Meet Awen Collective at InfoSec Europe - 4-6 June 2019

08E57519-45BE-44B4-AF47-CF93FC7F0E3B.JPG

The Awen Collective team will be at Information Security Europe (InfoSec) in London, at the Olympia, from the 4th to the 6th June 2019. You will be able to find out more about us, and talk with us, at the Welsh Government stand at Stand Q75. Tickets for InfoSec 2019 are free prior to the first day of the event, so book in advance. The event buzzes every year, with a passion for cyber-security, it is truly a must-see in the UK..

Our CEO & CTO will be around for meetings on the afternoon and evening of the 4th June, and the rest of the team will be able to answer any general questions on the 5th and 6th June. To set up a meeting in advance, please email hello@awencollective.com with the subject line InfoSec 2019 and we will confirm as soon as we can.

Cyber Attacks on OT on the rise, and why we should be concerned

Last week, cyber security experts Fortinet published a report on security trends within Operational Technology, again putting the spotlight on these highly vulnerable and increasingly attacked systems, many of which are responsible for providing critical services to society worldwide.

There was an indication that bespoke OT cyber attacks are on the increase, targeting specific vulnerabilities within SCADA and ICS systems. Whilst this is certainly a serious concern, almost more shocking is that the majority of attacks on OT systems are via IT-based legacy attacks which would no longer be effective on modern IT systems. These OT systems are comprised of aging hardware, running unpatched software, and leaving them highly vulnerable to even basic IT-based cyber attacks. This leads to an ability for bad-actors to be able to effectively disable an OT environment with no specialist or prior knowledge of the specific systems involved - leaving no specific ICS/SCADA devices secure, regardless of vendor, software or hardware involved.

There also seems to be continued ongoing neglect of basic cyber-hygiene within ICS and SCADA environments, with almost a third of OT devices directly connected to the internet, and another third accessible from the internet via the IT enterprise. Whilst there is an acknowledgement that there are many benefits from connecting the OT environment to the IT network to increase efficiencies and visibility, leading to optimisations and significant cost savings, these are in direct opposition to the increased security risk. These findings seem to point towards a scenario where potential cost savings are considered above the cyber-risk by the decision makers within these organisations, leading to the highly vulnerable situation that Fortinet are now reporting on.

To add to this, it is reported that more than 8 in 10 respondents to a survey stated that they are unable to identify all the devices connected to their OT and IT networks. How can OT operators begin to mitigate the cyber risk within their environments when they don’t even have the visibility into the devices they need to protect? This is something we are keenly aware of at Awen Collective, and we’re here to help. Our asset and risk discovery software, Dot, exists to provide a deep level of understanding of an OT environment, highlighting key concerns and helping cyber security, OT engineering and corporate compliance teams to manage their responsibilities with the best information available to them.

What the report doesn’t focus upon is the environments where these systems are operating, and the potential affects on the operators and their clients. Whilst many these systems exist within manufacturing facilities, and naturally there are huge costs associated with attacks within the manufacturing sector, there is more at play here than just monetary loss by large-scale manufacturers. ICS and SCADA systems are a key part of how providers of critical national infrastructure deliver their services to society. This includes the provision of electricity, water, sewerage, transportation and healthcare. If any of these services were interrupted or disabled due to a cyber attack, there’s a strong likelihood of widespread disruption, potentially leading to societal destabilisation and loss of life.

There has been an effort by EU legislators to address this concern, introducing the NIS Directive and ensuring that all EU states bring into law that critical national infrastructure operators are considering their cyber security across their entire IT and OT estates, and embedding good cyber security practice at all levels of their organisations. Based on this report, there should be some significant hurdles for CNI operators to overcome to get themselves entirely compliant with the directive. With fines of £17 million or 4% of annual turnover due to be levied against operators not found to be compliant, it should be a strong wake-up call for business decision-makers across CNI organisations. To help, Awen Collective offers Profile – a compliance checking tool for the NIS Directive, allowing a CNI organisation to easily and quickly determine their current compliance level, identify weaknesses to overcome and get advice on next steps.

We’re thankful to Fortinet for their report, and we’re looking forward to continuing to help ICS and SCADA operators solve the cyber security issues they have. If you’re looking for cyber security solutions for your OT environment, reach out to us at hello@awencollective.com.

Industrial communications at risk of cyber-attacks

There are 3 million companies using the WhatsApp Business app across the globe, and 1.5 billion individuals using the original WhatsApp app for a mixture of business and personal use [1]. Its ease of use combined with its advertised end-to end encryption and the fact that it is a subsidiary of Facebook mean that people trust it for their daily communication.

Unfortunately, an exploit was found in WhatsApp which led to a cyber-attack on a UK-based attorney on the 12th May 2019 [2]. The vulnerability allows malicious code to be deployed on the receiving device, which could lead to further exploitation, in this case spyware which allows read-write access to the device. The vulnerability was patched, and updates released on various mobile operating systems by Monday 14th May 2019. Always ensure that you regularly check updates to your mobile applications.

While WhatsApp is probably not being used for operational communication within Advanced Manufacturing & Critical Infrastructure, the culture of Bring Your Own Device (BYOD) is increasing. These devices may be used for a mixture of personal and business communications, which in some cases may lead to a conflict with GDPR [3]. They may or may not be connected to the business WiFi, which in may mean that vulnerabilities and exploitations are present within the corporate networks. We urge organisations, especially those who use highly connected devices, such as automation devices, to look at their cyber-threat risks, and to mitigate them – not necessarily by banning devices, but by ensuring adequate education of staff and contractors.

Another option, of course, may be to avoid the use of WhatsApp within business altogether, perhaps using well-supported secure communications software such as Novastone [4], who are our fellows of the first cohort of the Tech Nation Cyber programme [5], or by promoting the use of an alternative secure communications system such as the open-source Signal [6]. Whichever communication technology is used, risks must always be considered, especially attempting to mitigate unknown-unknown vulnerabilities.

At Awen Collective we have developed our Dot software to specifically look for devices on an operational network within industrial control networks or building control networks. We use specially developed safety-critical techniques to automatically discover devices on the network, and assess their vulnerabilities. Find out more about Dot and contact us today.

Sources & Links – all last accessed 16th May 2019

[1] https://99firms.com/blog/whatsapp-statistics/  

[2] https://www.cityam.com/277567/whatsapp-hack-tech-giant-urges-15bn-users-update-app-after

[3] https://www.thebci.org/news/are-whatsapp-and-gdpr-on-a-collision-course.html

[4] https://www.novastonemedia.com/

[5] https://technation.io/programmes/cyber-security/

[6] https://signal.org/

[7] Official CVE from Facebook/WhatsApp: https://www.facebook.com/security/advisories/cve-2019-3568

Awen Collective wins a place on the Tech Nation Cyber programme

The 1st Cohort for the Tech Nation Cyber programme has been announced and consists of the 20 leading Cyber-Security companies across the United Kingdom. We have the pleasure to announce that Awen Collective is in this wonderful scale-up programme.

We are very excited about this opportunity, which will help us to build on the fantastic work that our team at Awen Collective have done so far, and to assist with scaling and growth, marketing and international expansion. This programme will help us to address Digital Forensics & Incident Response within Critical Infrastructure & Manufacturing, not just within the UK and EU, but across the whole world.

We are looking forward to the launch event in the Cotswolds at the beginning of May, where we will connect and re-connect with the other companies in this inaugural cohort, as well as the cyber-security leaders who will be assisting with the workshops and events.

We are looking forward to working with all of the cohort members, which include our fellow South Wales Cyber Cluster member Fortium Technologies, and the company that won the NCSC/DCMS Cyber Dragons Den the year before we did iProov.

The announcement has been made on the Tech Nation blog, and has also been published on Information Age. Plus you can follow the news on Twitter with the hashtag #TechNationCyber.

To learn more about the products and services at Awen Collective please visit the rest of our website. Or contact us directly by emailing hello@awencollective.com , we would love to hear from you.

“We are delighted to have been chosen for the first cohort of the Tech Nation Cyber programme. We are excited to get started and continue to grow with the support from this wonderful programme and we look forward to establishing new business alongside our fellow cohort members.”
— Daniel Lewis, CEO and Cofounder, Awen Collective
“Cyber security represents an increasingly important part of our daily lives, and Wales already plays a leading role in keeping our data and systems safe while training up the next generation of experts. This programme will initially support two Welsh companies in Caerphilly and Cardiff in developing their potential and I look forward to seeing other companies from across Wales getting involved in the future.”
— Kevin Foster MP, UK Government Minister for Wales
“In recent years the success for a handful of UK Cyber Security innovators is more than could be imagined. They have enhanced the nation’s reputation for producing world-class technology, while also helping to pave the way for many more startups hoping to follow suit. Concurrently the market for cyber security is continuing to grow at a rapid pace and this conspires to make our cohort of scaleups exciting ones to watch.”
— Ollie Bone, Cyber Programme Lead at Tech Nation
Follow the news about the programme on Twitter through #TechNationCyber

Follow the news about the programme on Twitter through #TechNationCyber

Our opinions on Davos 2019

The theme of the 2019 annual meeting of the World Economic Forum [WEF], colloquially known as Davos 2019, was “Globalization 4.0.”

Topics such as Industry 4.0 (or the “Fourth Industrial Revolution” [4IR]), Cyber-Security and Artificial Intelligence & Automation played a big part of the conversation at Davos this year. These are topics which are at the very core of our business at Awen Collective, and so we felt compelled to talk about these particular WEF discussions.

Industry 4.0

The article on “4 myths about manufacturing in the Fourth Industrial Revolution” is a good discussion on industry 4.0 technologies, and highlights that they are a good option for upgrading the factory floor to become more cost effective. It touches on the worries over replacing human workers with robotics. It discusses the need for thinking about business sustainability. It also discusses that industry 4.0 technologies are not just for large organisations, but can also be taken up by Small & Medium sized Enterprises [SMEs]. The associated whitepaper is also an interesting read (PDF).

While this is great - and detailing the uptake of industry 4.0 technologies is something that we applaud -  the article fails to mention that a combination of old and new technologies, and the convergence of information technologies [IT] and operations technologies [OT] can increase vulnerabilities. Often the risk associated with these vulnerabilities will need to be managed and mitigated by different teams within an organisation, and for all levels of an organisation, from factory floor workers through to board level directors. Awen Collective can assist with asset and risk discovery through Dot, which specifically supports industrial networks – regardless of whether the network of assets are old or new, IT or OT. At Awen Collective, we want old and new, IT and OT, to be connected - it leads to great insights and increased efficiency - but we want it to be done in a way that is secure and safe.

Cyber-Security

We are pleased to hear that among the top 3 priorities for CEOs in 2019 is cyber-security. This isn’t just because of the privacy and data protection requirements in Europe (from the General Data Protection Regulation [GDPR]), but is also because of the increase in publicised cyber-attacks which disrupt business continuity. One of the articles conclusions is that for business owners, there is a “near certainty of a cyber attack on their business”, which combined with other challenges will “stretch them more than any previous generation of business leaders.” At Awen Collective, we delight in hearing that board level executives are knowledgeable of the problem and are actively seeking solutions to mitigate their cyber-vulnerabilities. We work with all levels of an organisation to ensure that cyber-security policies are in place, and that an organisation is ready for incident response and digital forensics.

Ken Xie, of Fortinet, highlights to the WEF, the need for more cyber-security professionals and for increasing their skill capabilities to match the increase in cyber-threats. He suggests potential paths to take to ensure that the gap is filled. This is certainly a worry of every organisation within cyber-security, and we thank Ken for raising this issue at Davos.

Awen Collective is based in just north of Cardiff in South Wales. We have great access to graduates and staff of high quality cyber-security and digital forensics departments from the University of South Wales and Cardiff University. We are also not too far from Swansea University who are making great leaps in researching and commercialising the interdisciplinary aspects of computer science and law. Also, South Wales cyber-cluster is one of the strongest cyber-security clusters in the United Kingdom, and is well-known across Europe. The cluster has a great relationship with academia and industry, public and private sector – with particular geographical closeness to large organisations in aerospace, defence and the intelligence services. With such good access to talent - we are very well placed, for the foreseeable future, to provide good quality digital forensics & incident response software and services to the entire world.

 Artificial Intelligence

Artificial Intelligence is an interesting one, because it is increasingly powering technologies relevant to us, including robotics in assembly lines and predictive maintenance. It also includes the subject of data mining, which is one component of a future product of ours.

Davos 2019 has two particular AI related threads which are interesting to us:

 In conclusion

Globalisation 4.0 is a great theme. Even as an SME we are international-focused. To repurpose some of the points of the WEF article on “what the world thinks of Globalization 4.0”: We strongly believe that we need collaborate with other organisations (large, small, clients, partners, competitors, governments). We see ourselves as offering one part (a subset of solutions) in a larger puzzle (the problem of cyber-security in critical infrastructure & manufacturing). We believe that we have an internationalised solution to a global problem, and so international cooperation is not just beneficial but essential – we are doing it in the UK, we’re getting traction in the EU and we are working with potential partners internationally.

Contact us now if you would like to collaborate to solve a problem with Digital Forensics & Incident Response within industrial organisations such as critical infrastructures or manufacturing.

Awen Kicks Off 2019!

Happy New Year! The Awen Collective team have been very busy since the start of 2019, including the release of Profile, our compliance checking tool for the NIS Directive, and the announcement of our next exciting product, Dot. Dot is an asset and risk discovery tool, build specifically for OT systems - directly addressing the challenges faced by operators of ICS networks and devices.

We took both Profile and Dot along with us to speak to some wonderful delegates from across Europe at the CEE Cyber Showcase in Vienna, to great reception. We’d like to thank everyone who came to listen to our presentations on Cyber Security and Incident Response in Critical National Infrastructure, and Asset Discovery and Incident Response Planning in Critical National Infrastructure, and those who visited our stand for a chat. Thank you also to Miles and the team at the Department for International Trade Austria, and their colleagues across Europe for running a very successful event.

We also had an article published in Information Age, with our CEO, Daniel, discussing how cyber-protection is evolving to meet NIS requirement in the utility sector.

We have many other exciting things on the horizon for Awen Collective - we’re looking forward to sharing more information soon!

As usual, if you would like contact us about any of our Products, Services or have any general queries about Digital Forensics & Incident Response then please do contact us now.

CEO, Daniel Lewis at CEE Cyber Showcase in Vienna - January 2019.

CEO, Daniel Lewis at CEE Cyber Showcase in Vienna - January 2019.

Nadolig Llawen

We have recently moved office to Welsh ICE in Caerphilly and are enjoying the new space and community.

With the launch of the closed beta testing of the Profile tool it is time for a brief update!

Profile is our Cyber Assessment Framework (“CAF”) testing tool which ensures critical infrastructure operators are compliant to the EU Network & Information Systems Directive on Security (“NIS Directive”). The tool has been in development for several months and has gone through various iterations and we have launched the closed beta.

With recent successes on various projects including a paid Proof-of-Concept, more projects due to start the in the new year and an expanding team, we look forward to the months ahead. 

Merry Christmas and a Happy New Year from everyone at Awen Collective!