Interpol claims an international policing operation has shuttered 22,000 IPs connected with cybercrime
Yearly Archives: 2024
Enhancing Cyber Resilience in Energy and Utilities Organizations
2024 Cyber Resilience Research Unveils Energy and Utilities Industry Challenges
New data illuminates how energy and utilities leaders can prioritize resilience.
Energy and utilities organizations find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to utility providers.
One of the foremost obstacles is the disconnect between senior executives and cybersecurity priorities. Despite recognizing cyber resilience as a crucial imperative, many energy and utilities organizations struggle to secure the support and resources from top leadership. This lack of engagement hinders progress and leaves institutions vulnerable to potential breaches.
Meanwhile, technology continues to advance at an astonishingly rapid rate, as do the risks posed by cyber threats. The 2024 LevelBlue Futures™ Report reveals this delicate balancing act between innovation and security within the energy and utilities industry. Our comprehensive analysis identifies opportunities for deeper alignment between executive leadership and technical teams.
The Elusive Quest for Cyber Resilience in Energy and Utilities
Imagine a world where energy and utilities organizations are impervious to cyber threats—where every aspect of an operation is fortified against disruptions. This is the lofty ideal of cyber resilience, yet it remains an elusive goal for many energy and utilities providers. The rapid evolution of computing has transformed the IT landscape, blurring the lines between legacy systems, cloud computing, and digital transformation initiatives. While these advancements bring undeniable benefits, they also introduce unprecedented risks.
Our research indicates that 85% of energy and utilities IT leaders acknowledge and agree that dynamic computing increases their risk exposure. In a world where cybercriminals are becoming increasingly sophisticated, the need for cyber resilience has never been more urgent. From ransomware attacks to crippling DDoS incidents, energy and utilities organizations operate in a climate where a single breach can have catastrophic and cascading consequences.
Exploring the Relationship Between Leadership and Cyber Resilience
Our survey of 1,050 C-suite and senior executives, including 150 from the energy and utilities industry across 18 countries, highlights the pressing need for cyber resilience. The report is designed to foster thoughtful discussions about vulnerabilities and improvement opportunities.
In the report, you’ll:
Discover why energy and utilities leaders and technology teams must prioritize cyber resilience.
Learn about the critical barriers to achieving cyber resilience.
Uncover the importance of business context and operational issues in prioritizing resilience.
Recognizing the Imperative of Cyber Resilience
Energy and utilities leaders are called to chart a course toward greater security and preparedness. Reacting to cyber threats as they arise is no longer enough; organizations must proactively bolster their defenses and cultivate a culture of resilience from within.
Our research delves into the multifaceted challenges facing energy and utilities organizations in their quest for cyber resilience. From limited visibility into IT estates to the complexity of integrating new technologies with legacy systems, energy and utilities providers grapple with deep-seated barriers that hinder their ability to withstand cyber threats.
ZDI-24-1457: Delta Electronics InfraSuite Device Master _gExtraInfo Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-10456.
ZDI-24-1458: Centreon updateContactServiceCommands_MC SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.7. The following CVEs are assigned: CVE-2024-39842.
ZDI-24-1459: Centreon updateAccessGroupLinks_MC SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.7. The following CVEs are assigned: CVE-2024-39843.
ZDI-24-1460: Centreon updateContactHostCommands_MC SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.7. The following CVEs are assigned: CVE-2024-39842.