FULL DISCLOSURE: This is sponsored content for Plurilock.
As the digital transformation of industries accelerates, the vulnerability of critical infrastructure to cyberattacks has become increasingly apparent. Recent incidents have highlighted the urgent need for robust cybersecurity measures to protect essential services from sophisticated threats.
Federated Co-operatives (FCL) has become the latest target of a cybersecurity incident. The company recently announced that it is “experiencing a cybersecurity incident that is impacting some internal and customer-facing systems at local retail Co-ops and cardlock fuel locations.”
As a precaution, FCL has shut down several systems, impacting numerous locations across the Prairies. The incident came to light on Wednesday when some Co-op locations used social media to inform customers of unexpected disruptions.
“We regret that this outage has occurred, and we thank Co-op members and customers for their patience as our teams work to resolve the issue,” FCL said in a statement.
FCL brought in third-party cybersecurity experts to investigate the incident, and while there is no current evidence of customer data being compromised, the company stated that appropriate actions will be taken if the situation changes.
As the incident continues to unfold, several Co-op locations in major regions like Saskatoon and Regina remain affected. Local Co-ops across Saskatchewan began reporting the “unplanned IT outage”.
In a Facebook post on Saturday, FCL confirmed that the incident could still affect the inventory of certain grocery items. However, some cardlock fuel locations had reopened as early as Friday afternoon.
FCL has not provided a specific timeframe for when full services will be restored.
Increasing cyberattacks: water and accounting
This incident at FCL is part of a broader trend of escalating cyberattacks targeting operational technology (OT) in critical infrastructure sectors. According to a report by ABI Research, enterprise spending on OT cybersecurity is expected to grow almost 70% from 2023, reaching $21.6 billion globally by 2028.
“Attacks and regulation are driving spending,” said Michael Amiri, senior analyst at ABI Research, via email. The report indicates that more than half of OT cybersecurity spending will go towards network security and segmentation, which is crucial for maintaining operational continuity in industrial contexts.
In the U.S., the Environmental Protection Agency (EPA) has recently issued an enforcement alert on water system security, outlining the urgent cybersecurity threats to community drinking water systems. Howard Goodman, Technical Director at Skybox Security, emphasized the critical issues with the OT/IT cybersecurity gap.
“The EPA’s recent advisory on cybersecurity threats to water utilities highlights a pressing issue: the operational technology (OT) and information technology (IT) gap. This divide has not only exacerbated vulnerabilities but also expanded the attack surface, complicating the task of achieving comprehensive visibility and control,” Goodman said.
EPA inspections reveal that over 70% of water systems fail to meet the cybersecurity standards mandated by the Safe Drinking Water Act, highlighting the significant scope of the problem.
The Securities and Exchange Commission (SEC) has also extended the scope of internal accounting controls to include companies’ cybersecurity practices. The agency recently announced a settled enforcement action with a public company victimized by a ransomware attack, highlighting the company’s failure to maintain sufficient “cybersecurity-related internal accounting controls.”
This latest action departs from traditional disclosure-related theories and extends internal controls provisions to a company’s IT systems and related cybersecurity policies. This expansion suggests that public companies may face increased scrutiny from the SEC regarding their cyber-related procedures.
Plurilock: Advanced cybersecurity solutions
The FCL cyberattack and the broader trends in cybersecurity spending and regulatory action underscore the urgent need for enhanced cybersecurity measures across critical infrastructure sectors. With increasing connectivity and rising cyber risks, companies must prioritize robust cybersecurity practices to protect their operations and customer data.
Companies like Plurilock Security Inc. (TSXV: PLUR) are at the forefront of providing cutting-edge cybersecurity services, ensuring organizations can operate securely and efficiently. Founded in 2016, the company has revolutionized cybersecurity through groundbreaking academic research that introduced a novel technique for authenticating a person’s identity using behavioral biometrics. This technology continuously confirms identity by observing the motion involved in mouse and keyboard activity, offering significant advantages over traditional biometric technologies.
Today, Plurilock serves as a major North American IT Value-Added Reseller, critical services provider, and cybersecurity solutions vendor. The company supports federal, state, and local governments, as well as top global companies, with its unique expertise and solutions.
Plurilock provides a range of advanced cybersecurity solutions. The Plurilock AI Cloud platform secures users and cloud software without the need for new software deployment, offering flexible single sign-on, granular access controls, and native multi-factor authentication. Plurilock AI DLP ensures comprehensive data loss prevention and cloud security posture management, maintaining control over data access, sharing, and protection against unauthorized activities. Plurilock AI PromptGuard enables safer AI use by acting as a firewall between users and AI platforms, protecting sensitive data during interactions with AI tools. Plurilock AI Complete combines single sign-on, cloud access security broker, and data loss prevention capabilities with real-time identity verification using patented DEFEND™ technology.
Recent contracts underscore Plurilock’s impact in the cybersecurity landscape. The company secured a $900,000 contract to provide edge and network security solutions to a key Canadian government agency, enhancing high-security networks with new capabilities.
In another significant deal, Plurilock signed a US$6.16 million, five-year contract to provide Microsoft Unified services and support, including AI Azure services, to the U.S. Department of the Treasury. Additionally, Plurilock was awarded an US$814,000 three-year contract to deliver cloud security solutions to a major global laboratory data and advisory firm.
Plurilock last traded at $0.30 on the TSX Venture.
FULL DISCLOSURE: Plurilock Security is a client of Canacom Group, the parent company of The Deep Dive. Canacom Group is currently long the equity of Hertz Energy. The author has been compensated to cover Hertz Energy on The Deep Dive, with The Deep Dive having full editorial control. Not a recommendation to buy or sell. We may buy or sell securities in the company at any time. Always do additional research and consult a professional before purchasing a security.
