Using RedSeal for Cybersecurity and Compliance
A recent study by independent industry analysts at TAG Infosphere concluded that the exposure analytics capabilities of the RedSeal platform— specifically, network modeling, attack path analysis, risk prioritization, and compliance management— are well-suited to reduce risk and strengthen the security posture of complex hybrid networks.
Click here to download the full report and schedule a demo today.
Head into a casino, and you should know what you’re getting into — even if you see some success at the beginning of the night, the house always wins. It’s a truism often repeated and rarely questioned but when it comes to cybersecurity, many casino and gaming organizations aren’t coming out ahead.
In this post, we’ll dive into what sets this industry apart, tackle the top cybersecurity issues facing casino and gaming companies, and offer a solid bet to help build better security infrastructure.
Gaming and casino industry companies generate more than $53 billion in revenue each year. While this is a big number, it’s nothing compared to the U.S. banking industry, which reached an estimated $4847.9 billion in 2021. And yet at 1/100 the size of their financial counterparts, casinos now face rapidly-increasing attack volumes.
In 2017, for example, a network-connected fish tank was compromised by attackers and used as the jumping-off point for lateral network movement. In 2020, the Cache Creek Casino Resort in California shut down for three weeks after a cyberattack, and in 2021 six casinos in Oklahoma were hit by ransomware.
So what’s the difference? Why are casinos and gaming companies being targeted when there are bigger fish to fry? Put simply, it’s all about the connected experience. Where banks handle confidential personal information to deliver specific financial functions, casinos collect a broader cross-section of information including credit card and income information, social security numbers, and basic tombstone data to provide the best experience for customers on-site. As a result, there’s a greater variety of data for hackers to access if they manage to breach network perimeters.
Casinos and gaming companies also have a much larger and more diverse attack surface. Where banks perform specific financial functions and have locked down access to these network connections, casinos have a host of Intenet-connected devices designed to enhance the customer experience but may also empower attacks. IoT-enabled fish tanks are one example but gaming businesses also use technologies like always-connected light and temperature sensors, IoT-enabled slot machines, and large-scale WiFi networks to keep customers coming back.
In practice, this combination of connected experience and disparate technologies creates a situation that sees IT teams grow arithmetically while attacks grow geometrically. This creates a challenge: No matter how quickly companies scale up the number of staff on their teams, attackers are ahead.
Not only are malicious actors willing to share data about what works and what doesn’t when it comes to breaching casino cybersecurity, but they’re constantly trying new approaches and techniques to streamline attack efforts. IT teams, meanwhile, don’t have the time or resources to experiment.
When it comes to keeping customer and business data secure, gaming and casino companies face four big issues.
Once attackers have access to casino networks, they’ve got options. They could encrypt data using ransomware and demand payment for release — which they may or may not provide, even if payment is made — or they could quietly exfiltrate customer data and then sell this information online. They could also simply keep quiet and conduct reconnaissance of new systems and technologies being deployed, then use this information to compromise key access points or sell it to the highest bidder.
The result? When it comes to protecting against cyberattacks, businesses are best served by stopping attacks before they happen rather than trying to pick up the pieces after the fact. For networks as complex and interconnected as those of casinos, achieving this goal demands complete visibility.
This starts with an identification of all devices across network architecture, from familiar systems such as servers and storage to staff mobile devices and IoT-connected technologies. By identifying both known and unknown devices, companies can get a picture of what their network actually looks like — rather than what they expect it to be.
RedSeal can help casinos achieve real-time visibility by creating a digital twin of existing networks, both to identify key assets and assess key risks by discovering the impact of network changes. For example, casinos could choose to run a port and protocol simulation to determine the risk of opening or closing specific ports — without actually making these changes on live networks. RedSeal can also help segregate key data storage buckets to mitigate the impact of attacks if systems are compromised.
Attackers are trying to tip the odds in their favor by compromising connected devices and leveraging unknown vulnerabilities. RedSeal can help the house come out ahead by delivering real-time visibility into casino and gaming networks that help IT teams make informed decisions and stay ahead of emerging cybersecurity challenges.
Ready to tip the odds in your favor? Start with RedSeal.
Held from March 14 to 18 in Orlando, Florida, the HIMSS 22 Global Health Conference and Exhibition took aim at some of the biggest opportunities and challenges facing healthcare organizations this year.
While businesses are taking their own paths to post-pandemic operations, both the content of sessions and conversations with attendees revealed three common sources of concern: compliance operations, the Internet of Healthcare Things (IoHT), and patient access portals.
For the past few years, effective healthcare security has been inextricably tied to ransomware risk reduction and remediation. It makes sense: According to Josh Corman, head of the Cybersecurity and Infrastructure Agency (CISA) COVID-19 task force, “Hospitals’ systems were already fragile before the pandemic. Then the ransomware attacks became more varied, more aggressive, and with higher payment demands.” As a result, ransomware has become a top priority for healthcare organizations looking to protect patient data and limit operational impacts.
Conversations with healthcare and IT professionals at HIMSS 22, however, made it clear that what worries organizations is changing. To ensure effective security, responses must evolve as well.
Not surprisingly, many HIMSS attendees expressed concern about evolving government regulations and security mandates.
Attendees spoke to issues around familiar mandates such as the Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standards (PCI DSS)—many were worried about their ability to understand the full scope of software and services on their networks, along with the number and nature of connections across these networks. Mergers and acquisitions (M&A) were also mentioned as potential failure points for compliance. As healthcare markets begin to stabilize, M&A volumes are increasing, in turn, leading to challenges with IT systems integration that could lead to complex and cumbersome overlaps or even more worrisome gaps in security.
When it comes to security mandates, meanwhile, many organizations understand the need for improved policies and procedures to help mitigate risk but struggle to make the shift from theory to action. Consider a recent survey which found that 74 percent of US healthcare organizations still lack comprehensive software supply chain risk management policies, despite directives such as President Biden’s May 2021 executive order on improving national cybersecurity in part through the use of zero trust frameworks, multi-factor authentication policies, and software bill of materials (SBOM) implementation.
The result is a growing concern for healthcare organizations. If regular audits conducted by regulatory bodies identify non-compliance, companies could face fines or sanctions. Consider the failure of a PCI DSS audit. If it’s determined that organizations aren’t effectively safeguarding patients’ financial data, they could lose the ability to process credit cards until the problem is addressed.
IoHT adoption is on the rise. These connected devices, which include everything from patient wearables to hospital beds to lights and sensors, provide a steady stream of actionable information that can help organizations make better decisions and deliver improved care. But more devices mean more potential access points for attackers, in turn putting patient data at risk.
Effectively managing the growing IoHT landscape requires isolation and segmentation—the ability to pinpoint potential device risks and take action before attackers can exploit vulnerabilities. There’s also a growing need to understand the “blast radius” associated with IoHT if attackers are able to compromise a digitally-connected device and move laterally across healthcare networks to access patient, staff, or operational information. From data held for ransom to information exfiltrated and sold to the highest bidder, IoHT networks that lack visibility significantly increase the chance of compromise.
The Internet of Healthcare Things also introduces the challenge of incident detection. As noted by HIPAA Journal, while the average time to detect a healthcare breach has been steadily falling over the past few years, it still takes organizations 132 days on average to discover they’ve been compromised.
Patient access portals are a key component in the “next normal” of healthcare. Along with telehealth initiatives, these portals make it possible for patients to access medical information on-demand, anywhere, and anytime. They also allow medical staff to find key patient data, enter new information, and identify patterns in symptoms or behavior that could help inform a diagnosis.
But these portals also represent a growing security concern: unauthorized access. If the wrong person gains access to patient records, healthcare companies could find themselves exposed to both legal and regulatory risks. In part, this access risk stems from the overlap of legacy and cloud-based technologies. Many organizations still leverage outdated servers or on-premises systems while simultaneously adopting the cloud for new workloads. The result is a patchwork of overlapping and sometimes conflicting access policies, which can frustrate legitimate users and create avenues of compromise for attackers.
While meeting regulatory obligations, managing IoHT devices, and monitoring patient portals all come with unique security concerns, effectively managing all three starts with a common thread: visibility.
If healthcare organizations can’t see what’s happening on their network, they can’t make informed decisions when it comes to improving overall security. Consider IoHT. As the number of connected devices grows, so does the overall attack surface. With more devices on the network, attackers have more potential points of access to exploit, in turn increasing total risk. Complete visibility helps reduce this risk.
By deploying solutions that make it possible to view healthcare networks as a comprehensive, dynamic visualization, it’s possible for companies to validate network and device inventories, ensure critical resources aren’t exposed to public-facing connections, and prioritize detected vulnerabilities based on their network location and potential access risk. Additional tools can then be layered onto existing security frameworks to address specific concerns or eliminate critical vulnerabilities, in turn providing greater control over healthcare networks at scale.
The automation of key tasks—such as regular, internal IT audits—is also critical to improving healthcare security. Given the sheer number of devices and connections across healthcare networks, even experienced IT teams aren’t able to keep pace with changing conditions. Tools capable of automating alert capture and performing rudimentary analysis to determine if alerts are false positives or must be escalated for remediation can significantly reduce complexity while increasing overall security.
Peace of mind for healthcare organizations is hard to come by—and even harder to maintain. Evolving concerns around compliance, IoHT, and patient portals present new challenges that require new approaches to effectively monitor, manage and mitigate risks.
Thankfully, improving visibility offers a common starting point to help solve these security challenges. Armed with improved knowledge of network operations, healthcare companies are better equipped to pinpoint potential threats, take appropriate action, and reduce their total risk.
See what matters most: Get complete network visibility with RedSeal.