Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Digital Transformation. Show all posts

Canada’s Oil and Gas Sector Faces Rising Cybersecurity Threats Amid Digital Transformation

 

Canada’s oil and gas sector, a vital part of its economy, contributes approximately $120 billion, or about 5% of the country’s Gross Domestic Product (GDP). This industry not only drives economic growth but also supports essential services such as heating, transportation, and electricity generation, playing a crucial role in national security. However, the increasing digital transformation of Operational Technology (OT) within this sector has made it more vulnerable to cyber threats, according to a report by the Canadian Centre for Cyber Security.

A survey conducted by Statistics Canada revealed that around 25% of all Canadian oil and gas organizations reported experiencing a cyber incident in 2019. This is the highest rate of reported incidents among all critical infrastructure sectors, highlighting the urgent need for improved cybersecurity measures in Canada. While the digital transformation of OT systems enhances management and productivity, it also expands the attack surface for cyber actors, exposing these systems to various cyber threats.

The Canadian Centre for Cyber Security's report indicates that medium- to high-sophistication cyber threat actors are increasingly targeting organizations indirectly through their supply chains. This tactic enables attackers to gain valuable intellectual property and information about the target organization’s networks and OT systems. The reliance of large industrial asset operators on a diverse supply chain—including laboratories, manufacturers, vendors, and service providers—creates critical vulnerabilities that cyber actors can exploit to access otherwise protected IT and OT systems.

The report emphasizes that cybercriminals driven by financial gain pose the most significant threat to the oil and gas sector. Business Email Compromise (BEC) schemes and ransomware attacks are particularly prevalent. Although BEC is more common and costly, ransomware remains a primary concern due to its potential to disrupt the supply of oil and gas to customers.

The evolving cybercriminal ecosystem, including ransomware-as-a-service (RaaS) models, allows even less skilled attackers to launch sophisticated attacks, resulting in an increase in successful incidents targeting the sector. The report cites the Colonial Pipeline ransomware attack in May 2021 as a stark example of the potential consequences of such cyber incidents. This attack forced the shutdown of a major fuel pipeline in the U.S., leading to significant disruptions, panic buying, and price spikes. Similar incidents could occur in Canada, jeopardizing the supply of essential products and services.

Financial Implications of Data Breaches

The report also highlights the financial implications of cyber threats. The cost of a data breach can vary significantly, with estimates suggesting it can reach millions of dollars depending on the organization's size and nature. The potential for disruption or sabotage of OT systems poses a costly threat to owner-operators of large OT assets, impacting national security, public safety, and the economy.

The Canadian Centre for Cyber Security notes that the oil and gas sector attracts considerable attention from financially motivated cyber threat actors due to the high value of its assets. Cybercriminals target not only operational systems but also valuable intellectual property, business plans, and client information. Protecting these assets is crucial, as the disruption of operations could have far-reaching consequences.

In light of these threats, the report urges organizations within the oil and gas sector to prioritize cybersecurity investments and adopt a proactive approach to risk management. Continuous training and awareness programs for employees are essential to mitigate risks associated with human error, a significant factor in successful cyber attacks.

The Canadian Centre for Cyber Security stresses the need for collaboration between public and private sectors to combat cyber threats effectively. By sharing information and best practices, organizations can better prepare for and respond to cyber incidents.

Overall, the findings from the Canadian Centre for Cyber Security highlight the pressing need for enhanced cybersecurity measures within Canada’s oil and gas sector. With cyber threats on the rise, it is imperative for organizations to take proactive steps to safeguard their operations and ensure the resilience of this critical infrastructure. The time to act is now, as the stakes have never been higher in the fight against cybercrime

Shadow IT Surge Poses Growing Threat to Corporate Data Security

 


It was recently found that 93% of cybersecurity leaders have deployed generative artificial intelligence in their organizations, yet 34% of those implementing the technology have not taken steps to minimize security risks, according to a recent survey conducted by cybersecurity firm Splunk, which was previously reported by CFO Dive. 

In the coming years, digital transformation and cloud migration will become increasingly commonplace in every sector of the economy, raising the amount of data businesses must store, process and manage, as well as the amount of data they must manage. Even though external threats such as hacking, phishing, and ransomware are given a great deal of attention, it is equally critical for companies to manage their data internally to ensure data security is maintained. 

In an organization, shadow data is information that is not approved by the organization or overseen by it. An employee's use of applications, services, or devices that their employer has not approved can be considered a feature (or a bug?) of the modern workplace. Whether it is a cloud storage account, an unofficial collaboration tool, or an unsanctioned SaaS application, shadow data can be generated from a variety of sources. 

In general, shadow data is not accounted for in the security and compliance frameworks of organizations, which leaves a glaring blind spot in data protection strategies, which is why it poses the biggest challenge. A report by Splunk says, “Such thoughtful policies can help minimize data leakage and new vulnerabilities, but they cannot necessarily prevent a complete breach.” However, they can help minimize these risks. 

According to the study by Cyberhaven, AI adoption has been so rapid that knowledge workers are now putting more corporate data into AI tools on a Saturday and Sunday than they were putting into the AI tools during the middle of last year's workweek on average. This could mean that workers are using AI tools early on in the adoption cycle, even before the IT department is formally instructed to purchase them. 

The result would be the so-called 'shadow AI,' or the use of AI tools by employees through their accounts that are not sanctioned by the company, and maybe no one is even aware of it. Using AI in the workplace is gaining traction. The amount of corporate data workers are putting into AI tools has jumped by 485% from March 2023 to March 2024, and the trend is accelerating. There are 23.6% of tech workers in March 2024 who use AI tools for their work (the highest rate of any industry). 

It is estimated that only 4.7% of employees in the financial sector, 2.8% in the pharmaceuticals industry, and 0.6% in manufacturing industries use AI tools. The use of risky "shadow AI" accounts is growing as end users outpace corporate IT. There are 73.8% of ChatGPT users who use the application through non-corporate accounts. 

However, unlike enterprise versions of ChatGPT, the enterprise versions incorporate whatever information you share in public models as well. According to the data, the percentage of non-corporate accounts is even higher for Gemini (94.4%) and Bard (95.9%). AI products from the big three: OpenAI, Google, and Microsoft accounted for 96.0% of AI use at work. Research and development materials created by artificial intelligence-generated tools have been used in potentially risky ways currently. 

In March 2024, 3.4% of the materials were created by artificial intelligence-generated tools, which could potentially create a risk if patented materials were included. As a result, 3.2% of the insertions of source code are being generated by AI outside of traditional coding tools (which are equipped with enterprise-approved copilots for coding), which can potentially place the development of vulnerabilities at risk. 

In terms of graphics and design, 3.0% of the content is generated using AI. The problem here is that AI can be used to produce trademarked material which can pose a problem. IT administrators, security teams, and the protocols that are designed to ensure security are unable to see shadow data due to its invisibility. The fact that shadow data exists outside of the networks and systems that have been approved for data protection means that it can be bypassed easily by any protection measures put in place. 

The risk of a breach or leak when data is left unmonitored increases and does not only complicate compliance with regulations such as GDPR or HIPAA but also makes compliance with data protection laws harder. As such, an organization is not able to effectively manage all of its data assets due to an absence of visibility, resulting in a loss of efficiency and a risk of data redundancy. Shadow data poses various security risks, which include unauthorized access to sensitive data, breaches in data security, and the potential for sensitive information to be exfiltrated. 

Shadow data can be a threat from a compliance standpoint because it only requires a minimal amount of protection from inadequacies in data security. Furthermore, there is an additional risk of data loss when data is stored in unofficial locations, since such personal data may not be backed up or protected against deletion if it is accidentally deleted. The surge in Shadow IT poses significant risks to organizations, with potential repercussions that include financial penalties, reputational damage, and operational disruptions. 

It is crucial to understand the distinctions between Shadow IT and Shadow Data to effectively address these threats. Shadow IT refers to the unauthorized use of tools and technologies within an organization. These tools, often implemented without the knowledge or approval of the IT department, can create substantial security and compliance challenges. Conversely, shadow data pertains to the information assets that these unauthorized tools generate and manage.

This data, regardless of its source or storage location, introduces its own set of risks and requires separate strategies for protection. Addressing Shadow IT necessitates robust control and monitoring mechanisms to manage the use of unauthorized technologies. This involves implementing policies and systems to detect and regulate non-sanctioned IT tools, ensuring that all technological resources align with the organization's security and compliance standards. 

On the other hand, managing shadow data requires a focus on identifying and safeguarding the data itself. This involves comprehensive data governance practices that protect sensitive information, ensuring it is secure, regardless of how it is created or stored. Effective management of shadow data demands a thorough understanding of where this data resides, how it is accessed, and the potential vulnerabilities it may introduce. Recognizing the nuanced differences between Shadow IT and Shadow Data is essential for developing effective governance and security strategies. 

By clearly delineating between the tools and the data they produce, organizations can better tailor their approaches to mitigate the risks associated with each. This distinction allows for more targeted and efficient protection measures, ultimately enhancing the organization's overall security posture and compliance efforts.