• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Critical Infrastructure   »   The OAS and Trend Micro: Building a More Secure Critical Infrastructure for the Americas

The OAS and Trend Micro: Building a More Secure Critical Infrastructure for the Americas

  • Posted on:April 28, 2015
  • Posted in:Critical Infrastructure, Security, Targeted Attacks
  • Posted by:
    Organization of American States (OAS)
0

The Internet has without doubt transformed the way we live and work today – changing lives around the world for the better. But whenever a new opportunity arises, new threats to exploit it are quick to follow.

Critical infrastructure is a growing area of concern for governments and private providers everywhere. These important systems have suffered from a historic lack of awareness and investment in cyber security and represent an increasingly attractive target for hackers around the world.

The Organization of American States (OAS) has teamed up with cyber security leader Trend Micro to underscore how vulnerable critical infrastructure in the Americas is to cyber-attacks. With our newly released report, we hope to improve awareness of the key threats and foster greater collaboration between OAS members and public and private sectors.

What is OAS?

The OAS is the world’s oldest regional organization, bringing together all 35 independent states of the Americas. Our mission is to improve democracy, human rights, security, and development throughout the hemisphere, through collaboration and mutual understanding. The OAS Cyber Security Program aims to establish lasting partnerships with governments, the private sector and civil society to raise security awareness among end users and promote the development of national cyber security strategies and frameworks.

We also work to strengthen our Member States’ incident response capacity though crisis management exercises; technical training; the establishment and management of Computer Security Incident Response Teams (CSIRTs); and information-sharing mechanisms between these CSIRTs and other security related authorities. The OAS Cyber Security Program is also developing a virtual Hemispheric Network of CSIRTs, which will facilitate real-time communication and information-sharing between CSIRTs in the Americas.

Only by working together can we defeat an agile, well-resourced and increasingly sophisticated cyber foe. As stated by Neil Klopfenstein, Executive Secretary of the Secretariat of the Inter-American Committee against Terrorism (CICTE), “this report reinforces the need to continue to strengthen the protection of critical infrastructure in our Member States, while highlighting the need to collaborate and share information to collectively address cyber security concerns and to promote a safe and resilient cyberspace for all.”

The problem with Critical National Infrastructure – CNI

Critical infrastructure is often thought of as a monolithic, government-led industry focused on providing electricity, heat and water for citizens. In reality it includes everything from banking and healthcare to communications, transportation and food production. As such, more than 80 percent of most countries’ critical national infrastructure (CNI) in the Americas is actually run by private firms. This is why it is so important for the OAS to actively build relationships with this sector.

In many OAS member countries, CNI is vulnerable to cyber-attack because of ageing IT systems and outdated security fixes which do not provide lasting solutions to advanced and future threats. In the past, CNI systems largely escaped attention as they were not connected to the Internet. But today most CNI systems are – and are much more exposed. Cyber criminals operating largely under the cloak of internet-based anonymity launch their attacks at will from all corners of the globe.

Because such infrastructure is critical, the stakes are raised about as high as they can go. Any successful raid on a CNI firm can have devastating repercussions for a nation.

Some key trends

To produce this revealing report, the OAS joined Trend Micro to interview more than 20 member states (total of 575 respondents). We were able to gain an unprecedented level of insight into the main threat trends facing CNI firms in this region. The heads of security in key CNIs in the Hemisphere are clearly concerned. More than half (53%) said CNI cyber-attacks have increased over the previous year, and three fourths claim the attacks have grown more sophisticated.

Here are a few brief highlights from the report:

  • Phishing was the most common cyber-attack method (71%) in the Americas followed by exploiting unpatched flaws (50%)
  • Most countries feel “somewhat prepared” for a cyber incident, but only half (52%) have cyber incident response plans in place
  • The majority claim budgets are not rising fast enough to deal with threats to CNI systems
  • Less than a quarter says they are discussing the cyber resilience of critical infrastructure systems with their governments.

 Please add your thoughts in the comments below or follow us on Twitter; @OAS_official.

Related posts:

  1. Critical Infrastructure Under Attack: The Vulnerability of Converged IT-ICS Networks
  2. Building a truly secure Cloud with Dell and Trend Micro
  3. Taking the Fight to Critical Infrastructure Hackers in Latin America
  4. Safeguarding the Nation’s Critical Infrastructure

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.