A Modern Approach to Cyber Security (Sponsored)

This article is brought to you by IAI.

In less than a decade we have seen the addition of yet a new domain – Cyber, with attacks taking place at the hardware, the software and the eco-system levels. In fact, with more and more platforms entering the digital realm the potential for cyberattack is on a relentless increase.

Effective cyber-attacks have received considerable attention as of late, underscoring the difficulty and in many instances, the fundamental inadequacy of widespread cyber security approaches to cope. File-less attacks, Solarwinds, ICA Malware, and Critical Infrastructure cyber-attacks have all made headlines in recent years with their destructive success.

Moreover, strategic trends indicate the increasing presence of state and superpower level threats, cyber-crime, large scale industrial espionage, influence and disinformation campaigns, and the use of publically available malware by threat actors. Very recently, this list has expanded with supply chains being targeted as well, and with cyber-attacks being accompanied by media and social media campaigns, aiming to disparage large enterprises, critical infrastructure and nation states.

Unfortunately, in many instances organizations are still deploying outmoded tools and methodologies to counter new, sophisticated, and dangerous threats. The use of out of date cyber security tools to contend with these continually evolving threats is akin to the reliance on castle walls to protect their occupants with the advent of heavy artillery. History buffs who recall the siege of Constantinople will relate well to this analogy.

Weaponization 

Legacy systems and approaches are often incapable of dealing with the "weaponization" of the cyber domain. Sophisticated attacks leave victims unable to identify where the attack originated and determine attribution.

Covid-19 has further exacerbated the situation, with the large-scale adaptation of work from home (WFH) technologies.— IAI

Furthermore, the introduction of new technologies such as "the cloud", loT, and 5G provides fertile ground for cyber aggressors seeking new targets and opportunities. Covid-19 has further exacerbated the situation, with the large-scale adaptation of work from home (WFH) technologies. The greater use of online services together with the reliance on personal devices and email for work purposes strengthens attackers' capabilities while at the same time worldwide deficiencies in trained experts with the skills to fill cyber security roles (“AKA the skills gap”) challenges the abilities of targets to defend themselves.

While the likelihood of fielding solutions that provide certain and complete success against contemporary cyber threats is increasingly difficult, if not impossible, Cyber Resilience, the ability to withstand or quickly recover from cyber-attacks, is the key to mitigating their effectiveness. 

But how is cyber resilience achieved?

The process starts with hardening individual targets and limiting the potential damage that they will endure. Enhancing target resiliency continues on to the eco-system through to the establishment of national level cyber resilience – the nation's ability to withstand or quickly recover from cyber attacks.

IAI/ELTA Systems Ltd., the multibillion-dollar defense electronics house of Israel Aerospace Industries (IAI), with its dedicated Cyber Division, delivers a comprehensive array of solutions that provide customers worldwide, with the tools and training needed to achieve national level cyber resilience.

Incorporating security by design, IAI/ELTA's cyber security eco-system approach addresses the need to balance between cyber security protection and the need for business continuity.— IAI

IAI/ELTA maintains that national level challenges require national level solutions. To this end, the company leads the Israeli Cyber Companies Consortium (IC3) as well as the Israeli Aviation Cyber Companies Consortium (IAC3), whose member represent the country's finest cyber eco system technology developers and innovators.

Taking a collaborative approach, IAI/ELTA works with trusted partners to achieve a holistic cyber defense network that answers the need for a new cyber-defense hierarchy. Incorporating security by design, IAI/ELTA's cyber security eco-system approach addresses the need to balance between cyber security protection and the need for business continuity.

IAI/ELTA also takes a proactive approach. The process starts with mapping national assets and vulnerabilities. The necessary systems are then put in place to achieve the following: 1) predict cyber-attacks; 2) monitor national cyber space and critical infrastructures; 3) provide tools for investigation and analysis; and 4) provide tools that facilitate collaboration and the sharing of information. IAI/ELTA also offers effective tools that facilitate the ongoing training and preparation of qualified cyber defense personnel.

Specific IAI/ELTA products that constitute essential building blocks to construct a robust, flexible cyber defense include: "CyConcerto", "CyScan", “CyFo” and "CyShare", which afford specific capabilities; together with "Tame Cyber Range", a comprehensive cyber training system.

"CyScan" is a proactive tool for the continuous automated monitoring and detection of attacks. It provides mapping of misconfigurations and vulnerabilities with IP resolving, configurable scanning profiles, and risk calculations. "CyShare" is a platform for collaboration and information sharing.

Supporting situational awareness

Based on social media and ISAC models, it supports situational awareness by distributing intelligence data, alerts, and incident reports via a secure social network whose members also benefit from significant National SOC resources. “CyFo” is IAI/ELTA’s multi-tier autonomous cyber forensics platform, allowing to effectively and efficiently conduct cyber forensics investigation and rapidly determine the necessary counter-measures. Finally, "TameRange" is a comprehensive solution that provides realistic up to date and effective cyber training.

The culmination of IAI/ELTA's extensive Cyber expertise and tools is manifested in the design and development of National Security Operations Centers (National SOC). Supporting a SOC-of-SOC architecture, IAI/ELTA's National SOCs perform continuous surveillance of the entire cyberspace, providing real-time situational awareness on a national level. Security incidents (timeline, geography etc.) and early-warning information are immediately and automatically disseminated to the relevant sectorial and organizational SOCs.

The highly autonomous platform assists high level decision-makers in determining the best method of countering and mitigating national level strategic cybersecurity issues. The most advanced techniques, including Machine Learning (ML) and Predictive Analytics are employed to detect anomalies and threats, provide timely alerts, generate cyber insights and disseminate them to end-users.

The National SOC's flexible system architecture enables the reuse and integration of the Customer's existing infrastructure and capabilities. This, together with effective know-how transfer, contributes to Customer independence.

With a portfolio of successful turnkey projects worldwide, IAI/ELTA has the proven capabilities, resources, innovative solutions, and experience to assist customers in achieving cyber resiliency at all levels.

For additional information, please contact us.