Still others are reconsidering their flat network architectures.
"Network segmentation is another major component of locking down the environment effectively," says IANS Lead Faculty Dave Shackleford. "Creating effective quarantine zones that only offer specific services and allow very limited communications inbound and outbound can more readily make anomalous traffic stand out."
Unfortunately, traditional tactics like implementing vulnerability scanning techniques may not prove as helpful in detecting systems susceptible to these sophisticated attacks.
"The threat of zero-day exploits is real, and there's no prescribed way to prepare for and prevent them entirely," Shackleford says. "One technique that is getting some attention today is virtualization isolation and encapsulation of endpoints, with vendors like Bromium leading the charge. However, many industrial control systems may not have the proper hardware [primarily chipset], OS level or stability, for that matter, to support this."
In other words, preparing for the post-Shamoon world is no easy feat. It requires a major defense strategy rethink as well as smart reallocation of tactical security resources and investments.
Before embarking on this set of arduous tasks, enterprises must first gauge their overall public profile to determine the likelihood that such an attack will target them. For most organizations today, the answer will be no and they can continue to pursue more traditional defense strategies. But for those that fall into the unlucky 2 percent, now is the time to take the threat seriously and get to work.
Sign up for Computerworld eNewsletters.