhi ukuphepha kwephoyinti lokugcina kwesokudla yizikhonkwane zetafula emabhizinisini abo ayinhloko.
Lezi zinkampani zidinga ukuthatha izinyathelo eziqinile zokuqinisa ama-endpoints ngaphambi kokuba isizukulwane esisha sezinsongo eziqhutshwa yi-AI liyakhula. Lokhu kuthambekela sekucacile njengoba abahlinzeki be-software kubakhiqizi, izinsiza kanye nengqalasizinda ebalulekile bebebuyekeza amasu abo wokugcina ukuze banqobe izingqinamba phakathi kwezinsiza. ukuhlaselwa okungakaze kubonwe ku- ukukhiqiza imboni.
Amakhasimende emazweni angaphezu kuka-90 ahlanganisa ubuchwepheshe bawo bokusebenza (OT) nezinhlelo ze-IT nedatha yezinzwa zesikhathi sangempela asebenzisa inkundla ye-Inductive Automation’s Ignition ukuze alinganise ngokunembile ukushaya kwenhliziyo kwamabhizinisi awo. Ukugcina ikhodi yomthombo weplathifomu ye-Ignition, i-DevOps nezinqubo ze-SDLC ziphephile kuyinto ebaluleke kakhulu.
UJason Waits, we-CISO kwa-Inductive Automation, utshele i-VentureBeat, “Njengoba inkampani iqhubeka nokukala, ngokwemvelo, izikali zethu zokuhlasela nazo ziyalinganisa. Lokhu kukhula kanye nokwanda kwesisekelo samakhasimende emikhakheni ebalulekile emhlabeni wonke kudinga ukutshalwa kwezimali ku-cybersecurity. Ukushintshela emsebenzini oqhelile kuphinde kudingeke ukuthi kugxilwe kakhulu kubunikazi kanye nokuphepha kwendawo yokugcina.
“Siyayibona indawo ebaluleke kakhulu yesoftware yethu ochungechungeni lokunikezela,” wengeza, “futhi umgomo wami uwukwakha uhlelo olusezingeni lomhlaba lwe-cybersecurity.”
Amakhasimende e-Inductive Automation atshela i-VentureBeat ukuthi inkundla ye-Ignition iyingxenye ebalulekile yabo. I-IoT kanye nengqalasizinda ye-IIoT. Bathi kubasiza ukuthi basheshe bafake izicelo ezintsha emikhiqizweni. Abahlinzeki bengqalasizinda, okuhlanganisa izinsiza, abakhiqizi bakawoyela negesi, kanye nezinqubo ezisetshenziswa abakhiqizi ukulawulwa kokuqondisa kanye nedatha ukutholwa (I-SCADA) isofthiwe ukuze bathole ukubonakala nokulawula abakudingayo ukuze bagcine imisebenzi isendleleni, ngokuvamile ihlanganisa izinhlelo zabo ezikhona zokulawula izimboni (i-ICS) neplathifomu Yokuthungela.
U-Gartner unikeza untanga ukuqonda endaweni yesikhulumi se-Ignition kanye nesisombululo se-SCADA senkampani.
Ukuvikela ingqalasizinda yomhlaba wonke lapho ukukhiqiza kuvinjezelwe
Ezokukhiqiza imboni ehlaselwa kakhulu ngoba abahlaseli bayazi ukuthi uma bengaphazamisa uxhaxha lwalezi zinkampani, ukusebenza nokuthunyelwa kwamakhasimende, bangafuna izinkokhelo zesihlengo ngaphezu kwezilinganiso zomkhakha. I-IBM Security’s 2023 X-Phoqa Usongo Intelligence Index ithole ukuthi ukukhiqiza kubalele u-61% wayo yonke imizamo yokwephula ehloselwe ikakhulukazi ezinhlelweni ze-OT kanye nama-23% akho konke. i-ransomware ukuhlasela. Imboni yaba yisisulu ku-58% wezigameko ezisize i-X-Force ukuzilungisa.
Ukuhlaselwa kwe-backdoor okuqondiswe ezinhlelweni zabakhiqizi be-ICS ne-SCADA kuvamile ngoba lezo ziphakathi kwezimpahla ze-OT ezingavikelekile zomkhiqizi. Ngonyaka odlule i I-Cybersecurity kanye Nokuphepha Kwengqalasizinda I-ejensi (CISA) uxwayise ngokuthi amaqembu ezigebengu ezigebengu asethuthukile (APT) anjalo ukuqondisa eziningi zamadivayisi aziwa kakhulu e-ICS kanye ne-SCADA.
I-Inductive Automation ilindele ubunzima obukhulayo bezingozi ze-cybersecurity ekukhiqizeni futhi yenze lukhuni inkundla yayo ngokukhishwa ngakunye. Ezokuphepha ziyingxenye yokuthuthukiswa kwe-DNA yenkampani, futhi ukufaka esikhundleni sezindawo zokugcina ezingu-500 kwakudingeka ukuze kugcinwe izinqubo ze-DevOps, ubunjiniyela kanye ne-SDLC zivikelekile.
Ukubaluleka kwezokuphepha enkampanini kubonakala ekwesekeni kwayo amakhasimende. Yakho Ukuthungela Ezokuphepha I-Hardening Guide futhi Ezokuphepha Imikhuba Engcono Kakhulu Yakho Ukuthungela Uhlelo izihloko kanye nesiqondiso salo sendlela yokwenza chaza amazinga okuphepha ku isicelo konke kubonisa ukuthi ukuvikeleka ku-inthanethi okugxile kangakanani ekwakhiweni kweplathifomu. Inkampani inikeza a ivikelekile ingosi ifinyeleleka kuwo wonke amakhasimende anesimo samanje sokulawula ukufinyelela, ukuphepha kohlelo lokusebenza, ukuphepha kwendawo yokugcina, ukuphepha kwenethiwekhi, ukulawula ukufinyelela nezinye izici ezimbalwa.
Indlela I-Inductive Automation eguqule ngayo izindawo zokugcina zisuka enseleleni zaba amandla
“Sizibheka njengengxenye ebalulekile yochungechunge lokuhlinzeka ngamakhasimende emikhakheni ebaluleke kakhulu emhlabeni,” kusho u-Waits. “Ngakho-ke, kufanele sitshale, futhi sitshale kusenesikhathi, ukuze siqinisekise ukuthi asiyona imbangela yenkinga yezokuphepha.”
Ingqalasizinda yezokuphepha ye-Inductive Automation isezingeni eliphezulu. Noma kunjalo, iphakethe lefa elivikele iziphetho zenkampani – inhlanganisela yemikhiqizo etholwe inkampani engumzali – yehlise isivinini sezinhlelo zayo ze-IT. Futhi ukugcina inkundla yokuvikela indawo yokugcina yefa imanje kuthathe isikhathi esiningi ngamapeshi nezibuyekezo.
Amaphoyinti okugcina ayeba ibhodlela lamandla okucubungula
Isofthiwe yokuvikela indawo yokugcina yefa iqede amandla okucubungula enkampani ngesikhathi idingeka kakhulu ukuze igcine isikhathi nokukhishwa okusha, okubalulekile ekukhuleni kwenkampani. Engxoxweni yakamuva ne-VentureBeat, u-Waits uthe, “Isixazululo sethu sangaphambilini besinzima ekusetshenzisweni kwezinsiza futhi sithambekele ekubeni nemibono engamanga. I-ejenti nayo yaqala ukungazinzi ngokuhamba kwesikhathi. Lokhu kuholele ekukhishweni kwesikhathi esiningi kokubhala, ukufaka kabusha ama-ejenti noma ukuzama ukugcina isevisi isebenza ngaphandle kokuletha ulaka lwabasebenzisi bethu.”
Ukuthuthukisa izinhlelo zokusebenza ze-SCADA kanye nenkundla yazo esekelayo kudinga amandla amaningi okucubungula. Amalungu amathimba e-DevOps akhala ngokuthi izinhlelo abathuthukise kuzo ikhodi zazihamba kancane futhi kukhona okwakudingeka kwenziwe. Isofthiwe yokuvikela indawo yokugcina nayo yaqala ukukhiqiza inani eliphezulu kakhulu lezinto ezingamanga, okubangele ukuchitha isikhathi nomzamo wethimba lezokuphepha.
Ukuze kusekelwe ukukhula okuqhubekayo kwenkampani kanye nemodeli yebhizinisi ehlala ishintsha, noma yisiphi isisombululo sezokuphepha kwakufanele sibe nezimo, zivumelane nezimo futhi zikhule.
Lapho isiphetho sinamandla, siba ngamasu kakhulu
Imiphumela ye-Inductive Automation ekumiseleni isistimu yayo yokuvikela indawo yokugcina, ebidla amandla okucubungula abalulekile futhi ibeke engcupheni izinsuku zokukhishwa, ibonisa umgomo oyinhloko mayelana nokuphepha kwendawo yokugcina. Lesi simiso siwukuthi lapho isiphetho sinamandla, inani lamasu elilethelayo liyanda.
Ukuqala ngenqubo eyinhloko yokuba nesixazululo se-endpoint esinesidingo esincane se-CPU nomthelela omncane ekusebenzeni kwesistimu, u-Waits nethimba lakhe bahlole uchungechunge lwabahlinzeki besistimu yokuvikela indawo yokugcina, bonke abaholi emakethe.
“Ngemuva komqondo wobufakazi, i-CrowdStrike ibonakale ilula kodwa isebenza kahle ekumiseni izivivinyo esiziphonse kuyo,” kusho u-Waits. “Ngamandla ethu onke, sihlole i-ejenti futhi asikwazanga ukudala isimo lapho ukusetshenziswa kwezinsiza emshinini kuvinjwe khona. Amanye amathuluzi amaningi okuvikela esiwasebenzisayo abe nokuhlanganiswa ne-CrowdStrike, okusivumele ukuthi sisebenzise ithuba elithile lokusebenzisana phakathi kwesitaki sethu.”
U-Waits nethimba lakhe banqume ukwenza isimo somhlaba wangempela futhi benze omunye wonjiniyela abakhuluma kakhulu abambe iqhaza ekuhlolweni kwe-beta. Ukulinda kuqashelwe ngokuhlekisa ukuthi unjiniyela ukhohlwe ngokushesha isixazululo sephoyinti lokugcina ngaphansi kokuhlolwa sase sisebenza. (Isixazululo saba I-CrowdStrike’s Falcon Ukuqonda I-XDR.)
Ukuhlanganisa izindawo zokugcina ukuze kuncishiswe izindleko nokwandisa ukubonakala
U-Waits utshele i-VentureBeat ukuthi inkampani kufanele ithole isixazululo se-endpoint esizodambisa ibhodlela lamandla okucubungula ngenkathi inikeza ukutholwa kokwethembeka okuphezulu nokunemba. Ngamafuphi, ithimba belifuna ukuhlanganisa imisebenzi futhi linciphise izindleko kanye nokucubungula ukuchithwa kwamandla kuyilapho linciphisa amaphuzu angamanga akhiqizwa isistimu yephoyinti lokugcina.
“Enye yezinhloso zethu ezibalulekile bekuwukuhlanganisa ukuskena kobungozi kanye nokuphathwa kwe-firewall endaweni eyodwa, sisuse amathuluzi amabili okuvikela ahlukene. Ukunciphisa inani lama-ejenti okudingeka siwafake futhi siwagcine kunciphisa kakhulu ukuphathwa kwe-IT ngenkathi kuthuthukisa ezokuphepha,” utshele i-VentureBeat. “Siphinde sasebenzisa amanye amamojula afana ne-USB Control, Identity Protection, kanye ne-Attack Surface Management ukuze siqhubeke siqinise ingqalasizinda yethu yezokuphepha sibe sithuthukisa ukunemba kokutholakala.
“Kunezindleko zokusebenza ezilinganiseka kakhulu ekukhetheni nasekuphatheni zonke izingxenye zesixazululo se-endpoint,” wengeza, “kodwa uma uhlanganisa endaweni eyodwa, unciphisa phezulu.”
Ngezansi: Isixazululo sokuphepha sephoyinti lokugcina sidinga ukunemba kokutholwa, ukusebenza nokuhlanganiswa ukuze kuncishiswe izindleko
“Asichithi isikhathi sethu ngokujaha ama-herrings abomvu (noma ama-positives angamanga), futhi sifinyelela ukuhlanganiswa okukhulu ngokuba nomenzeli oyedwa ophatha imisebenzi eminingi,” kusho u-Waits. I-Inductive Automation ithola ukuthi ukuhlanganisa ngamandla ukusebenza okuhlukene kwangaphambilini kube yindawo eyodwa yokuphela nakho kusiza ukuvikela kangcono yonke imisebenzi ebheke amakhasimende, okuhlanganisa ukwenza kusebenze umkhiqizo, amathikithi kanye nokunikezwa kwelayisensi.
Wachaza ukuthi i-Inductive Automation inazo zonke izinsiza ezibhekene namakhasimende ngale kwezinhlelo zokusebenza zewebhu kanye nezibhulamlilo zenethiwekhi. “Sinesu elinolaka kakhulu lokuvikela umazisi, sisebenzisa kakhulu i-MFA esekelwa ihadiwe kanye nokulawulwa kokufinyelela okusekelwe endimeni okuqinile (RBAC). Ukufinyelela kwezokuphatha kungokwesikhashana futhi kugunyazwe yi-MFA ezindaweni zokusebenza zokufinyelela ezinelungelo elikhethekile.” Futhi ekugcineni: “Sihlolwa minyaka yonke ukungena okuvela ezinkampanini zangaphandle ukuze siqinisekise izilawuli esizisebenzisile.”
Umsebenzi we-VentureBeat kufanele kube isikwele sedolobha esidijithali sabenzi bezinqumo zobuchwepheshe ukuze bathole ulwazi mayelana nobuchwepheshe bebhizinisi obushintshayo kanye nokuhwebelana. Thola Okufingqiwe kwethu.
