Elisa Costante Senior Director, Industrial and OT Technology Innovation Forescout Technologies Why Nominated: Elisa Costante conducts research on critical
infrastructure and industrial systems and then applies her findings toward the
development of important technology solutions. She recently developed a
specialization in business automation systems, last year revealing five
vulnerabilities in popular BAS devices.Profile: Costante’s nearly 20 years of career research has led
to discoveries on how to use machine and natural language processing to
identify privacy policy issues, basically how to better identify data leakage
and misuse via anomaly detection and behavioral analytics.More recently, Costante has established herself as one
of the leading researchers on operational technology (OT) networks and critical
infrastructure threats. In particular, she has immersed herself in the study of
BAS technology, which allows centralized control of a smart
building’s HVAC, lighting and physical security systems. An attack on such
systems could negatively impact critical functionality or allow hackers access
to sensitive information on the network.
Of the five BAS device flaws recently uncovered by
Costante and her team, one of them can be exploited by attackers to access
the credentials of the device’s legit users, and another can allow adversaries
to gain full control of the device. All of the bugs were reported to their
respective manufacturers and patched appropriately. Additionally, Costante and
her team developed proof-of-concept malware capable of targeting critical HVAC
and physical access systems.Based in the Netherlands, Constante started her research career at
the Eindhoven University of Technology, where she received her PhD. In 2014,
she joined Security Matters, a startup company that designs technology to
protect critical infrastructure networks and devices from cyberattacks. By
2016, she was in charge of all research at the company, and oversaw innovation
teams that looked to turn her findings into new prototypes for products. She
was promoted to CTO last year, before joining Forescout.What
colleagues say: Dr. Costante is one of the very
few people who basically have everything: She is an excellent researcher,
visionary, hacker [and] manager. She has natural leadership and tremendous
people skills. I have been supervising and coaching people for 20 years and I
never found anyone with quite the same powerful combination of skills.Researchers are usually either “visionaries,” who can see the big picture, but have difficulty with the small details, or they are “hackers,” who are good with detail and low-level reasoning, but have a hard time abstracting their work to a broader view. Dr. Costante is an eminent exception to this rule. She is equally at home presenting a vision to C-level people as she is discussing – for hours, if needed – the technical details of an elaborate IoT hack. – Sandro
Etalle, co-founder of Security Matters, and full professor and chair of the
security group at Eindhoven University of Technology
The product, which is now in beta for Rubrik Enterprise Edition and cloud customers, aims to address challenges associated with prolonged business outages during cyberattacks, reducing the traditional recovery timeline from days or weeks to moments.
The announcements focused on integrating core security functions like detection, investigation, and response with advanced risk management for business-critical applications and data.
The new features enable rapid threat detection, investigation, and resolution, helping organizations restore operations more quickly, according to the company.
