Presenting at NESIOT’s 3rd Annual Conference

Monitoring of Threats Against Civilian & Critical Infrastructure

We are pleased to announce that Revontulet has joined the Norwegian Ecosystem for Secure IT-OT Integration (NESIOT). Our membership in these ecosystems places us among top-level security experts focused on Norway’s digital and industrial sectors. NESIOT is a focus area under the Norwegian Centre for Cybersecurity in Critical Sectors and is led by representatives from Norsk Regnesentral and NTNU.

Yesterday, we participated in and presented at NESIOT's third annual conference.

At the conference, Revontulet founder and CEO Bjørn Ihler presented our work monitoring threats to civilian and critical infrastructure as part of Track 3: IT-OT Case Studies and Real-World Applications.

Ihler explained that our threat intelligence has been effective in detecting and alerting to threats against critical infrastructure posed by terrorist and extremist organizations. He also described how our monitoring has helped prevent major terrorist attacks.

Ihler noted that most attackers continue to use low-cost, high-impact tactics, leading to more physical than cyberattacks in the data to date. However, as cyber capabilities advance and costs decrease, cyber threats may become more significant. Addressing these risks requires a broad security perspective that considers both technical protections and the behavior, objectives, and methods of threat actors. In this context, threat intelligence is essential for informing both preventive and protective measures.

Ihler’s presentation was based on the following abstract, which reflects the conference’s key topics and objectives.

Abstract

In an increasingly complex global threat landscape, we see escalating threats and attacks targeting critical and civilian infrastructure. This directly affects our access to electricity, clean water, transit and logistics networks, oil and gas, and other critical components of a functioning society. In tandem with increasing threats, we see growing safety and security requirements and demands placed on infrastructure providers and industry by government and regulatory bodies. This is part of a broader, more inclusive approach to the role of the civilian sector intended to increase our capacity for defense and resilience in peacetime, crisis, and conflict.

While infrastructure providers and industry face increased requirements and pressure on their security roles, they often operate with significant intelligence blind spots. This makes it challenging to take proactive and adequate measures to defend against attacks. This is not made easier by global government spending cuts, which lead to inadequate data on threats, attacks, and vulnerabilities, nor by law enforcement and national security agencies that often fail to collaborate effectively and share intelligence with the private and civilian sectors.

To fill this gap, we work with the private and civilian sectors to monitor geopolitical risks, threats posed by global terrorist networks, private military companies, and organized crime networks, which at times act as non-state actors and at times on behalf of national governments.

In this presentation, we draw on real-world intelligence data and case studies on threats facing service and infrastructure providers to frame a discussion of the security threats to civilian and critical infrastructure providers and the steps that can be taken to identify and mitigate risks before harm occurs.

We thank NESIOT for a warm welcome, for a thought-provoking conference, and for the opportunity to present to and connect more deeply with the network's members. We hope it will lead to fruitful collaborations and partnerships towards a safer world for us all.