America has seen a lack of leadership, in many areas, from the federal government. The summer has plagued families with record-setting gas prices, there are stores and markets with empty shelves, and news coverage of nothing but war, terror, and wildfires. On July 22nd, as America sat on the shore in the anguish of cyberattacks levied against her and her people, a new ship crest the horizon. Its name, SD02C. The Department of Homeland Security took a major step forward in the name of security for this Country. What did they do? They didn’t add more TSA agents to the airports, nor did they increase the numbers in border patrol. It wasn’t a grand event televised with US leaders. Undoubtedly, very few people are probably aware this even took place. The true beauty of it all is that what DHS did for America isn’t something we can see or feel. The memorandum that was signed on July 22nd was addressed to organizations that own or operate covered pipelines here in the US, outlining a set of standards to be implemented in each organization’s cyber environment. DHS called for implementing Defense in Depth. Now, I’m sure you’re wondering, “Why should I believe that this is a major step forward for security in this country…” Or “These companies need to have email protection, big deal. That doesn’t help keep us secure.”

 

Let me bring you back to 2021. Colonial Pipeline was shut down from a simple ransomware attack. The line running from Texas up the East Coast all the way to New York was forced to stop pumping, halting millions of gallons of fuel for jets and vehicles. Planes couldn’t take off, goods couldn’t be shipped, and you couldn’t fuel your car. Not because the price of gas was so high, but because there literally was no gas to refill the pumps. This incredible event can be attributed to one failure, one company that didn’t have the proper cyber security protection. You could argue that, although inconvenient, that’s not a threat to national security – it’s not a matter of life or death. Let’s consider this hypothetical: what if that pipeline didn’t move fuel for cars and jets, but instead it moved natural gas? Let’s say instead of May, this was January. For the sake of it, there’s a polar vortex moving down the East Coast from Canada. What happens to you now when that natural gas fuel – which is moved through a cover pipeline, can’t get to your home because the company that owns that line is being held for ransomware by cyber criminals? Now, that company’s cyber security, or rather lack thereof, has become a matter of national security. Millions of Americans are left vulnerable, unable to heat their homes, and cook food for their families – they will struggle to meet their basic survival needs.

 

The memorandum put into place outlines a set of separate controls that work in unison. A system where if one control goes down, the others can still function, providing layered protection to preserve the cyber integrity of an organization. The prescribed layered approach to security is nothing new to Dark Rhino, in fact, we have been using the term Defense in Depth with our clients to describe our services for years. Like DHS, we too were able to make a giant step forward recently in the name of security. Only our steps can be measured in the form of dollar bills. Dark Rhino is offering our clients up to a 1 million dollar insured warranty against an incident when the client subscribes to our 100% custom “Defense in Depth” service. We are risking our own money, reputation, and pride to back our clients. Over the course of 5 years, we have vetted, tested, and analyzed hundreds of security technologies and processes. Like a skilled baker who carefully picked the perfect ingredients for his cake, we are eager for the world to have a slice.

 

Written by Rory Meikle

He can be reached at rory@darkrhinosecurity.com

Share This Story, Choose Your Platform!