Success stories

Critical
_
infrastructure
_
cybersecurity
_
with
_
Sofistic

Identity and cybersecurity  ·  Machine learning
WhatsApp Linked In

The professional safeguarding IT systems and information management is essential to protect vital transportation, banking, energy and healthcare services from possible cyber-attacks. El Dorado airport, Copa Airlines, the electricity company ENSA and the National Hospital of Panama rely on Sofistic’s solutions.

Critical infrastructures

Transportation, health, basic supplies, telecommunications, banks, strategic industries and public administrations are just a few of the critical infrastructure companies that have placed their trust in Sofistic Cibersecurity, Cuatroochenta's cybersecurity unit, to protect and shield their facilities and services from cyberattacks. Our client list includes OPAIN, the company in charge of the management of Bogotá's El Dorado, recognized as the best airport in South America and the busiest in the region and the second busiest in Latin America with more than 35.5 million passengers per year. Another example in the airline industry is Copa Airlines, Panama's leading airline operating to 80 destinations in 36 countries in the Americas. Other crucial firms of note are the National Hospital of Panama, a leading Panamanian private hospital with 50 years of history, and Panama's ENSA electric power company with more than 500,000 customers. This list includes nearly 100 customers in the financial sector that rely on Sofistic to implement various cybersecurity solutions.

These are companies in Latin America and Spain that are looking for a complete and centralized cybersecurity service, as it is a strategic factor for the success and survival of any business. These infrastructures are a clear target for cybercriminals for two reasons: the repercussion and impact on society of access to their services due to the interruption of a basic activity or service, and the economic reward that this can bring.

Inicio del proyecto: 2017

Challenges

01 Protect strategic infrastructures that provide essential services and are highly attractive to cybercriminals from potential cyberattacks.

02 Simplify and centralize cybersecurity management.

03 Avoid the risks of outdated systems and obsolete devices.

04 Addressing growing vulnerabilities and threats from the expanding Internet of Things (IoT) ecosystem.

05 Managing large numbers of passwords that may be exposed.

06 Protecting websites, online services and teleworking applications.

07 Avoiding human error. Some reports indicate that 7 out of 10 security incidents are caused by human error.

Solutions

01 Customized assessment of the company's system to detect vulnerabilities and implement appropriate corrective and preventive measures.

02 24/7 monitoring through the Atlantis SOC, the Security Operations Center (SOC), with a response time to critical incidents of less than 2 hours. It is distributed over two continents to operate uninterruptedly and prepared for meteorological risks, catastrophes or massive attacks.

03 Advanced cyber defense system supported by artificial intelligence and machine learning with Darktrace to detect and combat combat threats in real time, through behavioral patterns. It can analyze up to 1,000,000 connected devices in the enterprise, both IT equipment and OT environments (industrial machinery).

04 Protect endpoints or end devices with the most advanced tools, such as CrowdStrike. It replaces conventional signature-based antivirus with this EDR capable of detecting even unseen threats, thanks to the analysis of behaviors through artificial intelligence and machine learning.

05 Effectively investigate and respond to threats by collecting and correlating alerts from different sources for joint analysis and management through state-of-the-art systems such as Exabeam.

06 Monitoring password theft through Big Data.

07 WiFi network audits, security audits with protected authentication systems, encrypted connections from any location, evaluation of device encryption or intrusion detection system. Services especially useful for teleworking environments.

08 Simulations of attacks to detect vulnerabilities and reinforce cybersecurity training so that employees know how to act in the event of an incident or suspicion. The attempted hacking of a water treatment plant in Florida in 2021 is an example of how employees can raise the alarm and stop an attack in its tracks.

Cyber-attacks on critical infrastructure are one of the five current global risks according to the World Economic Forum, alongside the energy supply crisis, living costs, the risk of inflation and the food chain crisis.

Cyber attacks targeting critical infrastructure have increased in recent years, especially in the wake of the Russian invasion of Ukraine. Although these types of cyber-attacks are not the most numerous, they have the greatest impact, as they can jeopardize the continuity of an essential service such as a hospital, an airport or a water treatment plant, affecting the safety, health or welfare of citizens. A clear example of this was the ransomware attack on the Colonial Pipeline that in May 2021 left the East Coast of the United States without fuel. The massive attack on public institutions in Costa Rica or the one that paralyzed rail transport in Denmark, both in 2022, are other cases that demonstrate the impact of an incident of these characteristics.

From Sofistic, engineers specialized in new technologies and computer forensics are responsible for conducting security audits to detect what are the vulnerabilities of the information system of the infrastructure and thus adopt the tools and specific corrective and security measures. To turn these companies into strengths, it is key to integrate artificial intelligence and machine learning into cybersecurity. These advanced systems are capable of detecting new viruses and other types of malwares that are not yet registered in traditional antivirus signature databases.

All these solutions, moreover, come with advanced Microsoft 365 support that, by applying optimal cybersecurity configurations, enables system monitoring, identifying personal data security breaches, disaster recovery and notifying those breaches to the data protection authority and customers.

The healthcare sector has once again been the protagonist in the last year of ransomware attacks with great impact on healthcare activity and leaking confidential patient information.

Main risks of critical infrastructures:

Access to internal control systems
Service interruption
Violation of data integrity and confidentiality
Denial of service
Financial loss

The average cost of a critical infrastructure data breach stands at $4.82 million, according to a report from IBM Security.

How to secure a critical infrastructure?

Segment networks

In this way, the most critical environments are less exposed to the outside world.

Updating devices

Contacting the manufacturer to see if there are any patches or software updates.

Adopt new protection systems

Endowed with artificial intelligence and machine learning to gain detection and reaction capacity.

Update and establish more restrictive security policies

Adapt them to changes in your architecture

Auditing OT security

In addition to examining the IT part of the organization, it is also essential to identify any anomalous behavior in the industrial machinery network.

Implementing a 'Zero Trust' security strategy

This type of policy protects an organization through the continuous control and verification of each authentication, transaction and access to information. In this way, it contemplates both internal risks, including those of the employees themselves, as well as those of third parties, whether they are service providers or suppliers.

"Cybersecurity should not be seen as an expense, but as an investment."

Results

Incident reduction.
Centralize and simplify cybersecurity management.
Real-time control and monitoring.
Some type of vulnerability was found in 99% of the systems analyzed.

Cyber-attacks have become more sophisticated and increasingly targeted. All this, added to the fact that exposure to risk has increased due to the expansion of teleworking and hyperconnectivity through the Internet of Things, makes it essential to have a cybersecurity monitoring, auditing and prevention service.

Do you want to know more about the services that Sofistic, Cuatroochenta's cybersecurity unit, can offer you to guarantee the security of your company?

Contact our specialists

Related