A week on from Black Hat 2019 and regular pace has been resumed in the cyber world (fast but not that fast!)
The event this year didn’t disappoint and whether we were putting you through your paces on the wheel of misfortune or chatting to you about protecting F1 cars from cyber attack, we hope you enjoyed it as much as we did.
This year the audience felt more informed and there was a clear consensus on the need for a blended approach to cyber security; including people, processes and technology as a fundamental part of that mix.
There was also the usual hubbub around new and innovative ways to hack technology, which while no doubt interesting, doesn’t necessarily align with how likely these methods are to be used or how vulnerable the technology is to be hacked.
Connected car hacking, for example, has been discussed a lot, but based on our own first-hand experience working with Haas F1 Team, it’s not only the car that needs to be protected. In fact, there is a whole infrastructure which sits behind the car itself to make it secure.
Here’s what Gary Foote, CIO of Haas F1 Team has to say:
“It’s incredibly difficult to separate the significance of an IT system being hacked from the car itself, because they are so interconnected. The on-board and in-garage systems are both required for the car to run, and so a compromise of either would affect the team’s ability to race. Threats come in all shapes and sizes and the critical factor is identifying them early to mitigate the impact. That’s one of the reasons we partner with Nominet, as by monitoring for threats in the ubiquitous DNS layer, we significantly cut the window of compromise. Whether it’s track intelligence or telemetry systems that may have been disrupted due to an attack, if the threat is not identified early enough, a cyber criminal has the potential to bring operations to a standstill – even on race day – and that’s regardless of whether it’s the car itself or the IT system that has been compromised.”
You may also have spotted us on KLAS-TV on 8 News Now talking about how Nominet works with Haas F1 Team:
Above all, as recent history has shown, an attack doesn’t need to be sophisticated to be successful and so getting the basics right is absolutely critical. An often overlooked area is Network Detection and Response. Every company that has a network has a DNS layer, for example, and if it is not looking at this for malware, phishing attempts and data theft, that’s a lost opportunity. Unlike most other parts of the technical infrastructure, DNS is ubiquitous, which not only makes it an effective security layer but one rich with information you may not capture elsewhere.