Cyber security attacks
This article is an extract from the Summer Edition of MER Magazine published in May 2020. You can read the full article as well as other articles from MER for free by becoming a member of Post & Parcel today.
Cyber security attacks: ensuring maximum uptime and performance of your core operational processes
Fleur Baars, Head of Service Management at Prime Vision writes about getting to grips with operational technology security in an increasingly connected Courier, Express and Parcel World.
“Postal and parcel service providers and leading e-commerce companies handle an increasing amount of operational data and process millions of transactions every day.
Maximum availability of sorter capacity, optimal transportation and increase of customer satisfaction via apps on smartphones where customers can track and redirect parcels in near real time are some of the challenges the CEP market is facing.
In the past operational processes were focussed on the job at hand and as a result, mostly isolated on the premises. Today there is an increasing need for statistics to create new business models and improve operational efficiency so real time interaction between various operational processes is key.
“This requires a new view on the architecture where the current isolated model shifts to an “open”, connected and flexible operational technology environment. This does not only apply between the operational processes but also with the outside world” according to Julian Gonzalez Verbeek Technical Director at Prime Vision.
Because of this, operational systems are increasingly becoming more vulnerable to cyber-attacks and the impact becomes more extensive. Despite a recent decline, security threats like ransomware are still a serious concern due to the use of increasingly sophisticated types of computer viruses. Most attacks show that data/information is encrypted, and technology team members are faced with pop-up windows, essentially stating that payment would be required to regain access. Besides the payment, the time to recover your systems and connections is now on average two weeks or even more.
Protecting the health, use and interaction of your network connections and components, servers, PC’s is therefore crucial. You may think security threats to access your systems and data are coming from outside your organisation but think again. Security vulnerabilities can also come from within your organisation where human error is high on the list of vulnerability threats.
Check and answer some of the following simple questions when it comes to security in your organisation:
- Do you have a (strong) password policy in place?
- Is physical access to the systems protected? (example; how is access to the area is controlled, can your employees use USB sticks, etc.)
- Are “Admin” usernames and passwords in place?
- Are your systems protected from viruses and malware?
- Do you pro-actively monitor and conduct frequent audits for your systems, network connections and components? Any third parties involved?
- Do you have an update management system, are random systems checked regularly?
Those and more questions need to be answered to safeguard your systems and process. Both internal and external threats must be considered in the search for a solution to protect the operational processes. If you are not well protected, you can end up with ransomware that literally turns your screens black in a split second. According to international published cases victims pay anything from ten thousand to millions of Dollars in order to protect and restore their information.
How we support our customers worldwide 24/7
At Prime Vision we have thorough experience in securing the core processes of parcel, mail, courier and express organisations with maintaining fast and correct sortation of items. We understand that the core process is King and according to Gartner Operational Technology, control priority number one is the hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise. We believe that combining people and OT enables maximum uptime and performance of your core operational processes.
We support postal companies and their partners by building, transforming and maintaining (monitoring and hosting) their business infrastructures with maximum performance and availability of core processes. Prime Vision is ISO 9001 and ISO 27001 certified and has extensive experience building, supporting and securing logistic processes for postal companies that process millions of transactions every day.
We help e-commerce parties to be successful and secure
Recently a partner of one of the leading e-commerce companies in the Netherlands approached us. They were looking for a solution to secure their 24/7 operational systems of a new sortation centre in Europe. Based on their requirements we were asked to design their system overview and support them for the coming years on securing their network components, connections, servers and PC’s. This includes update management, monitoring and antivirus and malware protection.
Our aim is to avoid threats impacting operational uptime and performance
At Prime Vision we have thorough experience in securing the core processes of parcel, mail, courier and express organisations with maintaining fast and correct sortation of items. Prime Vision designs, builds and supports postal companies in collaboration with the customer, a solution which meets the OT security requirements for systems, connections and users.
Building and supporting this is more than just technology. The human factor and working with multiple IT companies connected to your environment is also of great importance when it comes to security.
An important part of security is the constant monitoring of systems and users and the recognition of abnormal activity in a system. After all, unexpected activity can be a sign of a security breach and direct analysis/action is required.
As soon as abnormal activity is detected, analysis of the threat is most important before action/measures are taken. After analysis of the situation we often offer our customers, mostly CSO’s of large postal organisations, a couple of scenarios. Based on the system in question and human intervention is also laid down in the procedures. In the event of abnormal activity/behaviour of a system, network component, connection or any event that might be considered as a potential security vulnerability an investigation is started into the cause of the abnormality. At Prime Vision a 24/7 security protocol is in place for our contracted customers.
Although many postal companies worldwide are very well protected for security vulnerabilities, it remains a challenge to keep your OT secure and shift towards the “open”, connected and flexible OT environment. Prime Vision can advise, build and support our customers in their OT security policies and protocol. As a company we aim for maximum uptime and security of core processes 24/7.
About Fleur Baars
Fleur Baars works as Head of Service Management and Account Director at Prime Vision. Fleur’s visionary approach and energy come from an awareness of business trends, also challenging conventions and innovating approaches to enable customers success. By continually evaluating the needs of a business and their customers, she provides creativity to deliver services and solutions, most recently in the highly competitive E-commerce logistics market . Contact Fleur Baars ([email protected]) for more information.