X

The semiconductor industry relies heavily on silicon wafers, which are also crucial for photovoltaic (PV) applications. However, the cost per unit of power generated by solar cells needs to be reduced to make solar energy competitive with fossil fuels. EMIX's challenge was to optimize their continuous cold crucible casting (4C) process to produce high-purity silicon efficiently. This process involves numerous variables, including cooling methods, pull rates, and electromagnetic fields, which need to be optimized to improve production efficiency and reduce costs.

Given the long development cycle for vehicles, automobile manufacturers must plan their upcoming lines far in advance. With growing emission regulations and the rising cost of gas, full electric and hybrid vehicles are becoming more attractive and growing in market share. At the Fiat Research Center in Orbassano, the focus is on developing electric and hybrid vehicles using lithium and lead-acid batteries as well as supercapacitors. Fiat currently has several light trucks that run on electric drives, and the next application will be an electric version of the Fiat 500, which has been announced for the US market. The challenge lies in combining as many as 100 lithium-ion battery pouch cells into battery packs that generate the 350V needed while providing sufficient cooling and keeping the packs as small and light as possible. The maximum temperature differential among all the cells in a pack must not exceed 5 °C. If the temperature of the pack is too low, it limits the charge you can extract; if it is too high, it risks thermal runaway, leading to electrolyte emission, smoke, or fire.

Anisotropic materials behave differently depending on the direction they are loaded, but current methods of material production offer limited control over anisotropy. This limitation makes it difficult to exploit the advantages of anisotropic materials for product design. Researchers at TNO aimed to develop a procedure for designing manufacturable anisotropic structures using stiffness and topology optimization techniques. They sought to create materials with specific properties, such as twice the stiffness in one planar direction compared to another, and to extend these capabilities to multimaterial structures. The challenge was to optimize the local distribution and orientation of materials at the microlevel and then scale these optimizations to larger devices while maintaining feasible computation times.

One of the challenges of shaped metal deposition (SMD) is that thermal expansion of the molten metal can deform the cladding as it cools, resulting in a final product that is different than what was anticipated. To predict the outcome of a proposed design, it is necessary to either minimize the deformations or alter the design to account for them. This requires solving a time-dependent coupled thermomechanical analysis that predicts residual thermal stresses and deformation, which arise from SMD thermal cycles.

In extreme climates, moisture and temperature changes can damage building foundations. Vahanen Group, a company specializing in building services, analyzes the potential for frost damage in buildings being considered for renovation. Their work is especially vital in cases where renovations are necessary due to existing damage, such as when heating systems and pipes need to be replaced. The challenge is to determine whether certain renovations to foundations or heating systems would require adding external frost insulation, which, if added unnecessarily, would waste valuable money, time, and work.

As more organizations leverage digital technology, processes become more efficient, and the speed of doing business accelerates. However, digitization expands the attack surface, particularly for companies in the supply chain. A southern US-based construction company recognized the growing threats and the need to bolster its defenses. The company had limited visibility with former security solutions and vendors and needed to strengthen its security posture following a cyberattack. The leadership was initially concerned about the cost of new security solutions but changed their stance after frequent reports of increasing attacks in their industry.

Teamworks, a leading athlete engagement platform, faced rising cyberthreats and needed enhanced visibility into its network, servers, and laptops. With software developers connecting from all over the world, the company sought to improve its security posture and position itself for future growth. The company had a secure platform but recognized the need for a more proactive solution to identify gaps within its technology infrastructure. Data exfiltration and malicious access were top concerns, prompting the need for a comprehensive security upgrade.

Data breaches are steadily rising at universities, costing an average of $4.77 million per breach, according to a recent report by the Ponemon Institute and IBM Security. The report also revealed that higher education ranked seventh on the list of 17 industries that face increasing cyberthreats. That’s because hacking into university networks can be quite lucrative for cyber thieves. Universities routinely store a large amount of data, including personal identifiable information (PII) such as social security numbers and financial information that—in the wrong hands—is typically used for identity theft and to open fraudulent accounts. The potential for data breaches kept Charleston Southern University Technical Director Shannon Phillips up at night. There hadn’t been a significant cybersecurity incident at the university, but Phillips knew that threats were mounting throughout higher education. Plus, recent ransomware attacks were increasing in their tri-county area—one target was located right behind the university. For two years, Phillips lobbied to add a security position to his team, which included just himself and two technical staff. However, the university couldn’t compete with the higher-paying firms in the area that attract top security talent. Phillips decided the university needed a managed solution that would alert the team to security threats they could investigate internally—and a partner that could take over and respond to cyberthreats when the situation warranted. Included among its needs were 24x7 security monitoring to assure its environment was always being evaluated for cyberthreats. Given the typically tight budgets in smaller universities, it also needed a solution that wouldn’t require a large financial investment.

Security awareness and compliance are always top of mind in the payment card industry. At least they should be. Unfortunately, too many companies still fail to uphold to the benchmarks of the industry’s data security standard (PCI DSS), which states businesses must “implement a formal security awareness program to make all personnel aware of the importance of cardholder data security,” as well as educating personnel “upon hire and at least annually.” In fact, the percentage of fully compliant firms has sunk in recent years to 28 percent, according to Verizon’s 2020 Payment Security Report. Not only does this mean costly fines for many, but it puts them at greater risk of a data breach, which can lead to consequences that are far worse. For Fullsteam™, a leading software and payments provider with more than 35 companies under its umbrella, security and compliance are an even greater ongoing concern because failure to comply could affect the viability of the FullsteamPay payments platform and its payment processing capabilities. It could suffer reputational damages and rising insurance rates, and hinder its ability to win over new merchants—in effect, many of the same costs incurred by businesses that suffer an actual breach. So, Fullsteam is hardwired in its attention to the cybersecurity landscape and its determination to always meet the payment industry’s regulatory obligations. Security Awareness Needed to Be Fully Effective, Not Simply Check a Box Even with the right mindset and strategic planning, however, Fullsteam faced significant challenges in delivering a security awareness program that could get its ever-growing number of employees from continuous acquisitions up to speed quickly. In the words of Jon Armstrong, Fullsteam’s Director of IT & Security, “Generally speaking, annual security awareness training is completely ineffective because it is never timely, and it is always the same because no one bothers to update it.” What’s more, Fullsteam sought a centralized, highly automated solution that wouldn’t require its IT team to direct countless hours in developing and maintaining the program. Armstrong and his team need to focus on business initiatives that grow the success of the company and are busy enough without having to add security awareness training to their to-do list. It’s unrealistic and ultimately unproductive for them to have to curate and deliver content on a regular basis to ensure it’s up to date and keeps employees focused on cyber hygiene. Ultimately, Armstrong sought to find a provider that would do more than help the company be PCI compliant organization wide. He also wanted to ensure all employees understood that they were expected to be responsible individually and collectively for demonstrating and maintaining proper cybersecurity behavior based on best practices to continually raise Fullsteam’s IT security posture—and that Fullsteam would provide the solution for them to meet those expectations.

Planters Bank faced significant challenges in managing and securing its diverse and distributed network infrastructure. The bank needed to fulfill audit and regulatory compliance requirements, particularly those outlined by the Federal Financial Institution Examination Council (FFIEC) and overseen by the Federal Deposit Insurance Corporation (FDIC). Additionally, the bank's IT team lacked the resources to achieve 24/7 monitoring, which left them vulnerable to potential threats and compliance issues. The existing piecemeal systems were insufficient for comprehensive monitoring, and the bank risked missing dangerous threats due to the lack of visibility and real-time insights.

Despite billions invested annually in cybersecurity products to reduce business threats, data breaches still occur far too often. Since 2014, data breaches reported by CPA firms increased by more than 80 percent, as the cost of outside counsel for litigation can run as high as $300,000. Factoring in additional costs for state and federal monitoring after a breach, firms like Howard have made cybersecurity a high priority. With growth on the horizon, Howard knew it would take on increased cybersecurity risk. Professionals at the firm routinely worked from their own devices, which led to a BYOD culture with more devices to secure. Email communications were particularly risky—to both Howard and the thousands of clients it serves. Howard has an IT team of less than five full-time employees. The firm had logs that recorded security threats, but the limited staff had little time to monitor threats, and staff members were suffering from alert fatigue. Thankfully, no significant threat had occurred at Howard, but the firm knew it was just a matter of time. Howard’s Chief Technology Officer Chris Barnes set out to evaluate the various cybersecurity offerings on the market to strengthen the firm’s security posture. He wanted a solution that provided greater visibility into the firm’s network, along with 24x7 monitoring and the ability to quickly identify and respond to security threats—all without requiring additional in-house IT staff or an astronomical financial investment.

Cyberattacks on local governments are increasing at an alarming rate. In recent years, there have been major attacks on Atlanta and Baltimore, other large metro government agencies, and smaller locales. Atlanta’s recovery stretched out for more than a year to the tune of approximately $7.2 million. These cyberattacks can potentially disrupt critical infrastructure like utilities upon which residents rely. Because utilities are so critical, they are now high-value targets for malware, ransomware, and denial-of-service attacks. And hackers often have a false perception that cities can simply print money to quickly get their vital systems up and running again. As attacks on cities made increasing headlines, one city government in the San Francisco Bay Area knew they needed to fortify its network and systems. As a first step, it joined government-sponsored organizations related to cybersecurity such as the Multi-State Information Sharing and Analysis Center® (MS-ISAC) that releases frequent bulletins on potential zero-day attacks and critical patches. The city shared this and other information with their IT staff, but knew there was more it needed to do.

Seated in northeast Louisiana, the City of Monroe oversees a variety of departments and services with a staff of over 1,000 employees. While the city operations may be large, the IT department only has eight employees. They are also in the cross hairs of threat actors. Schools near Monroe found themselves attacked by ransomware, and phishing is a consistent threat finding its way into the city employees’ email accounts. According to the Verizon Data Breach Investigations Report, social engineering is the top attack vector for local governments, and the public sector was the second most-attacked sector. In Louisiana, the National Guard was called in prior to the 2020 election due to a series of attacks on local governments across the state. Those threats have the IT staff on high alert, and since they are managing multiple solutions, alert fatigue, which could lead to the small team missing a major threat, is also on their minds. While the city prides themselves on a proactive approach to cybersecurity, even hosting a statewide summit, for local governments and municipalities like Monroe, budget is a major barrier when it comes to improving cybersecurity. Technology is expensive, not to mention the staff needed to onboard, maintain, and monitor those solutions. Attracting and retaining talent is difficult, and even when a town or city has the financial means to build a security operations function in-house, scaling staffing levels to achieve round-the-clock coverage remains a challenge. The City of Monroe knew that an external security option, one that could integrate with their solutions while offering expertise, was the best route to improve their security posture and thwart future threats.

Many organizations that were previously analog-only and brick-and-mortar first have found themselves digitizing more and more as technologies and business needs change. This digitization helps the business grow and thrive, but it also widens an attack surface and creates new cyber threats that weren’t previously present. Many organizations in this position find themselves behind the curve when it comes to cybersecurity, IT staffing, and proactive security measures. They are innovating when it comes to their business model, but struggling to stay ahead when it comes securing and expanding their IT environment. Scott Equipment is a perfect example of that kind of organization. The construction equipment company has been providing the best heavy-duty construction equipment, working with world-class manufacturers, and providing equipment servicing since before cyber threats were a common problem. But as Scott Equipment has grown over the decades, so has their digital footprint. Now the company relies just as much on emails, networks, and digital assets as it does bulldozers and cranes. Keeping their networks and IT systems protected is now as critical for their business continuity as their ability to provide great equipment and customer service. But with a lean IT team, the organization has not been able to meet the security demands of a changing business landscape. Five years ago, Scott did not have multi-factor authentication for their Microsoft Office accounts. That oversight resulted in accounts being compromised through phishing attacks. For the small IT team, it was a lot to clean up and a major wake-up call about their cybersecurity and lack of control. They immediately implemented new security measures, including MFA, and started re-prioritizing security efforts. But as that incident lived in their memory, another threat started looming on the horizon: ransomware.

DNI Corp faced several cybersecurity challenges as it expanded its digital marketing solutions. The company needed 24x7 monitoring to ensure round-the-clock protection and sought a security solution that could integrate seamlessly with Microsoft 365. Additionally, the IT team was overwhelmed by alert fatigue and false-positive alerts, which hindered their ability to focus on customer and revenue-generating activities. The increased reliance on online solutions expanded DNI's attack surface, making a robust cybersecurity defense imperative.

Law firms hold and retain large amounts of sensitive client information that cybercriminals would love to get their hands on for exploitation. From corporate finances to business contracts, employment details, intellectual property, and more — critical data is at risk and the number of breaches is only increasing. Professional services firms accounted for 25 percent of all cyber attacks in 2022 according to Aon Insurance.\n\nSheridans specializes in legal services for the media and technology sectors, working with a wide range of commercial organizations from small businesses to household names in addition to market-leading work with media figures and well-known celebrities. Confidential details around earnings, real estate, and family disputes can make or break the reputation of these organizations and individuals, in addition to Sheridans’ reputation.\n\nUp until recently, this information would be stored and retained in on-premises infrastructure and only accessed from within the secure perimeter of the office by authorized staff. However, with the rapid shift to digital systems and an increasing need for on-demand access to data 24x7, a significant amount of information is now being stored and processed in cloud-based technologies and services. As such, law firms now must take serious steps to holistically improve their cybersecurity posture or risk having clients’ data exposed by bad actors.

The challenge facing the infosec team was that, like many security professionals, the volume of alerts generated by their current devices was not only overwhelming, but almost guaranteed that something malicious would slip through unnoticed. The impact to the team was that they were spending the majority of their time analyzing alerts rather than remediating threats in their system and thus were forced into being reactive to attacks once they were well underway. They recognized that they needed an accurate and efficient solution to detect attacks from all vectors and the ability to cut through the noise and generate only high-integrity alerts with zero false positives.

The organization’s greatest challenges were driven by their large network and that they had multiple high-traffic locations with little to no visibility into activity that could be indicative of a stolen credential attack. Essentially, there was no way to distinguish between an employee using their credentials to access a project and a malicious actor using stolen credentials to steal intellectual property. This proved extremely troublesome for the organization because it forced the infosec team to patch their visibility gaps with multiple different products that generated a high volume of alerts with the majority being false positives. Moreover, the team had to spend their resources monitoring the devices and, given there was not enough bandwidth to research every alert that was generated, they were forced to escalate false positives because they did not have enough actionable information to decipher a real threat buried within the noise. The time burden of false positives had a palpable impact on the team’s ability to successfully protect their intellectual property and their bottom line. The infosec team needed a solution that would not only be able to monitor and thwart stolen credential attacks, but also be able to cut through the noise of their network with substantiated, actionable alerts.

The hospital’s existing security controls did not provide enough actionable intelligence or alerts to mitigate current and future attacks. The security team learned of attacks from end users or by seeing ransomware encrypting critical data on their network shares. Responding to this particular attack was very resource intensive as the team was forced to manually quarantine and remediate the individual endpoints and then check the local network shares for encrypted files. The team did not obtain the attack forensic information they needed to quickly analyze the malware and deal with its polymorphic nature. The security team found manual remediation extremely problematic because it required significant time to gather attack information and respond to the infected systems. The incident response approach was resource intensive and reactive, as opposed to a proactive response to an attack. The security team lacked confidence that when they mitigated an attack, it would not reoccur – they did not know if they had truly stopped it.

A major problem the organization had with their cyber security infrastructure was that they had extremely limited visibility into the subnets that contained their most critical data. If these subnets were breached, the team would have significant difficulties detecting the threat inside. Another challenge the organization was facing was the number of alerts that were generated by their other security devices. The alerts generated were not only high in volume, but many times were false positives or unsubstantiated. The impact that the alerts had on the team was that they were unable to conduct the research necessary on these alerts to decipher between substantiated alerts and false positives. Therefore, they could not be confident that if they escalated an alert it would not be a false positive and a waste of resources to investigate. A situation such as this is extremely problematic for any infosec team because it forces them to choose between wasting resources investigating false positives or hoping that their incident response tools will be good enough to remediate an advanced threat that had penetrated their system. Facing this choice, the team was not confident in their security controls to protect their critical intellectual property.

The infosec team saw the ever-changing landscape of threats as the biggest challenge that faced their organization. The threats were everywhere. And with a gap in their ability to detect new strains of attacks, the organization needed a device that was able to catch zero-day and signatureless threats. Additionally, the team found devices that generated a lot of alarms and whistles to be very distracting because of the rate of false positives that were produced – so much so that they were determined to find a solution that generated zero false positives. They didn’t need more alerts, they needed quality alerts.

The organization had been infiltrated by a Chinese hacker group using a man-in-the-middle attack that was able to successfully bypass their prevention systems and exfiltrate critical data. The security organization was instructed to improve their detection capabilities and get more reliable insight into threats that may be using tactics to steal credentials or use social engineering to penetrate the network. They needed a solution that would be able to detect subtle, in-network attacks as well as phishing and advanced threat protection. The biggest challenge this organization was facing was manpower. In addition to the numerous alerts generated by their prevention and other security devices, the infosec team was receiving 45-50 suspicious emails a day. The team was so severely burdened that they were rarely able to go through the backlog and investigate all of the potential threats that they were alerted to.

The acquired organization had basic security but little visibility into any threats that have made their way inside the network. Because of the lack of visibility, the infosec teams lacked confidence that these networks weren’t already compromised in some way. A compromised affiliate network posed a risk to not only that subsidiary, but to the broader enterprise as well. Any in-network malware could potentially spread to the larger organization, and create significant risk to customer confidence, revenue, and their brand reputation. The team needed a reliable way to know if the network was compromised, as well as visibility into the acquired organization’s overall health and risk associated with its end-points. Beyond gaining this initial visibility, they needed a reliable way to detect any new threats inside the network that could occur in the future.

In early 2016, a regional healthcare provider experienced a cyberattack that had the characteristics of Qakbot, an extremely aggressive form of malware popular in 2011. While Qakbot had appeared to be eradicated, it recently resurfaced with new strains and unknown signatures. Known for its polymorphic behavior, Qakbot spreads quickly through a network to steal critical data from its target. The attack started on a few endpoint machines and while the organization’s traditional security measures were able to detect anomalies the information security team could not action the alerts as they were not specific enough. As more alerts surfaced, they became suspicious and deployed cybersecurity devices to gain additional visibility to the legacy domain in their network. Once these devices were in operation, they raised a large number of high-level alerts, revealing a full Qakbot attack that was rapidly spreading through their network. With several new machines becoming infected every few minutes, the team knew they needed to immediately execute an incident response plan, but needed information to remediate. They needed to know where the malware came from, how it was moving laterally through their network, what credentials the malware had compromised, and much more.

The organization was mainly concerned about security threats to their SCADA network. In particular, the infosec team was most concerned about an attack that could work to shut down and lock their ICS systems – putting people in danger and potentially causing serious bodily harm. They did not have the resources (headcount, budget, infrastructure) to deploy and maintain a wide array of prevention tools to protect their network from outside threats. Additionally, ICS devices are not always easily patched or enabled to run antivirus solutions. They needed to know exactly where the weaknesses in their network were so that they could focus their resources on fixing the specific areas that needed attention. Furthermore, the infosec team knew that there were multiple misconfigurations in their network, but had little idea as to where those misconfigurations were or what needed to be done to fix them.

DTX offers security monitoring and vulnerability management services to their customers, where they help these organizations discover what systems are vulnerable to potential breach or attack. With the massive shift to remote work and the growing complexity of their customers’ IT infrastructure, many of their customers are unable to stay up to date and in control of the IT requirements necessary to tackle a significant increase in disclosed vulnerabilities. While DTX also provides some patching support, they were limited to patching only Microsoft Windows systems. They were looking to offer additional support for macOS, Linux, and third-party applications without the traditional increase of complexity.

We manage a base of approximately 700 users consisting of mostly students and about one hundred faculty and staff. We’re a mixed Mac and Windows environment of about 160 machines. An added challenge is that our faculty works all over the world so it’s very important that we’re able to manage machines remotely. The legal education industry relies on an increasing variety of third party software-as-a-service (SaaS) platforms, which means we need to be able to patch both local and cloud-based applications. For years we didn’t have any sort of central patching. We just relied on endpoint devices to pick up updates for Windows OS and software such as Adobe and MS Office. We evaluated SCCM but it was costing the university $30 per endpoint and that cost became painfully prohibitive when passed on to each department. That solution also didn’t enable us to keep third party software patched or allow us to patch offline or off-premise computers, which left our campus infrastructure vulnerable. The unique security challenge in higher education is the tension between being open, allowing academic freedom, and making sure that faculty and students are free to pursue their research and exploration of knowledge, while still keeping them secure. Having a really strong and effective patching system is critical to being secure while preserving the principle of academic freedom.

The City of Edinburg faced significant challenges in managing a hybrid IT environment that included Mac, Linux, and Windows operating systems. The existing solutions, such as WSUS, left gaps in their Linux and Mac environments, making parts of their IT landscape vulnerable. Additionally, the city struggled with maintaining cyber hygiene and security, relying on outdated, on-prem legacy tools to support remote devices. The need for a comprehensive solution to patch and secure all operating systems became critical, especially with employees working remotely and the increased reliance on off-site devices.

AC Transit faced significant challenges in updating software across its expansive network, particularly with legacy applications. The organization also dealt with interdivisional silos, which created inefficiencies and inconsistencies in system patching. The onset of remote work in 2020 further highlighted the need for a more effective and centralized patching solution. AC Transit needed a way to ensure that all systems were patched correctly and that their patching efforts were effective, especially given the diverse geographical locations of their divisions and departments.

Our current infrastructure is predominantly Windows and Linux servers (both physical and virtual), laptops and workstations, with an overall endpoint count around 260. We were using WSUS but became frustrated with the complexity, unreliability, and the lack of confidence that our endpoints were being patched and protected. We were looking for a solution that was easier, gave us the ability to remediate vulnerabilities for remote devices, and allowed us more control and flexibility over custom software policies. Our patching process included regular endpoint updates where we’d gather in a conference room, open up WSUS, reject updates that might disrupt workflow or coding, and push the remaining ones through. Because the update process was so manual, we did endpoint updates on a weekly or quarterly basis. This meant we were pushing hundreds of updates and the volume was too much for our patching solution to handle.