Christian Bücker, macmon secure: "industrial networks are still based on many systems introduced decades ago"
Cybercriminals skillfully exploit global emergencies, such as the COVID-19 pandemic, for illicit purposes and attack companies with high social standing.
The importance of acknowledged access to shared data on private and company devices has been rapidly increasing. In addition to implementing an encrypted and private online network, cloud-based storage has emerged in successful organizations’ welfare.
To overview the matter behind network security and controlled network access, we’ve reached out to the ex-CEO of macmon secure – a network security software – Christian Bücker.
Tell us the story behind macmon secure. What has the journey been like since your launch in 2003?
We are a technology leader for network security, we develop network security software, focussing on Network Access Control. Founded in 2003, macmon secure has grown from strength to strength, becoming the technology leader in the field of Network Access Control. Based in Berlin, our NAC solution is fully engineered in Germany. The company extends its proven protection to all enterprise resources in the cloud in 2021 with its Zero Trust network access strategy and is the only provider of NAC plus SDP with Identity and Access Management from Germany. The products macmon NAC (Network Access Control solution) and macmon SDP (Secure Defined Perimeter) are used worldwide to protect networks and cloud resources from unauthorized access. We enjoy a diverse range of customers throughout all industries, capturing SMBs and medium-sized enterprises through to large international corporations.
Can you introduce us to what you do? What are the main issues you help solve?
macmon´s unique offering: Intelligent & simple for networks and clouds. macmon secure has set itself the objective of network security to companies – regardless of their size and sector – to control and secure their network accesses. Network Access Control has already been praised and offered for many years by various manufacturers – but frankly, most of the projects have unfortunately come to nothing or even failed. The technologies were just not mature, or the approaches were incorrectly selected.
With the product macmon NAC, we want to show that it is possible to ensure the security of network access and that it is also easy to implement. The requirement to cope with a variety of networks itself has a big role to play! Our objective is to ensure support and security without time-consuming changes in the respective environment.
Severe changes, which are accelerating due to mobile working and advancing digitization, the Internet of Things, and the outsourcing of various services to clouds, are reasons why companies have to rethink network security. Now, in addition to securing local networks, the focus is also on resources in the cloud. We, at macmon secure, are following this change, and since 2021, in addition to the proven macmon NAC, we now also offer macmon Software Defined Perimeter (SDP), an architecture that not only secures traditional resources via VPN but also applications in private and public clouds.
At macmon, you emphasize the importance of the Zero-trust principle when it comes to security. Can you tell us more about this approach?
Zero Trust Network Access (ZTNA) is becoming increasingly important in IT. Cybercriminals are becoming more and more sophisticated and are increasingly succeeding in circumventing traditional IT security infrastructures. Because these old, static structures are no longer up to date in the age of digitalization with a huge increase in data traffic from more and more devices and participants. Companies have to rethink and make use of new security concepts that are also effective outside their company network and ensure that IT security remains guaranteed. ZTNA is based on the philosophy that neither a device nor a user should be trusted until it has been authenticated as secure. The change in the workplace, which is accelerating due to mobile working and the advancing digitization, the Internet of Things, and the outsourcing of various services into the cloud, are reasons why ZTNA must be an even more important component of integrated IT security solutions in the future. We have been taking the ZTNA approach into account since 2003 with our proven network access solution, in which macmon Network Access Control (NAC) only allows defined devices access to the network.
With the macmon NAC solution portfolio, the company continues to focus on physical networks; with macmon SDP, it has taken the logical step into clouds. After successful authentication via the macmon SDP agent, the user can access all required resources.
How do you think the recent global events influenced the way people perceive cybersecurity?
A recent Google search for the term cybercrime yields more than 2 million results. These include the subject areas of email or internet fraud, identity fraud (personal data is stolen and misused), theft of financial data (account details, credit cards), theft of company data, and cyber extortion (criminal hackers block IT networks and demand a ransom to unlock them).
In the "Federal Situation Report Cybercrime" of the German Federal Criminal Police Office (BKA), ransomware attacks on public institutions, especially the healthcare sector, are booming. Since Q3 2020, increased attacks on companies and public institutions have been recorded, which are relevant in the fight against the pandemic. Vaccine production, distribution, and the resulting increased relevance of entire supply chains increase the risk of cyberattacks in this area.
The BKAs investigation comes to the following conclusions, among others:
- Cybercriminals quickly adapt to social emergencies such as the Covid-19 pandemic or the Ukraine war and skillfully exploit them for their purposes. They attack institutions and companies with high social standing.
- Crisis shows: Increased cyber security awareness is essential in protecting IT infrastructures and corporate networks. It should therefore be promoted in every company.
- The potential threat posed by cyberattacks remains at a high level. Attacks on actors relevant to crisis management are increasing due to their importance to politics, society, and the economy.
Why do you think sometimes companies are unaware of the risks hiding in their networks?
Cybercrime, compliance requirements, home office as the answer to the COVID-19 crisis, the shortage of skilled workers, digitalization, BYOD, the optimization of business processes, corporate diversification, global manufacturing chains – all these topics are factors that are leading to the increased importance of protecting corporate networks. The valid macmon secure market survey has already shown in 2020 that the use of NAC solutions has not yet been realized in two-thirds of the respondents, although a quarter of all security incidents occurred in the network of the companies surveyed. 962 companies with a total of 1,070 participating persons were surveyed in detail via telephone interview. The focus was on medium-sized companies in Germany with an average of more than 700 end devices in the corporate network. In practice, unfortunately, the attitude of "it won't affect me" still prevails often enough; although there is knowledge about possible risks around cybersecurity, in day-to-day business one then focuses too often on other topics to keep the business running. The macmon channel partners, however, are in continuous dialogue with their customers to raise awareness of the risk potential of their own company. To this end, macmon is developing case studies, whitepapers, and tutorials. Webinars are also a good way to communicate in an industry-specific way.
Many companies have chosen cloud solutions as a way to enhance security. Are there any details that might be overlooked when making the switch?
Until now, companies have mostly used so-called remote access VPNs (virtual private networks) for secure access to their applications hosted in the private cloud - but these are slow, not very user-friendly, and often pose a security risk. Zero Trust Network Access (ZTNA) technology offers a good alternative here. ZTNA solutions are a much more sensible choice for companies that have already moved a large part of their corporate systems to the cloud. Access to virtually all applications available in the cloud can be secured via SSL encryption. Additionally, many remote users connect via secure, trusted networks. Therefore, the focus of cybersecurity teams to protect the integrity of these resources should no longer just be on providing a basic level of security. Much has changed since VPN solutions were first introduced, and organizations are now looking for systems that address these changes in their native architecture. Authentication of users and devices should be application-based, regardless of where the connection is made from. For example, a ZTNA solution can grant whitelisted devices access to the corporate CRM while denying access to other corporate systems such as the ERP. Configuring such gradations in access rights is extremely inconvenient when using remote access VPNs.
As cybersecurity measures are advancing, so do the tactics of threat actors. What types of attacks do you think are going to emerge in the near future?
As more and more industry users expect all internet-connected devices and cloud-based services to be remotely manageable, the cyberattack surface is larger than ever. Until recently, cybercrime focused on a limited number of endpoints. With the awakening of the IIoT, large-scale security needs to be extended to the physical and virtual worlds. Experts agree on the question of how cyberattacks will develop in the next few years. On average, they assume an annual growth rate of 300 percent, some even between 500 and 1,000 percent. Stagnation or a decline is not in sight. Due to the many "smart" devices we are surrounded by, which make our daily lives easier than before, we are also particularly vulnerable to attacks via such devices. Cyberattacks on the Internet of Things (IoT) will increase, especially on the control of production facilities, operational technology (OT), or systems that support autonomous driving, for example.
What measures will become a necessity in combating these threats?
Industrial networks are still based on many systems introduced decades ago – when the risk of smart attacks was still very low. As more and more organizations combine their legacy systems under the assumption of the "Internet of Things" and "machine-to-machine communication," a fundamental change in security strategies on the industrial internet is required. As we continue to unify our cyber and physical systems, vulnerabilities are emerging that did not exist before the Industry 4.0 revolution. IIoT, or the Industrial Internet of Things, creates networks of connected industrial devices that collect, record, and analyze data to give manufacturers better insight into their production processes. Because these devices are connected to machines, IIoT security must ensure that hardware and software remain secure and protected from malicious intent. If connected devices are compromised and the threat actor has access to the communication link, a hacker can then inject malicious data, cause denial of service (DoS), or introduce viruses throughout the network. Without protection, compromised devices can serve as a gateway to skim data, insert foreign code, and even halt production. Preventive network access control solutions ensure that outside entities cannot access company data or compromise the functionality of the machines.
And finally, what’s next for macmon?
macmon secure has been extending its proven and tested security NAC solutions to all company resources in the cloud since 2021 – with his Zero Trust Network Access Strategy. The company is the only provider of NAC plus SDP with Identity Access Management, hosted in Germany. Just recently, the acquisition by Belden Inc. was made public. Going forward, macmon will become part of Belden's Industrial Network Solutions (INS) business, led by Brian Lieser, which is part of Belden's Industrial Automation platform. INS is a global organization headquartered in the German Stuttgart region and includes the leading networking and connectivity brands Hirschmann, ProSoft, OTN Systems, and Lumberg Automation. I will be responsible for managing the business as Business Director for Belden. Our 70-person team will continue to drive the positive development of the company. Belden Inc. also includes Hirschmann, the technology and market leader in industrial networks In the run-up to the acquisition, macmon and Hirschmann had already started a large joint project for an American company. Cybersecurity incidents in industrial control systems originate from several vectors, such as system vulnerabilities, gaps in the network architecture, lack of network segmentation, and non-secure hardware and software configurations. This is where macmon and Belden can offer a strong combination – the network security portfolio including network management coupled with Hirschmann's Industrial Internet of Things (IIOT) expertise. The topic of IT security is also of exponentially growing importance in production.