Siemens USA- Experts & Thought Leaders

Latest Siemens USA news & announcements

SaaS Alerts highlights key BEC protection strategies for MSPs

Business email compromise (BEC) attacks involve manipulating or impersonating email accounts to deceive employees, often leading to financial fraud, breaches or data loss. According to Verizon, BEC attacks doubled last year and comprised nearly 60% of all social engineering incidents. To deal with this growing frequency of BEC attacks, MSPs need advanced strategies, such as user behaviour analysis and employee training programs. Let’s look at the key BEC protection strategies for MSPs. What are BEC attacks? BEC attacks are a sophisticated form of cyber threat where malicious actors exploit email communication BEC attacks are a sophisticated form of cyber threat where malicious actors exploit and manipulate email communication within an organisation. These attacks typically target individuals with access to sensitive information or financial transactions or those in positions of authority. These scams rely on social engineering tactics like phishing attacks, domain spoofing, impersonation of executives and urgent requests. The importance of BEC protection strategies By offering robust BEC protection services, enterprises can protect their clients from the following consequences.  Financial losses One of the most immediate and significant impacts of a BEC attack is financial loss. Cybercriminals may successfully manipulate employees into making unauthorised wire transfers or redirecting funds to fraudulent accounts or other financial scams, resulting in direct monetary losses for the organisation. Victims of a BEC attack also face an increase in premiums for their cyber insurance or challenges in renewing their policies after the incident. Operational disruptions In response to a BEC attack, clients may need to temporarily shut down or restrict access to certain IT systems to conduct thorough investigations, implement security patches and remove malicious elements. This downtime can disrupt regular business operations and impact revenue. In fact, unplanned downtime costs Fortune Global 500 companies 11% of their yearly turnover — around $1.5 trillion, per Siemens. Reputational damage Diminished investor confidence impacts the ability to attract funding When clients and partners discover that an organisation has fallen victim to manipulation and deception, they question the company’s ability to conduct secure business transactions. Diminished investor confidence impacts the ability to attract funding, with publicly traded companies seeing a short-term drop in market value. Comparitech found that the share prices of compromised companies experience an average drop of 3.5% after a cyber-attack. Regulatory consequences A BEC attack leads to non-compliance with industry-specific regulations, such as HIPAA in the healthcare sector and PCI DSS in the financial industry. Regulatory authorities often have the power to impose hefty fines for non-compliance with data protection and privacy regulations.  Top four strategies for improved business email compromise protection BEC protection requires a comprehensive and multi-layered approach. Here are four key strategies to get started with BEC security: 1. Awareness and training Employees open almost 28% of emails that are BEC attacks and even reply to 15% of these emails, according to Abnormal Security. With an effective security awareness program, organisations can train employees to recognise and respond appropriately to potential BEC threats. Tailor training content to different roles within the organisation. For instance, employees with financial responsibilities, such as CFOs or accountants, should receive specialised training on recognising fraudulent financial requests. MSPs and MSSPs should train clients to look for the following signs of BEC: High-level executives asking for unusual information Requests instructing employees not to communicate with others Poor grammar, awkward phrasing or date formats that differ from the standard conventions used in their organisation Email domains and ‘Reply To’ addresses that do not match legitimate ones 2. Monitoring and alerting for anomalies Start by establishing a baseline of normal communication behaviour for customers’ employees’ email accounts and financial transactions within the organisation.  Use SaaS security software to set up automated alerting when anomalies are detected Understanding what is typical allows security systems to identify anomalies and compare activities against known indicators of compromise (IOCs), such as a sudden increase in the volume of outgoing emails or unusual attachment types. This information helps them effectively identify and respond to potential BEC threats. Use SaaS security software to set up automated alerting when anomalies are detected. Enterprises can configure these cyber security alerts to notify security teams or IT personnel, ensuring a rapid response to potential BEC attacks. 3. Multi-Factor Authentication (MFA) Implementing MFA helps mitigate the risk of unauthorised access to email accounts, even if credentials are compromised. Some MFA solutions offer adaptive authentication, which adjusts the level of security based on contextual factors. For example, if a user attempts to log in from an unknown location or device, the system requires additional authentication steps, providing adaptive protection against unauthorised access. 4. Incident response and recovery Develop a comprehensive incident response plan outlining roles, responsibilities, communication protocols and the steps to be taken, if a suspected or confirmed BEC attack occurs. Automated remediation tools play a crucial role in isolating and containing BEC threats Automated remediation tools play a crucial role in isolating and containing BEC threats. They automatically deactivate compromised email accounts, block malicious email addresses or enforce temporary restrictions on certain activities to prevent further damage. An ideal recovery plan should outline the steps to restore normal operations, following a BEC incident. These steps include: Restoring data from backups Validating the integrity of systems Implementing additional security measures to mitigate future incidents Protect against business email compromise attacks with SaaS Alerts A robust security tool like SaaS Alerts is essential for businesses to stay one step ahead of malicious actors and boost BEC protection. Here’s how SaaS Alerts helps MSPs better protect their clients: Continuous threat detection capabilities identify anomalous activities like logins from unfamiliar devices or locations, suspicious email forwards and irregular data downloads. Automated remediation triggers predefined responses automatically, such as isolating affected accounts or blocking malicious email addresses. Customised alerting and reporting features allow MSPs to customise their offering based on their client’s specific needs. This flexibility allows them to tailor the tool to each organisation’s unique characteristics and risks.

Siemens Xcelerator: New Siemens software automatically identifies vulnerable production assets

Production facilities are increasingly the target of cyberattacks. Industrial companies are therefore required to identify and close potential vulnerabilities in their systems. To address the need to identify cybersecurity vulnerabilities on the shop floor as quickly as possible, Siemens has launched a new cybersecurity software-as-a-service, that will be showcased for the first time at Hannover Messe 2024. Integrated task management The cloud-based SINEC Security Guard offers automated vulnerability mapping and security management optimised for industrial operators in OT environments. The software can automatically assign known cybersecurity vulnerabilities to the production assets of industrial companies. This allows industrial operators and automation experts who don’t have dedicated cybersecurity expertise to identify cybersecurity risks among their OT assets on the shop floor and receive a risk-based threat analysis. Defined relief measures can also be plotted and chased by the tool’s integrated task control The software then recommends and prioritises mitigation measures. Defined mitigation measures can also be planned and tracked by the tool’s integrated task management. SINEC Security Guard is offered as-a-service (“SaaS”), is hosted by Siemens, and it will be available for purchase in July 2024 on the Siemens Xcelerator Marketplace and on the Siemens Digital Exchange. Increasing protection by reducing manual effort “With SINEC Security Guard customers can focus their resources on the most urgent and relevant vulnerabilities, while having full risk transparency in their factory. It is unique because it takes the specific situation of the customer’s operational environment into consideration while providing a single pane of glass for security-relevant information in the OT area,” says Dirk Didascalou, CTO of Siemens Digital Industries. “When developing the SINEC Security Guard, we drew on our extensive experience with cybersecurity in our own factories.” This can lead to poorly configured plant parts and inadequately given resources Industrial operators are tasked with continuously safeguarding their production assets on the shop floor. They need to analyse vendor security advisories, manually match them to the asset inventory of their factory and prioritise mitigation measures. Because this process is time-consuming and error-prone using the existing tools, factories are running the risk of missing critical vulnerabilities in their assets or producing false positives. This can lead to incorrectly configured plant components and inadequately allocated resources. With the SINEC Security Guard, industrial operators can tackle these challenges without needing in-depth cybersecurity knowledge. Attack detection at scale with Microsoft Sentinel For a comprehensive view of IT and OT cybersecurity, SINEC Security Guard will also offer a connection to Microsoft Sentinel, Microsoft’s Security Information and Event Management (SIEM) solution for proactive threat detection, investigation, and response. Once connected, SINEC Security Guard can send alerts for security events including attacks to Sentinel, enabling a security analyst to incorporate SINEC Security Guard insights and conclusions in investigations and responses with Microsoft Sentinel-powered Security Operations Centres. Once connected, SINEC Security Guard can send alerts for security events including attacks to Sentinel “As information technology and operational technology systems continue to converge, a holistic cybersecurity architecture is key to protecting IT and OT capabilities alike. By combining our domain knowledge, Siemens and Microsoft make it easier for industrial operators to efficiently detect and address cybersecurity threats at scale,” says Ulrich Homann, Corporate Vice President, Cloud + AI at Microsoft. Cloud-based asset management solution SINEC Security Guard also supports the manual upload of existing asset information for asset inventory. Siemens recommends, however, that industrial operators use the Industrial Asset Hub, Siemens’ cloud-based Asset Management solution to enable continuous automated asset inventory management. Functionalities also include signature-based network intrusion and attack detection via the SINEC Security Guard Sensor, an Industrial Edge app, which gives users live information about their industrial network. The SINEC Security Guard Sensor App is available at the Siemens Industrial Edge Marketplace.  The initial release of SINEC Security Guard only supports Siemens OT assets but third-party device support is planned to follow in the future. SINEC Security Guard will expand the existing Siemens software portfolio for OT network security consisting of SINEC Security Inspector and SINEC Security Monitor.

Siemens launches new all-in-one security testing suite for industrial networks

With the evolving convergence of IT and OT networks in industrial manufacturing, cybersecurity concerns have risen likewise. Moreover, legal regulations force industrial companies to enhance cybersecurity in their processes. To address the growing need for industrial cybersecurity solutions, the technology company Siemens has grown its cybersecurity solution portfolio and launched an all-in-one security testing suite for industrial communication networks. The SINEC Security Inspector is a software framework for active one-time scanning that allows individual network devices, network segments or the entire network infrastructure to be scanned during maintenance time windows. It brings together a selection of best-in-class security tools which are integrated into a single user interface. Saving critical time for network inspection Customers can promptly discover risks and potential hazards which puts them in a position “Siemens SINEC Security Inspector brings a unique enhanced testing solution to the shopfloor and enables customers to check their entire IT/OT environment including all individual components,” says Michael Metzler, Vice President of Horizontal Management Cybersecurity for Digital Industries at Siemens. “Customers can promptly discover risks and potential hazards which puts them in a position to swiftly mitigate cyber vulnerabilities. This results in an enormously reduced effort when inspecting industrial networks.” As factories increasingly have different machine providers using vast vendor variety, manufacturers are faced with several challenges in terms of network security in their plants: asset identification and detection, compliance checks, malware scans and vulnerability checks. With SINEC Security Inspector all of these can be addressed. Open framework integrates third-party security tools SINEC Security Inspector has been designed as an open framework. Besides offering security tools developed by Siemens it also contains tools for vulnerability management provided by the cybersecurity company Tenable. Furthermore, more internal and third-party testing tools will successively be added to cover more test cases in the future.  “With industrial companies transforming into digital enterprises, the importance of cybersecurity has grown tremendously in the last years,” Metzler says. “As a reaction, the SINEC Security Inspector was initially developed to scan our own factories for vulnerabilities in networks. After years of testing and improving this tool, it is now just right for protecting any industrial and manufacturing environment.”

Insights & Opinions from thought leaders at Siemens USA

Industry experts reflect on technology and operational impacts of COVID-19 pandemic

Close collaboration with customers has been a hallmark of the physical security industry for decades. And yet, less ability to collaborate face-to-face to discuss customer needs has been a consequence of the COVID-19 pandemic. “True innovation, which comes from close collaboration with customers, is more difficult to achieve remotely,” said Howard Johnson, President and COO, AMAG Technology, adding “Not being able to visit in person has not been helpful. Kurt John, Chief Cyber Security Officer at Siemens USA, adds “We need to plan intentionally with a strategic approach for collaboration and innovation.” Securing New Ground virtual conference Security experts from three manufacturers reflected on the impact of COVID-19 on the physical security industry Security experts from three manufacturers reflected on the impact of COVID-19 on the physical security industry at a ‘View from the Top’ session, during the Securing New Ground virtual conference, sponsored by the Security Industry Association. Their comments covered business practices during the pandemic and the outlook for technology innovation in response. “We had to pivot quickly on business models and create a cross-portfolio team task force to discuss how we can leverage technologies to help customers [during the pandemic],” said John, adding “We are having outcome-based conversations with customers about their businesses and operations, and how we can combine short-term benefits with long-term growth and flexibility.” But some of those conversations are happening from a distance. Results-oriented approach in remote work environment After the pandemic took hold, Siemens shifted rapidly to remote work and embraced other infrastructure changes. “We had to refocus and lead with empathy, flexibility and trust,” said John, adding “We gave our staff flexibility to set their hours and used a results-oriented approach.” There is also a social element missing in the work-from-home model. “Virtual coffee machines do not replace being there in person,” said Pierre Racz, President and CEO, Genetec, adding “Small talk about the weather is important psychological elements.” Positives in using multi-factor identity management He predicts that, in the future, office hours may be reduced, but not floor space, with space needed for in-person collaboration and long-term social distancing. Employees will come to the office to do collaborative work, but can work from home to accomplish individual tasks that may be ‘deferred’ to after-hours, when the kids have been fed. When the pandemic hit, Genetec had resumed 95% of their operations within 36 hours, thanks to their use of multi-factor identity management. They did not suffer from malware and phishing issues. “Multi-factor is really important so that well-engineered phishing campaigns are not successful,” said Pierre Racz. Shift to ‘Zero Trust’ model All three panelists noted a coming skills gap relating both cyber security and systems integration Remote working technologies are shifting to a ‘zero trust’ model, in which access to systems is granted adaptively based on contextual awareness of authorised user patterns based on identity, time, and device posture. For example, an office computer might have more leeway than a home computer and a computer at Starbucks would be even less trusted. The approach increases logical access security while providing users their choice of devices and apps. Skills gap in cyber security and systems integration A growing skills gap has continued throughout the pandemic. “Where we have vacancies, we have struggled to find candidates,” said Howard Johnson. All three panelists noted a coming skills gap relating both cyber security and systems integration. New technologies will clearly require new skills that may currently be rare in the workforce. Cyber security will become even more important with growth in new technologies such as AI, machine learning, 5G and edge computing. A workforce development plan is needed to address the technologies and to enable companies to pivot to new business needs, said John. Adoption of temperature sensing solutions From a technology viewpoint, Johnson has seen attention shift to the reception area and portal, away from touch technologies and embracing temperature sensing as a new element. There have also been new requests for video and audio at the portal point, to create methods of access and egress that do not require security personnel to be present. “Some customers are early adopters, and others are waiting for the market to mature before investing,” Howard Johnson said. “Security companies have been faced with the need to respond rapidly to their customers’ needs during the pandemic, but without seeming like ‘ambulance chasers’,” said Pierre Racz. In the case of Genetec, the company offered new system capabilities, such as a 'contamination report', to existing customers for free. Move to a hybrid and flexible work environment In the new normal, the pendulum will swing back to the middle with more flexibility and a hybrid approach" An immediate impact of the pandemic has been a reduction in required office space, as more employees have worked from home, raising questions about future demand for office space. “The pendulum tends to swing to the extremes,” said Kurt John, adding “In the new normal, the pendulum will swing back to the middle with more flexibility and a hybrid approach.” “Users will be much more careful about letting people into their space, which requires more policies and procedures,” said Lorna Chandler, CEO, Security by Design, who participated in a panel at Securing New Ground about how the pandemic is changing commercial architecture and access control. “Users should also be careful in the rush to secure premises from COVID-19 that they don’t violate HIPAA laws or create other potential liabilities,” adds Chandler. Continuum of mechanical and electromechanical devices Mark Duato, Executive Vice President, Aftermarket, ASSA ABLOY Opening Solutions, said a “Continuum of mechanical and electromechanical devices is needed to protect premises and ensure convenient operation of an access control operation.” “First and foremost, the immediate reaction to the impact of COVID-19 is to rush to educate and invest in technologies to increase the ability to analyse people,” said Duato, who also participated in the access control panel. Shift to touchless, frictionless access control “The move to touchless, frictionless access control “is really a collaboration of people, process and technology,” said Valerie Currin, President and Managing Director, Boon Edam Inc., adding “And all three elements need to come together. Touchless and frictionless have been in our market for decades, and they’re only going to become heightened and grow. We’re seeing our business pivot to serve markets we have not served in the past." More and more data is a feature of new systems, but is only helpful when it is analysed. “We all live in a world of data, or IoT and sensor technology,” said ASSA ABLOY’s Mark Duato, adding “But we don’t want to be crushed by data. Data is only helpful when you can reduce it to functional benefits that will help us innovate. We have to take the time to squeeze the value out of data.”

Balancing the scales: how Open Options acquisition complements new owner ACRE

Open Options, based in Addison, Texas, provides a truly open access control architecture that will strengthen the ACRE portfolio and increase the breadth of solutions offered by the global provider of security systems. The acquisition of Open Options is also an opportunity for ACRE to focus on growth opportunities in North America and “balance the scales a bit,” says Joe Grillo, CEO of ACRE, which significantly grew its reach in Europe, the Middle East and Africa with the acquisition of Siemens Security Products in 2015. “Open Options is also a company that's growing, is profitable and fits seamlessly into our vision for the access control space in which we operate,” says Grillo. Independent operations The strength of Open Options in the Southwest provides significant additional coverage for ACRE in that region of the United States The Open Options brand will continue to operate independently under the ACRE umbrella. Open Options CEO and Founder Steve Fisher will continue in his role as leader of the company, says Grillo. “There is a strong and competent management team in place that will continue to provide leadership going forward.” Open Options’ open-architecture access control solutions will add value to the solutions ACRE already offers under the Vanderbilt brand. In a market that has traditionally been proprietary, the open-platform solution offered by Open Options helps deliver more opportunity to offer customers a full-scale solution based on their needs, says Grillo. In addition, due to its origin as a Texas-based company, the strength of Open Options in the Southwest provides significant additional coverage for ACRE in that region of the United States. Technical and financial resources On the other hand, ACRE provides a greater level of technical and financial resources that Open Options can utilise to help them grow even faster. These resources were not as available to the company if it remained independent, Grillo notes. ACRE’s divestiture of Mercury Security in 2017 facilitated this investment. As discussions began earlier this year, ACRE realised the potential of adding to its access control portfolio in the North American market, says Grillo. Open Options and Mercury have been "partners" for 20 years; Mercury provides hardware panels for Open Options systems. Each company will manage and make decisions about their reseller channels independently “The Mercury brand continues to be a strong one, so we're interested in continuing to nurture that relationship, and in fact we have become a larger and stronger partner to Mercury as ACRE,” says Grillo. “After owning Mercury for a number of years, we had the understanding of the company, the product portfolio and the partner relationships that defined it, so we were confident that the deal would be a positive one for the ACRE brand.” Meeting customer needs “Open Options and Vanderbilt share some customers already and we can leverage that by gaining more share of their business while providing them with a portfolio that will meet a broader set of customer needs,” says Grillo. “Where possible, we can look for synergies in channel partners that are not currently shared to provide access to both brands. This will be a benefit to Open Options, Vanderbilt and our customer base. However, importantly, each company will manage and make decisions about their reseller channels independently.” Are there more acquisitions on the horizon for ACRE? “We're always looking for opportunities that fit into the nature of our business,” says Grillo. “Companies that have growth potential and share similar go-to-market strategies and visions for the future are of particular interest to ACRE. "We're still operating in a highly fragmented market, so we're going to see continued consolidation in both access control and beyond, which means ACRE will be looking for the right opportunities to follow along that path.”

Quick poll
What is the most significant challenge facing smart building security today?