Redefining CyberSecurity

In this Brand Story episode, Sean Martin, along with Gabi Stapel and Erez Hasson from Imperva, explores the complex landscape of retail web and mobile security and the increasing role of AI-enabled bots (both good and bad) in e-commerce and the potential threats they pose.

Gabi and Erez highlight how these bots can exploit business logic and application capabilities, leading to new account fraud, account takeover, and price manipulation. They emphasize the importance of layered security and anomaly detection as key strategies to counter these threats.

The discussion also explores the need for businesses to differentiate between human and bot traffic. Gabi and Erez point out the potential backlash from legitimate users when bots buy and deplete inventory, and the subsequent impact on customer experience and the company's reputation. They also touch on the importance of monitoring the total value of the cart, as bots tend to purchase single items, resulting in net losses for the retailer.

The conversation further delves into the global and local aspects of commerce, including regulatory considerations like PCI DSS. Gabi and Erez discuss the upcoming changes in PCI DSS v4, which requires retailers to focus on managing scripts and changes to payment pages to prevent data breaches.

The episode also offers valuable insights for both large-scale and smaller retailers. Gabi and Erez underscore the importance of staying on top of security and vulnerabilities, regardless of the size of the business. They provide practical advice for retailers, such as implementing a waiting room web page or a raffle system for big sales events, and auditing purchases for limited product drops.

This episode is a must-listen for anyone involved in e-commerce and cybersecurity, providing a comprehensive understanding of the evolving landscape of cyber threats in the retail industry.

Note: This story contains promotional content. Learn more.

Guests:

Gabi Stapel, Cybersecurity Threat Research Content Manager at Imperva [@Imperva]

On LinkedIn | https://www.linkedin.com/in/gabriella-stapel/

On Twitter | https://twitter.com/GabiStapel

Erez Hasson, Product Marketing Manager at Imperva [@Imperva]

On LinkedIn | https://www.linkedin.com/in/erezh/

Resources

Learn more about Imperva and their offering: https://itspm.ag/imperva277117988

Catch more stories from Imperva at https://www.itspmagazine.com/directory/imperva

Blog | Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season: https://itspm.ag/impervkb2g

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

In the hilarious yet insightful tale, join the eccentric Dr. Frankenstream and his quirky assistant Igor, as they bring an AI system to life, only to face unexpected challenges and hilarious missteps. Discover how they, along with cybersecurity expert Inga, navigate the perils of modern technology, reminding us of the crucial balance between innovation and responsibility.

________

This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.

Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.

Sincerely, Sean Martin and TAPE3

________

Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.

TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Guest: Fahad Mughal, Senior Cyber Solutions Architect - Security

On LinkedIn | https://www.linkedin.com/in/fahadmughal/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

View This Show's Sponsors

___________________________

Episode Notes

Modern railway systems are increasingly digital, integrating operational technology (OT) to enhance efficiency, reliability, and safety. However, as railways adopt automated and interconnected systems, they also become more vulnerable to cyber threats. In this episode of Redefining Cybersecurity on ITSP Magazine, host Sean Martin speaks with Fahad Ali Mughal, a cybersecurity professional with extensive experience in OT security architecture, about the challenges and priorities of securing railway infrastructure.

The Growing Role of Cybersecurity in Railways

Railway systems have evolved from steam-powered locomotives to autonomous, driverless trains that rely on sophisticated digital controls. OT now plays a crucial role in managing train operations, signaling, interlocking, and trackside equipment. These advancements improve efficiency but also expose railway networks to cyber threats that can disrupt service, compromise safety, and even impact national security.

Unlike traditional IT environments, where the focus is on confidentiality, integrity, and availability (CIA), OT in railways prioritizes reliability, availability, and public safety. Ensuring the safe movement of trains requires a cybersecurity strategy tailored to the unique needs of railway infrastructure.

Critical OT Systems in Railways

Mughal highlights key OT components in railways that require cybersecurity protection:

• Signaling Systems: These function like traffic lights for trains, ensuring safe distances between locomotives. Modern communication-based train control (CBTC) and European Rail Traffic Management Systems (ERTMS) are vulnerable to cyber intrusions.

• Interlocking Systems: These systems prevent conflicting train movements, ensuring safe operations. As they become digitized, cyber risks increase.

• Onboard OT Systems: Automatic Train Control (ATC) regulates speed and ensures compliance with signaling instructions. A cyberattack could manipulate these controls.

• SCADA Systems: Supervisory Control and Data Acquisition (SCADA) systems oversee infrastructure operations. Any compromise here can impact an entire railway network.

• Safety-Critical Systems: Fail-safe mechanisms like automatic braking and failover controls are vital in preventing catastrophic accidents.

The increasing digitization and interconnection of these systems expand the attack surface, making cybersecurity a top priority for railway operators.

Real-World Cyber Threats in Railways

Mughal discusses several significant cyber incidents that highlight vulnerabilities in railway cybersecurity:

• 2023 Poland Attack: Nation-state actors exploited vulnerabilities in railway radio communication systems to send unauthorized emergency stop commands, halting trains across the country. The attack exposed weaknesses in authentication and encryption within OT communication protocols.

• 2021 Iran Railway Incident: Hackers breached Iran’s railway scheduling and digital message board systems, displaying fake messages and causing widespread confusion. While safety-critical OT systems remained unaffected, the attack disrupted operations and damaged public trust.

• 2016 San Francisco Muni Ransomware Attack: A ransomware attack crippled the fare and scheduling system, leading to free rides for passengers and operational delays. Though IT systems were the primary target, the impact on OT operations was evident.

These incidents underscore the urgent need for stronger authentication, encryption, and IT-OT segmentation to protect railway infrastructure.

Cybersecurity Standards and Best Practices for Railways (links to resources below)

To build resilient railway cybersecurity, Mughal emphasizes the importance of internatio...

We pack a lot into this conversation, looking at what to learn, how to learn, and who to learn from, getting a fantastic overview of the conference from many angles and positions.

*Threat intelligence*
*Development processes*
*Cyber security M&A market*
*Sales*
*Marketing messaging*
*Cyber law*
*Standards*

Tune in to this conversation as we wrap up our coverage of RSA Conference 2022. Be sure to listen to all of the conversation we had before, during, and after the event.

Be sure to catch all of our conversations from Black Hat and DEF CON 2022 as well.

____________________________

Guest
Eward Driehuis
Founder at 3Eyes Security and Chairman at CSIRT.global
On LinkedIn | https://www.linkedin.com/in/ewarddriehuis/
On Twitter | https://twitter.com/e3huis
____________________________

This Episode’s Sponsors

HITRUST: 👉 https://itspm.ag/itsphitweb

CrowdSec: 👉 https://itspm.ag/crowdsec-b1vp

Blue Lava: 👉 https://itspm.ag/blue-lava-w2qs

BlackCloak 👉 https://itspm.ag/itspbcweb

AppViewX 👉 https://itspm.ag/appviewx-cbye

Checkmarx 👉 https://itspm.ag/checkmarx-i9o5

____________________________

Resources

LinkedIn post summing up the discussion points: https://www.linkedin.com/posts/ewarddriehuis_this-is-going-to-be-a-long-post-on-my-lessons-activity-6941702693895725056-H1YA

Learn more about RSA Conference 2022: https://itspm.ag/rsac-b8ef76

____________________________

For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2022-rsac-san-francisco-usa-cybersecurity-event-coverage

Be sure to catch all of the conversations for the Black Hat and DEF CON conferences in Las Vegas: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverage

To see and hear more Redefining Security content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships

Are you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?
👉 https://itspm.ag/bhdc22sp

In this Their Story podcast, Sean Martin talks with Matthew Vinton and Sergey Medved from Quest about the challenges associated with Active Directory (AD) and the importance of these systems in a company's overall security methodology and posture.

Active Directory remains an integral part of an organization’s IT infrastructure as it is the pillar of identity that most organizations use to enable their workforce, partners, and business processes. The trio discusses how Quest helps companies manage their AD environment across a variety of functional areas like assessing the environment, detecting changes, putting in preventive controls, and guiding response and recovery.

They also cover the growing challenges security leaders face concerning AD and the gap between the people in the trenches and business leaders who may not understand the inherent importance of AD. Exacerbating this reality is the ongoing security talent shortage, where few new entries into the field learn the technology as it is not as forward-looking when compared to Azure.

About the Cybersecurity risk management for Active Directory from Quest

Microsoft Active Directory (AD) is under attack. That’s why cybersecurity risk management is so important. With 95 million attempted AD attacks every day, it should be no surprise to hear AD was the target of another cybercrime. But these concerns aren’t contained to on-prem AD; in 2021 alone, there were more than 25 billion Azure AD attacks. It’s clear cybersecurity risk management needs to be a consideration, and even if the issues you’ve encountered aren’t intentional or nefarious, you still need to be prepared for the worst.

Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-story

Guests:

Matthew Vinton, Strategic Systems Consultant at Quest [@Quest]

On Linkedin | https://www.linkedin.com/in/matthew-vinton/

On Twitter | https://twitter.com/Mister_momentum

Sergey Medved, VP, Product Management and Marketing at Quest [@Quest]

On Linkedin | https://www.linkedin.com/in/sergeym/

Resources

Learn more about Quest: https://itspm.ag/quest-adp23

Learn more about the Quest Cybersecurity for Active Directory Solution: https://itspm.ag/quest-pp49

For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverage

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story