September 3, 2019 | International, Security
By: Andrew Eversden
“What are you talking about now in cybersecurity that you weren't talking about six months ago?”
Fifth Domain posed this question to cybersecurity experts at Black Hat, a cybersecurity conference in Las Vegas, Nevada, that ran from Aug. 3-8. With the cyber domain rapidly evolving, we wanted to know how conversations within the cyber community are changing.
Some pointed to a new focus on utility systems and web-connected devices that sit on critical infrastructure.
“It's only a matter of time until there's another major disruption in an electric utility somewhere in the world, probably not in the U.S., but elsewhere,” Sergio Caltagirone, threat intelligence director at Dragos, said at the conference Aug. 5. “But oil and gas has the higher likelihood of a major destructive and loss-of-life event. And I think most people did not realize how close to that we actually were.”
Caltagirone was referring to the TRISIS event, malware that struck industrial control systems at a Saudi Arabian petrochemical plant and could've caused physical harm. He said that in the aftermath of that attack, threat researchers diving into the details realized just how bad it could've been.
“We started finding a lot of stuff which hadn't been found before,” Caltagirone said. “Which made us realize very quickly how close that space is to a major event.”
Dave Weinstein, chief security officer at Claroty, pointed to an “explosion” of devices connected to the internet of things..
“It's really a product of this general consensus among industrial organizations that the benefits exceed the costs in terms of embracing this type of digital transformation," Weinstein said Aug. 8, adding that organizations must be “mindful” of these devices and have a plan to mitigate their potential vulnerabilities.
Brian Costello, a senior vice president at Flashpoint, told Fifth Domain on Aug. 8 that he is more often than before focusing on targeted cyberattacks from bad actors. That's a shift away from “campaign-based” attacks that tracked.
There's “more planning out, more scoping out of targets and taking long-term planning to go after [a] particular target with a specific asset in mind,” Costello said.
Along that same vein, Julian Zottl, a senior cyber architect at Raytheon, said he's noticing more inclusion of all-source intelligence in threat analysis.
“We're looking at ... all the sources and trying to figure out indicators,” Zottl said Aug. 7. “[We're] even trying to do predictive analytics now, where it's like, ‘Oh, we see this threat might be coming.' I think that's something that we're starting to talk about more and more.”
Several cybersecurity professionals interviewed by Fifth Domain said the U.S. government is moving away from the classic cyber kill chain and over to the MITRE ATT&CK framework, which dives deeper into potential threats to information security.
“They used to think the hackers would just come in to steal secrets, conduct espionage and then leave,” said Tom Kellermann, chief cybersecurity officer at Carbon Black and a former commissioner on the Commission on Cyber Security for then-President Barack Obama.
“In fact, they're maintaining persistence in these systems. They're manipulating the integrity of data and then they're using federal government agencies themselves and personnel's devices themselves to target anyone who implicitly trusts that person, that agency, that department.” he told Fifth Domain on Aug. 6.
Chris Kennedy, chief information security officer at AttackIQ and a former official with the Treasury Department and the Marine Corps, said these new frameworks in use along with federal continuous monitoring programs allow for more attacker emulation, essentially simulating the attack agencies could face.
“Agencies are starting to realize the value of attacker emulation as a way to measure and benchmark the effectiveness of their security controls,” Kennedy said on Aug. 7.
And with government agencies in different stages of cloud migration, agencies will need to learn how that fits into their cybersecurity posture. Marten Mickos, CEO of white hat hacking company HackerOne, said this a new discussion. He also said the conversation surrounding the use of ethical hackers in government environments has evolved: The word “hacker” is becoming more accepted.
“I do think it signals a shift in mindset," Michos said. There's a realization that "those people who portray themselves as hackers are actually those who will rescue us, not those who will destroy us.”
Despite all the changing technology and evolving threats, one aspect of cybersecurity remains set in stone, said M. K. Palmore, a field chief security officer for the Americas at Palo Alto Networks and a recently retired FBI cyber agent.
“It's about adhering to cybersecurity fundamentals,” Palmore said. “That message hasn't changed regardless of my position or where I'm located.”
September 6, 2023 | International, Land, C4ISR
The MoU aims at leveraging IAI and BEL’s capabilities, and is in sync with the ‘Atmanirbhar Bharat’ and ‘Make in India’ policies of the Government of India.
July 15, 2024 | International, Land, C4ISR, Security
Helsing announced that it will make a strategic move to expand to Estonia to supply Ai capabilities to Nato's eastern flank.
March 16, 2020 | International, Aerospace
By Antoine Gelain Behind the big aerospace and defense (A&D) primes like Boeing and Airbus and the “Super Tier-1s” such as United Technologies (UTC) and GE, a very different type of company is shaping the global A&D industrial landscape in a way that may be even more impactful than high-profile UTC-Raytheon-type mergers. Companies such as Teledyne, TransDigm and Heico are the spearheads of a breed of A&D players dedicated to “components and subsystems,” with explicit and perfectly executed “horizontal” external growth strategies. Their track records are impressive: These three companies—with combined revenues of more than $10 billion—have collectively made close to 200 acquisitions and delivered more than 20% average annual growth rate in either profitability or share value over the last 20 years. Thanks to such returns and skyrocketing market valuations, they are able to outbid most other contenders when going after an acquisition target by leveraging the so-called “accretive effect.” This effect boosts the acquiring company's earnings per share, as long as the price paid for the target as a ratio of the enterprise value (EV) over its earnings before interest, taxes, depreciation and amortization (EBITDA) is lower than that of the acquiring firm. As it happens, the current EV/EBITDA ratio of the three above-mentioned companies stands at more than 18 (see graph). By comparison, most other A&D companies have an EV/EBITDA ratio in the 9-13 range. Such “buying power” is enhanced by operational synergies (for instance, in corporate overheads, sales and marketing), which immediately boost the profitability of the acquired company and can therefore be factored in the offer price. This gives them an additional edge against pure financial investors like private equity (PE) funds, which have historically been strong buyers of such component and subsystem businesses. Two recent deals in Europe (one still ongoing) illustrate this new balance of power. The first concerns Souriau-Sunbank, a $360 million-revenue specialist in interconnection technology for harsh environments. After being owned successively by two PE funds and bought by Esterline (now TransDigm) in 2011, it was again put up for sale last year. While expectations were that a PE fund would grab it, another industrial buyer, Eaton Corp., won the contest, paying the hefty price of $920 million (an EV/EBITDA multiple of 12). The second deal relates to a French company called Photonis, a world leader in night-vision technology for defense and space applications, for which Teledyne is apparently bidding—and offering a price 30% higher than the highest PE bid! These deals highlight the limits of the traditional private equity model (too short-term and too short-sighted) and why the “new predators”—all publicly listed companies—are in a much better position to continue to thrive. In fact, by combining “private equity-like growth in value with liquidity of a public market,” as TransDigm puts it, they are not only beating PE players at their own game, but they are also capturing a significant share of the A&D capital market by offering investors an attractive alternative to the traditional vertically integrated groups such as UTC, Thales or Safran. These groups are typically too busy focusing on large systems and equipment to realize that they would actually benefit from articulating a proper “component and subsystem” strategy. They would benefit not only because their portfolios are still full of such businesses, but also because their long-term competitiveness largely depends on their ability to nurture a strong network of strategic suppliers, in terms of both criticality for their own systems and national sovereignty. As it happens, Photonis seems to be such a strategic supplier, since the current French government just announced it would veto the Teledyne deal, hoping to give other French or European companies or investors time to make a competitive offer for the business. But because PE funds, at least in Europe, are somewhat faint-hearted when it comes to ambitious sector-specific “horizontal” portfolio strategies, and because Europe has no industrial player able to compete with the likes of Teledyne, the outcome of the process is still highly uncertain. In any case, Teledyne, Heico, Transdigm and similar companies are surreptitiously reshaping the A&D industrial landscape by buying technological nuggets and component businesses left and right, on both sides of the Atlantic. In the process, they are boosting their shareholders' returns and changing the balance of power with both traditional private equity investors and large vertically integrated A&D groups. As the saying goes: One man's meat is another man's poison. https://aviationweek.com/aerospace/manufacturing-supply-chain/opinion-how-new-predators-are-reshaping-aerospace-landscape